OVMSA-2015-0123 - openldap security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2015-09-29 |
Description
[2.4.40-6]
- CVE-2015-6908 openldap: ber_get_next denial of service vulnerability (#1263171)
[2.4.40-5]
- fix: nslcd segfaults due to incorrect mutex initialization (#1144294)
[2.4.40-4]
- fix: Updating openldap deletes database if slapd.conf is used (#1193519)
[2.4.40-3]
- fix: ppc64: slaptest segfault in openldap-2.4.40 (#1202696)
[2.4.40-2]
- fix: bring back accidentaly removed patch (#1147983)
[2.4.40-1]
- rebase to 2.4.40 (#1147983)
[2.4.39-11]
- fix: make /etc/openldap/check_password.conf readable by ldap (#1155390)
[2.4.39-10]
- revert previous patch (#1172296)
- fix: crash in ldap_domain2hostlist when processing SRV record (#1164369)
- support TLS 1.1 and later (#1160467)
- enhancement: add ppolicy-check-password (#1155390)
[2.4.39-9]
- fix: prevent freed memory reuse (#1172296)
[2.4.39-8]
- fix: provide a shim libldif.so (#1110382)
[2.4.39-7]
- fix: remove correct tmp file when generating server cert (#1102083)
[2.4.39-6]
- remove unapplied patches
[2.4.39-5]
- fix: TLS_REQCERT documentation in client manpage (#1027796)
[2.4.39-4]
- review %configure and remove nonexistent options
[2.4.39-3]
- add another missing patch forgotten during the rebase
- fix: enable dynamic linking - unresolved symbols in the smbk5pwd module
[2.4.39-2]
- add missing patches that were removed by mistake during the rebase
[2.4.39-1]
- rebase to 2.4.39 (#923680)
+ drop a lot of upstreamed patches, backport the rest
+ compile in mdb
+ remove automatic slapd.conf -> slapd-config conversion
[2.4.23-35]
- fix: segfault on certain queries with rwm overlay (#1003038)
[2.4.23-34]
- fix: deadlock during SSL_ForceHandshake (#996373)
+ revert nss-handshake-threadsafe.patch
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3.3 (x86_64) | openldap-2.4.40-6.el6_7.src.rpm | 9f7b1cab56f92694c0802130cc487f80 | OVMBA-2018-0141 |
| openldap-2.4.40-6.el6_7.x86_64.rpm | e75a5fe8d5af4189d2a63b9b2366e960 | OVMBA-2018-0141 |
| openldap-clients-2.4.40-6.el6_7.x86_64.rpm | 7875d89b8f541f960587e610b941c1f6 | OVMBA-2018-0141 |
|
| Oracle VM 3.4 (x86_64) | openldap-2.4.40-6.el6_7.src.rpm | 9f7b1cab56f92694c0802130cc487f80 | OVMBA-2018-0141 |
| openldap-2.4.40-6.el6_7.x86_64.rpm | e75a5fe8d5af4189d2a63b9b2366e960 | OVMBA-2018-0141 |
| openldap-clients-2.4.40-6.el6_7.x86_64.rpm | 7875d89b8f541f960587e610b941c1f6 | OVMBA-2018-0141 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
