- Issued:
- 2009-01-20
- Updated:
- 2009-01-20
RHBA-2009:0090 - Bug Fix Advisory
Synopsis
openldap bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated OpenLDAP packages that fix various bugs and add two enhancements
are now available.
Description
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools. LDAP is a set of protocols
for accessing directory services (usually phone book style information, but
other information is possible) over the Internet, similar to the way DNS
(Domain Name System) information is propagated over the Internet. The
openldap package contains configuration files, libraries, and documentation
for OpenLDAP.
These updated packages address the following issues:
- the init script now reports a warning if the slapd daemon cannot read a
TLS certificate file.
- the DB-4 database shipped in openldap-servers package was updated with
latest patches to improve stability of BDB and HDB backend.
- all libraries in the openldap-debuginfo package are now unstripped.
- when running as a syncrepl consumer, the OpenLDAP server now respects the
"timelimit" option in the "syncrepl" statement in its configuration file.
- the "modrdn" operation is now correctly propagated from master to
syncrepl consumers.
- the NETWORK_TIMEOUT option can now be used in client configuration files
to specify network timeout. The same network timeout can be also specified
by using the client tools' "-o nettimeout=" command line option.
- the "/etc/sysconfig/ldap" file can now contain the "SLURPD_KRB5CCNAME"
option to specify a KRB5CCNAME environment variable for started slurpd
processes.
- the updated openldap-servers package should no longer dump and restore
the BDB database to /var/lib/ldap/. This action will only be performed when
absolutely necessary (for example, during the update from openldap-2.3 to
openldap-2.4 in a future release of Red Hat Enterprise Linux).
- removing the openldap-devel package no longer breaks openldap libraries.
This update also provides the following enhancements:
- OpenLDAP was rebased to openldap-2.3.43, the latest stable release in the
openldap-2.3 branch.
- OpenLDAP is now packaged with standard overlays, including smbk5pwd. (See
the openldap-overlays-servers package for more information).
All OpenLDAP Users should upgrade to these updated packages, which resolve
these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 246060 - Some debuginfo libraries are stripped
- BZ - 329441 - Please package the smbk5pwd overlay
- BZ - 356401 - slapd aborts on startup when /etc/openldap/ldap.conf contains an invalid TLS_CACERT entry
- BZ - 370411 - RPM for openldap ppolicy overlay module (patch included)
- BZ - 428638 - RFE: provide a way to specify KRB5CCNAME for slurpd + run as non-root
- BZ - 436046 - openldap-servers RPM unnecessarily does dump / restore of database
- BZ - 440693 - slapd when running as a syncrepl consumer uses the search timout from ldap.conf over the one from the syncrepl statement in slapd.conf
