OVMSA-2015-0123 - openldap security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2015-09-29 |
Description
[2.4.40-6]
- CVE-2015-6908 openldap: ber_get_next denial of service vulnerability (#1263171)
[2.4.40-5]
- fix: nslcd segfaults due to incorrect mutex initialization (#1144294)
[2.4.40-4]
- fix: Updating openldap deletes database if slapd.conf is used (#1193519)
[2.4.40-3]
- fix: ppc64: slaptest segfault in openldap-2.4.40 (#1202696)
[2.4.40-2]
- fix: bring back accidentaly removed patch (#1147983)
[2.4.40-1]
- rebase to 2.4.40 (#1147983)
[2.4.39-11]
- fix: make /etc/openldap/check_password.conf readable by ldap (#1155390)
[2.4.39-10]
- revert previous patch (#1172296)
- fix: crash in ldap_domain2hostlist when processing SRV record (#1164369)
- support TLS 1.1 and later (#1160467)
- enhancement: add ppolicy-check-password (#1155390)
[2.4.39-9]
- fix: prevent freed memory reuse (#1172296)
[2.4.39-8]
- fix: provide a shim libldif.so (#1110382)
[2.4.39-7]
- fix: remove correct tmp file when generating server cert (#1102083)
[2.4.39-6]
- remove unapplied patches
[2.4.39-5]
- fix: TLS_REQCERT documentation in client manpage (#1027796)
[2.4.39-4]
- review %configure and remove nonexistent options
[2.4.39-3]
- add another missing patch forgotten during the rebase
- fix: enable dynamic linking - unresolved symbols in the smbk5pwd module
[2.4.39-2]
- add missing patches that were removed by mistake during the rebase
[2.4.39-1]
- rebase to 2.4.39 (#923680)
+ drop a lot of upstreamed patches, backport the rest
+ compile in mdb
+ remove automatic slapd.conf -> slapd-config conversion
[2.4.23-35]
- fix: segfault on certain queries with rwm overlay (#1003038)
[2.4.23-34]
- fix: deadlock during SSL_ForceHandshake (#996373)
+ revert nss-handshake-threadsafe.patch
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.3 (x86_64) | openldap-2.4.40-6.el6_7.src.rpm | 3d0eae28a5c560c13d06e4809c31c9a324a56f59c9fb199f579270ad9136fc6e | OVMBA-2018-0141 | ovm3_x86_64_3.3_patch |
| openldap-2.4.40-6.el6_7.x86_64.rpm | a45a90ac7faa259e53f6a4ca78134ec37e822a98936d35f1cc49290bdbd6902e | OVMBA-2018-0141 | ovm3_x86_64_3.3_patch |
| openldap-clients-2.4.40-6.el6_7.x86_64.rpm | 9804feccba14a1db7d5e3950e22e2e0bea6d5abc6f676adfad2b7ecfaa44472d | OVMBA-2018-0141 | ovm3_x86_64_3.3_patch |
|
| Oracle VM 3.4 (x86_64) | openldap-2.4.40-6.el6_7.src.rpm | 3d0eae28a5c560c13d06e4809c31c9a324a56f59c9fb199f579270ad9136fc6e | OVMBA-2018-0141 | ovm34_x86_64_latest |
| openldap-2.4.40-6.el6_7.x86_64.rpm | a45a90ac7faa259e53f6a4ca78134ec37e822a98936d35f1cc49290bdbd6902e | OVMBA-2018-0141 | ovm34_x86_64_latest |
| openldap-clients-2.4.40-6.el6_7.x86_64.rpm | 9804feccba14a1db7d5e3950e22e2e0bea6d5abc6f676adfad2b7ecfaa44472d | OVMBA-2018-0141 | ovm34_x86_64_latest |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
