ELSA-2015-2131
- ULN >
- Oracle Linux Errata repository >
- ELSA-2015-2131
ELSA-2015-2131 - openldap security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2015-11-23 |
Description
[2.4.40-8]
- NSS does not support string ordering (#1231522)
- implement and correct order of parsing attributes (#1231522)
- add multi_mask and multi_strength to correctly handle sets of attributes (#1231522)
- add new cipher suites and correct AES-GCM attributes (#1245279)
- correct DEFAULT ciphers handling to exclude eNULL cipher suites (#1245279)
[2.4.40-7]
- Merge two MozNSS cipher suite definition patches into one. (#1245279)
- Use what NSS considers default for DEFAULT cipher string. (#1245279)
- Remove unnecesary defaults from ciphers' definitions (#1245279)
[2.4.40-6]
- fix: OpenLDAP shared library destructor triggers memory leaks in NSPR (#1249977)
[2.4.40-5]
- enhancement: support TLS 1.1 and later (#1231522,#1160467)
- fix: openldap ciphersuite parsing code handles masks incorrectly (#1231522)
- fix the patch in commit da1b5c (fix: OpenLDAP crash in NSS shutdown handling) (#1231228)
[2.4.40-4]
- fix: rpm -V complains (#1230263) -- make the previous fix do what was intended
[2.4.40-3]
- fix: rpm -V complains (#1230263)
[2.4.40-2]
- fix: missing frontend database indexing (#1226600)
[2.4.40-1]
- new upstream release (#1147982)
- fix: PIE and RELRO check (#1092562)
- fix: slaptest doesn't convert perlModuleConfig lines (#1184585)
- fix: OpenLDAP crash in NSS shutdown handling (#1158005)
- fix: slapd.service may fail to start if binding to NIC ip (#1198781)
- fix: deadlock during SSL_ForceHandshake when getting connection to replica (#1125152)
- improve check_password (#1174723, #1196243)
- provide an unversioned symlink to check_password.so.1.1 (#1174634)
- add findutils to requires (#1209229)
Related CVEs
| CVE-2015-3276 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | openldap-2.4.40-8.el7.src.rpm | 90b49da413c3b2c4975c440376eaec4d | ELSA-2021-1389 |
| openldap-2.4.40-8.el7.i686.rpm | 2673cc20b38bd2b5a4f8c0118ee78e39 | ELSA-2021-1389 | |
| openldap-2.4.40-8.el7.x86_64.rpm | a4d22112e7f49bc92d2f393c6ed9c6f0 | ELSA-2021-1389 | |
| openldap-clients-2.4.40-8.el7.x86_64.rpm | 4605125a05c1616a4ee37ca247c29fe9 | ELSA-2021-1389 | |
| openldap-devel-2.4.40-8.el7.i686.rpm | 8e09b8eb91660cc76d2c4c381f920fcb | ELSA-2021-1389 | |
| openldap-devel-2.4.40-8.el7.x86_64.rpm | 473742be79899311a1ee6b60c5b24759 | ELSA-2021-1389 | |
| openldap-servers-2.4.40-8.el7.x86_64.rpm | 58aa5af62f248ddf397dc7a8728bfbc1 | ELSA-2021-1389 | |
| openldap-servers-sql-2.4.40-8.el7.x86_64.rpm | 831e90b27c9a74df59bb5eb413f5065e | ELSA-2021-1389 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