- BZ - 442324 - Package openldap overlays
- BZ - 454857 - db-4 in openldap needs new patches
- BZ - 454994 - Rebase to openldap-2.3.43
- BZ - 460307 - Removing openldap-devel breaks sudo command
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
openldap-2.3.43-3.el5.src.rpm | SHA-256: 88c11a69ccd1dec10c1c3dcbb6976fe8c14fb2617f5d7e366883af4912eac279 |
x86_64 | |
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm | SHA-256: f2103d3ec4a65fb761b35d76e301710d690ee3b687e3c3e50d38cb44467266ad |
compat-openldap-2.3.43_2.2.29-3.el5.x86_64.rpm | SHA-256: b036b088e678d8e7fb81be1096858e9f1f38dff05662383daa58354c1b74afff |
openldap-2.3.43-3.el5.i386.rpm | SHA-256: 8af2e314224d1f0cfce3e356d4b0155a84680e2b3036ba5b71f700637080684a |
openldap-2.3.43-3.el5.x86_64.rpm | SHA-256: 7c4ba1250123da92b7e041c044fdfc8d1a73e51ed05481ed8d535cacaa8770cc |
openldap-clients-2.3.43-3.el5.x86_64.rpm | SHA-256: 9718b591d13156fc805dff515b33344dace9b83165fef5f78185a6d76412b708 |
openldap-devel-2.3.43-3.el5.i386.rpm | SHA-256: 9841541b87bd79fe07d047251ed282e2f628e1c5f0e22ed5bb16ea518f0e180c |
openldap-devel-2.3.43-3.el5.x86_64.rpm | SHA-256: 9dd05cb81462613b5c356beabbfd48256d3a8ccd4bae4f19c8fc519dc8cc2355 |
openldap-servers-2.3.43-3.el5.x86_64.rpm | SHA-256: 4c4b0b0453a95f0e48f5091d027fe66aa4ef5a53a5d535b4b79d0e3800a569c2 |
openldap-servers-overlays-2.3.43-3.el5.x86_64.rpm | SHA-256: 7bdfcfd03c849682f812b67c6a9c01177bac2f6d92fe6dcb7c768ab7ef9946c8 |
openldap-servers-sql-2.3.43-3.el5.x86_64.rpm | SHA-256: 85d08ba2f36f18afdccadb8e2918ff2939351cdfef4e22d8fa17f630087bfdce |
ia64 | |
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm | SHA-256: f2103d3ec4a65fb761b35d76e301710d690ee3b687e3c3e50d38cb44467266ad |
compat-openldap-2.3.43_2.2.29-3.el5.ia64.rpm | SHA-256: 136460d7d3b5e4fa2e47872393b57fe0ee1f359a9514916f7595a89af45dc9cb |
openldap-2.3.43-3.el5.i386.rpm | SHA-256: 8af2e314224d1f0cfce3e356d4b0155a84680e2b3036ba5b71f700637080684a |
openldap-2.3.43-3.el5.ia64.rpm | SHA-256: 78c4c07de1a4a27b850545c34fe3d69ede4d861e703b6f2f4261b7aebf6ceb45 |
openldap-clients-2.3.43-3.el5.ia64.rpm | SHA-256: 49e9093c3f7cd0d3323b686b900e6e01ed28bfc5eb2979bf3bc1fb6dc43dcc9a |
openldap-devel-2.3.43-3.el5.ia64.rpm | SHA-256: 3410688cd85bd5f69a73cb79009b7e5eb3a97d99131bc9dbd4dfbd64958fb5d1 |
openldap-servers-2.3.43-3.el5.ia64.rpm | SHA-256: 7cde66cc3a9ae753501069d1b9cb7f2cb9c09137e35d7651b1bb48cc8bf7c789 |
openldap-servers-overlays-2.3.43-3.el5.ia64.rpm | SHA-256: 33bb956ad70abffddb4a6bf2a2b031d9ab62dc8798414f5b5cbf43fb47d94f90 |
openldap-servers-sql-2.3.43-3.el5.ia64.rpm | SHA-256: 0675e363bb7a807d1a2e9898b718717d7f2080be26083a9f7c095c30b55a7bba |
i386 | |
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm | SHA-256: f2103d3ec4a65fb761b35d76e301710d690ee3b687e3c3e50d38cb44467266ad |
openldap-2.3.43-3.el5.i386.rpm | SHA-256: 8af2e314224d1f0cfce3e356d4b0155a84680e2b3036ba5b71f700637080684a |
