Bug Fix Advisory nss_ldap bug fix update

Advisory: RHBA-2008:0273-3
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2008-05-09
Last updated on: 2008-05-09
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
OVAL: N/A

Details

An updated nss_ldap package that fixes a bug is now available for Red Hat
Enterprise Linux 3.

The nss_ldap package contains the nss_ldap and pam_ldap modules. The
nss_ldap module is a plug-in which allows applications to retrieve
information about users and groups from a directory server. The pam_ldap
module allows PAM-aware applications to use a directory server to verify
user passwords.

When the nss_ldap plug-in attempted to format the list of a group's members
for an application, it did not correctly detect when the space provided to
store that list was insufficient. For large groups, this resulted in a
corrupt heap, which typically resulted in the calling application crashing,
or a segmentation fault.

Users of nss_ldap are advised to upgrade to this updated package, which
resolves this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Desktop (v. 3)
SRPMS:
nss_ldap-207-21.src.rpm     e047f97c73b5c3eca4e87d06dbda9db1
 
IA-32:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
 
x86_64:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
nss_ldap-207-21.x86_64.rpm     5cfd4c06a52922dbb49c123370f13b76
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
nss_ldap-207-21.src.rpm     e047f97c73b5c3eca4e87d06dbda9db1
 
IA-32:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
 
IA-64:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
nss_ldap-207-21.ia64.rpm     31352d12819ab37ebbeebba5f722fb68
 
PPC:
nss_ldap-207-21.ppc.rpm     c78cb4ffaf7a4caade3653e9d9acafa4
nss_ldap-207-21.ppc64.rpm     bac42adb5a87881a99045acb1c521f92
 
s390:
nss_ldap-207-21.s390.rpm     878ac47aee47b8a07b170e42c8046364
 
s390x:
nss_ldap-207-21.s390.rpm     878ac47aee47b8a07b170e42c8046364
nss_ldap-207-21.s390x.rpm     459b02e26ce56c4867146c3b1e333dea
 
x86_64:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
nss_ldap-207-21.x86_64.rpm     5cfd4c06a52922dbb49c123370f13b76
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
nss_ldap-207-21.src.rpm     e047f97c73b5c3eca4e87d06dbda9db1
 
IA-32:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
 
IA-64:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
nss_ldap-207-21.ia64.rpm     31352d12819ab37ebbeebba5f722fb68
 
x86_64:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
nss_ldap-207-21.x86_64.rpm     5cfd4c06a52922dbb49c123370f13b76
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
nss_ldap-207-21.src.rpm     e047f97c73b5c3eca4e87d06dbda9db1
 
IA-32:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
 
IA-64:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
nss_ldap-207-21.ia64.rpm     31352d12819ab37ebbeebba5f722fb68
 
x86_64:
nss_ldap-207-21.i386.rpm     1e576e5e3d46411b6a0efb8c4c541f8a
nss_ldap-207-21.x86_64.rpm     5cfd4c06a52922dbb49c123370f13b76
 
(The unlinked packages above are only available from the Red Hat Network)

Keywords

group, nss_ldap, resolution

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/