drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ignorieren von Verschlüsselungsoptionen in OpenLDAP
Name: |
Ignorieren von Verschlüsselungsoptionen in OpenLDAP |
|
ID: |
FEDORA-2012-10023 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 16 |
|
Datum: |
Di, 17. Juli 2012, 19:39 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2668 |
|
Applikationen: |
OpenLDAP |
|
Originalnachricht |
Name : openldap Product : Fedora 16 Version : 2.4.26 Release : 8.fc16 URL : http://www.openldap.org/ Summary : LDAP support libraries Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP.
------------------------------------------------------------------------------- - Update Information:
security and bug fix update ------------------------------------------------------------------------------- - ChangeLog:
* Wed Jun 27 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.26-8 - fix: TLS error messages overwriting in tlsm_verify_cert() (#810462) - fix: reading pin from file can make all TLS connections hang (#829317) - CVE-2012-2668: cipher suite selection by name can be ignored (#825875) - fix: default cipher suite is always selected (#828790) - fix: invalid order of TLS shutdown operations (#808464) - CVE-2012-1164: Assertion failure by processing search queries requesting only attributes for particular entry (#802514) * Mon Mar 26 2012 Jan Synáček <jsynacek@redhat.com> 2.4.26-7 - fix: Re-binding to a failed connection can segfault (#784989) * Tue Jan 31 2012 Jan Vcelak <jvcelak@redhat.com> 2.4.26-6 - fix requires of main package to include %{?_isa} - fix: replication (syncrepl) with TLS causes segfault (#783431) - fix: slapd segfaults when PEM certificate is used and key is not set (#772890) * Thu Oct 6 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-5 - rebuild: openldap does not work after libdb rebase (#743824) - regression fix: openldap built without tcp_wrappers (#743213) * Wed Sep 21 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-4 - new feature update: honor priority/weight with ldap_domain2hostlist (#733078) * Mon Sep 12 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-3 - fix: SSL_ForceHandshake function is not thread safe (#701678) - fix: allow unsetting of tls_* syncrepl options (#734187) * Wed Aug 24 2011 Jan Vcelak <jvcelak@redhat.com> 2.4.26-2 - security hardening: library needs partial RELRO support added (#733071) - fix: NSS_Init* functions are not thread safe (#731112) - fix: incorrect behavior of allow/try options of VerifyCert and TLS_REQCERT (#725819) - fix: memleak - free the return of tlsm_find_and_verify_cert_key (#725818) - fix: conversion of constraint overlay settings to cn=config is incorrect (#733067) - fix: DDS overlay tolerance parametr doesn't function and breakes default TTL (#733069) - manpage fix: errors in manual page slapo-unique (#733070) - fix: matching wildcard hostnames in certificate Subject field does not work (#733073) - new feature: honor priority/weight with ldap_domain2hostlist (#733078) - manpage fix: wrong ldap_sync_destroy() prototype in ldap_sync(3) manpage (#717722) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #802514 - CVE-2012-1164 openldap (slapd): Assertion failure by processing search queries requesting only attributes for particular entry https://bugzilla.redhat.com/show_bug.cgi?id=802514 [ 2 ] Bug #825875 - CVE-2012-2668 openldap: does not honor TLSCipherSuite settings https://bugzilla.redhat.com/show_bug.cgi?id=825875 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update openldap' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|