openldap-clients-2.3.43-3.el5.i386.rpm | SHA-256: 117711c831a0fbf447fbf98f548843f79a6e9f23b099af3cd2221b27faa2eeb1 |
openldap-devel-2.3.43-3.el5.i386.rpm | SHA-256: 9841541b87bd79fe07d047251ed282e2f628e1c5f0e22ed5bb16ea518f0e180c |
openldap-servers-2.3.43-3.el5.i386.rpm | SHA-256: dc240710128ecd02af545582bc137a7f4aec37cce3431879f3d1753f5a5cf8c8 |
openldap-servers-overlays-2.3.43-3.el5.i386.rpm | SHA-256: 9590134acf2ec7e4b9d15ee05c5c7b1524743897ba92dd01204107d400e2b270 |
openldap-servers-sql-2.3.43-3.el5.i386.rpm | SHA-256: f43a1d540fc30b4ed90aa15bf3f47b2ce196bc6491207e45d629c5d8e62fdc5b |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
openldap-2.3.43-3.el5.src.rpm | SHA-256: 88c11a69ccd1dec10c1c3dcbb6976fe8c14fb2617f5d7e366883af4912eac279 |
x86_64 | |
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm | SHA-256: f2103d3ec4a65fb761b35d76e301710d690ee3b687e3c3e50d38cb44467266ad |
compat-openldap-2.3.43_2.2.29-3.el5.x86_64.rpm | SHA-256: b036b088e678d8e7fb81be1096858e9f1f38dff05662383daa58354c1b74afff |
openldap-2.3.43-3.el5.i386.rpm | SHA-256: 8af2e314224d1f0cfce3e356d4b0155a84680e2b3036ba5b71f700637080684a |
openldap-2.3.43-3.el5.x86_64.rpm | SHA-256: 7c4ba1250123da92b7e041c044fdfc8d1a73e51ed05481ed8d535cacaa8770cc |
openldap-clients-2.3.43-3.el5.x86_64.rpm | SHA-256: 9718b591d13156fc805dff515b33344dace9b83165fef5f78185a6d76412b708 |
openldap-devel-2.3.43-3.el5.i386.rpm | SHA-256: 9841541b87bd79fe07d047251ed282e2f628e1c5f0e22ed5bb16ea518f0e180c |
openldap-devel-2.3.43-3.el5.x86_64.rpm | SHA-256: 9dd05cb81462613b5c356beabbfd48256d3a8ccd4bae4f19c8fc519dc8cc2355 |
openldap-servers-2.3.43-3.el5.x86_64.rpm | SHA-256: 4c4b0b0453a95f0e48f5091d027fe66aa4ef5a53a5d535b4b79d0e3800a569c2 |
openldap-servers-overlays-2.3.43-3.el5.x86_64.rpm | SHA-256: 7bdfcfd03c849682f812b67c6a9c01177bac2f6d92fe6dcb7c768ab7ef9946c8 |
openldap-servers-sql-2.3.43-3.el5.x86_64.rpm | SHA-256: 85d08ba2f36f18afdccadb8e2918ff2939351cdfef4e22d8fa17f630087bfdce |
i386 | |
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm | SHA-256: f2103d3ec4a65fb761b35d76e301710d690ee3b687e3c3e50d38cb44467266ad |
openldap-2.3.43-3.el5.i386.rpm | SHA-256: 8af2e314224d1f0cfce3e356d4b0155a84680e2b3036ba5b71f700637080684a |
openldap-clients-2.3.43-3.el5.i386.rpm | SHA-256: 117711c831a0fbf447fbf98f548843f79a6e9f23b099af3cd2221b27faa2eeb1 |
openldap-devel-2.3.43-3.el5.i386.rpm | SHA-256: 9841541b87bd79fe07d047251ed282e2f628e1c5f0e22ed5bb16ea518f0e180c |
openldap-servers-2.3.43-3.el5.i386.rpm | SHA-256: dc240710128ecd02af545582bc137a7f4aec37cce3431879f3d1753f5a5cf8c8 |
openldap-servers-overlays-2.3.43-3.el5.i386.rpm | SHA-256: 9590134acf2ec7e4b9d15ee05c5c7b1524743897ba92dd01204107d400e2b270 |
openldap-servers-sql-2.3.43-3.el5.i386.rpm | SHA-256: f43a1d540fc30b4ed90aa15bf3f47b2ce196bc6491207e45d629c5d8e62fdc5b |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
openldap-2.3.43-3.el5.src.rpm | SHA-256: 88c11a69ccd1dec10c1c3dcbb6976fe8c14fb2617f5d7e366883af4912eac279 |
x86_64 | |
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm | SHA-256: f2103d3ec4a65fb761b35d76e301710d690ee3b687e3c3e50d38cb44467266ad |
compat-openldap-2.3.43_2.2.29-3.el5.x86_64.rpm | SHA-256: b036b088e678d8e7fb81be1096858e9f1f38dff05662383daa58354c1b74afff |
openldap-2.3.43-3.el5.i386.rpm | SHA-256: 8af2e314224d1f0cfce3e356d4b0155a84680e2b3036ba5b71f700637080684a |
openldap-2.3.43-3.el5.x86_64.rpm | SHA-256: 7c4ba1250123da92b7e041c044fdfc8d1a73e51ed05481ed8d535cacaa8770cc |
openldap-clients-2.3.43-3.el5.x86_64.rpm | SHA-256: 9718b591d13156fc805dff515b33344dace9b83165fef5f78185a6d76412b708 |
i386 | |
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm | SHA-256: f2103d3ec4a65fb761b35d76e301710d690ee3b687e3c3e50d38cb44467266ad |
openldap-2.3.43-3.el5.i386.rpm | SHA-256: 8af2e314224d1f0cfce3e356d4b0155a84680e2b3036ba5b71f700637080684a |
openldap-clients-2.3.43-3.el5.i386.rpm | SHA-256: 117711c831a0fbf447fbf98f548843f79a6e9f23b099af3cd2221b27faa2eeb1 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
openldap-2.3.43-3.el5.src.rpm | SHA-256: 88c11a69ccd1dec10c1c3dcbb6976fe8c14fb2617f5d7e366883af4912eac279 |
s390x | |
compat-openldap-2.3.43_2.2.29-3.el5.s390.rpm | SHA-256: 11890ef07fca037124e94c703073dae40f72f542746592b0313d51add36d1e19 |
compat-openldap-2.3.43_2.2.29-3.el5.s390x.rpm | SHA-256: 762b7e7604233959f5349662f5f000c618f7a25cf8c5a11ce47a1fcc0fd08767 |
openldap-2.3.43-3.el5.s390.rpm | SHA-256: 633b6625d8d37154722ec9fa023601bb2cf8526710e72e8af7ec01922646510f |
openldap-2.3.43-3.el5.s390x.rpm | SHA-256: a1a707a42cd9ae1f79ff8fa62c804e93473e4992f995fdbc66f432113e89634f |
openldap-clients-2.3.43-3.el5.s390x.rpm | SHA-256: e7441ce2e8e02db3a8a169e379e55474c8c4dc286ab740337bccb05ccfa98af3 |
openldap-devel-2.3.43-3.el5.s390.rpm | SHA-256: f04628e9efdd4b87ce628244ef120e5e1d43df3ae89aa485a86b7b5aec03aae4 |
openldap-devel-2.3.43-3.el5.s390x.rpm | SHA-256: 7b2f66e71544dd483cd5e529f2188ac5568c56d00c72ef10e44bf2610dbd12a3 |
openldap-servers-2.3.43-3.el5.s390x.rpm | SHA-256: fe085ed59da1a0987a3a04efa9ce626a6245f743ad18eefb7df43a3f711e3414 |
openldap-servers-overlays-2.3.43-3.el5.s390x.rpm | SHA-256: bf993398bfec11a36ee039f4995e206fa16510e5bbecdee823b4cac3e4458bab |
openldap-servers-sql-2.3.43-3.el5.s390x.rpm | SHA-256: 43dc9e147453fc62cbd9f7e95cf836bcc6411d2d6d4a05896d939e23209699d6 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
openldap-2.3.43-3.el5.src.rpm | SHA-256: 88c11a69ccd1dec10c1c3dcbb6976fe8c14fb2617f5d7e366883af4912eac279 |
ppc | |
compat-openldap-2.3.43_2.2.29-3.el5.ppc.rpm | SHA-256: 6b4603bffe46eaef005418b37f5e3765fff824b242ed46b703477bc4d290499f |
compat-openldap-2.3.43_2.2.29-3.el5.ppc64.rpm | SHA-256: 92a0bff072f1a3c2690a0fce11ccba1a4452af8cf601cfade8dd6972fbfe6ebf |
openldap-2.3.43-3.el5.ppc.rpm | SHA-256: dbeea66f22fe740b3244360a2ea2a722c04ddf9f5622a08c4afcfde4c6bc1563 |
openldap-2.3.43-3.el5.ppc64.rpm | SHA-256: 83558f384eec202765a2bdb166bb864f48dcf43d2e91f46b422ed8d44961638e |
openldap-clients-2.3.43-3.el5.ppc.rpm | SHA-256: 034ddaef533c8d6b639c51cb18e442bce23c1d350033f6e297192ab32eddf072 |
openldap-devel-2.3.43-3.el5.ppc.rpm | SHA-256: 2008dfee8352281958174b3b94f947d22788224762ed41ed07a76a8d92891142 |
openldap-devel-2.3.43-3.el5.ppc64.rpm | SHA-256: e18a2c162024345046e8c7afab4c3e9cabdcec985d7262220f73ad20cd4b36c4 |
openldap-servers-2.3.43-3.el5.ppc.rpm | SHA-256: 55d0361c4dc8316dc48a77e4a63fb8f3afa892c84275fc3d9b355c2dab014d61 |
openldap-servers-overlays-2.3.43-3.el5.ppc.rpm | SHA-256: a60493965782ec66f296eabf96f6ceb7910498ce58792c3815627261f773c9ab |
openldap-servers-sql-2.3.43-3.el5.ppc.rpm | SHA-256: 37f2a91d705f17a7759d6a68d4fb11d71b47acfa5f61d56d798b2b6c0af59c6c |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
openldap-2.3.43-3.el5.src.rpm | SHA-256: 88c11a69ccd1dec10c1c3dcbb6976fe8c14fb2617f5d7e366883af4912eac279 |
x86_64 | |
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm | SHA-256: f2103d3ec4a65fb761b35d76e301710d690ee3b687e3c3e50d38cb44467266ad |
compat-openldap-2.3.43_2.2.29-3.el5.x86_64.rpm | SHA-256: b036b088e678d8e7fb81be1096858e9f1f38dff05662383daa58354c1b74afff |
openldap-2.3.43-3.el5.i386.rpm | SHA-256: 8af2e314224d1f0cfce3e356d4b0155a84680e2b3036ba5b71f700637080684a |
openldap-2.3.43-3.el5.x86_64.rpm | SHA-256: 7c4ba1250123da92b7e041c044fdfc8d1a73e51ed05481ed8d535cacaa8770cc |
openldap-clients-2.3.43-3.el5.x86_64.rpm | SHA-256: 9718b591d13156fc805dff515b33344dace9b83165fef5f78185a6d76412b708 |
openldap-devel-2.3.43-3.el5.i386.rpm | SHA-256: 9841541b87bd79fe07d047251ed282e2f628e1c5f0e22ed5bb16ea518f0e180c |
openldap-devel-2.3.43-3.el5.x86_64.rpm | SHA-256: 9dd05cb81462613b5c356beabbfd48256d3a8ccd4bae4f19c8fc519dc8cc2355 |
openldap-servers-2.3.43-3.el5.x86_64.rpm | SHA-256: 4c4b0b0453a95f0e48f5091d027fe66aa4ef5a53a5d535b4b79d0e3800a569c2 |
openldap-servers-overlays-2.3.43-3.el5.x86_64.rpm | SHA-256: 7bdfcfd03c849682f812b67c6a9c01177bac2f6d92fe6dcb7c768ab7ef9946c8 |
openldap-servers-sql-2.3.43-3.el5.x86_64.rpm | SHA-256: 85d08ba2f36f18afdccadb8e2918ff2939351cdfef4e22d8fa17f630087bfdce |
i386 | |
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm | SHA-256: f2103d3ec4a65fb761b35d76e301710d690ee3b687e3c3e50d38cb44467266ad |
openldap-2.3.43-3.el5.i386.rpm | SHA-256: 8af2e314224d1f0cfce3e356d4b0155a84680e2b3036ba5b71f700637080684a |
openldap-clients-2.3.43-3.el5.i386.rpm | SHA-256: 117711c831a0fbf447fbf98f548843f79a6e9f23b099af3cd2221b27faa2eeb1 |
openldap-devel-2.3.43-3.el5.i386.rpm | SHA-256: 9841541b87bd79fe07d047251ed282e2f628e1c5f0e22ed5bb16ea518f0e180c |
openldap-servers-2.3.43-3.el5.i386.rpm | SHA-256: dc240710128ecd02af545582bc137a7f4aec37cce3431879f3d1753f5a5cf8c8 |
openldap-servers-overlays-2.3.43-3.el5.i386.rpm | SHA-256: 9590134acf2ec7e4b9d15ee05c5c7b1524743897ba92dd01204107d400e2b270 |
openldap-servers-sql-2.3.43-3.el5.i386.rpm | SHA-256: f43a1d540fc30b4ed90aa15bf3f47b2ce196bc6491207e45d629c5d8e62fdc5b |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.