Skip to navigation

Bug Fix Advisory openldap bug fix and enhancement update

Advisory: RHBA-2009:0090-3
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2009-01-20
Last updated on: 2009-01-20
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

Updated OpenLDAP packages that fix various bugs and add two enhancements
are now available.

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools. LDAP is a set of protocols
for accessing directory services (usually phone book style information, but
other information is possible) over the Internet, similar to the way DNS
(Domain Name System) information is propagated over the Internet. The
openldap package contains configuration files, libraries, and documentation
for OpenLDAP.

These updated packages address the following issues:

* the init script now reports a warning if the slapd daemon cannot read a
TLS certificate file.

* the DB-4 database shipped in openldap-servers package was updated with
latest patches to improve stability of BDB and HDB backend.

* all libraries in the openldap-debuginfo package are now unstripped.

* when running as a syncrepl consumer, the OpenLDAP server now respects the
"timelimit" option in the "syncrepl" statement in its configuration file.

* the "modrdn" operation is now correctly propagated from master to
syncrepl consumers.

* the NETWORK_TIMEOUT option can now be used in client configuration files
to specify network timeout. The same network timeout can be also specified
by using the client tools' "-o nettimeout=" command line option.

* the "/etc/sysconfig/ldap" file can now contain the "SLURPD_KRB5CCNAME"
option to specify a KRB5CCNAME environment variable for started slurpd
processes.

* the updated openldap-servers package should no longer dump and restore
the BDB database to /var/lib/ldap/. This action will only be performed when
absolutely necessary (for example, during the update from openldap-2.3 to
openldap-2.4 in a future release of Red Hat Enterprise Linux).

* removing the openldap-devel package no longer breaks openldap libraries.

This update also provides the following enhancements:

* OpenLDAP was rebased to openldap-2.3.43, the latest stable release in the
openldap-2.3 branch.

* OpenLDAP is now packaged with standard overlays, including smbk5pwd. (See
the openldap-overlays-servers package for more information).

All OpenLDAP Users should upgrade to these updated packages, which resolve
these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
openldap-2.3.43-3.el5.src.rpm
File outdated by:  RHSA-2014:0206
    MD5: ceaf5496e6720ebf7044e4696eff07a4
 
IA-32:
openldap-devel-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 161bc1cc885d12fef597ba3d0adc3c32
openldap-servers-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: feb566a6ec277af81aba47ae7ec85c08
openldap-servers-overlays-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 1670ac9cacc3882289744f794c3a6d26
openldap-servers-sql-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 2bb671cf408c99fb9ed4ce064278a517
 
x86_64:
openldap-devel-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 161bc1cc885d12fef597ba3d0adc3c32
openldap-devel-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 5b61528fbdae6741478b5d45db514cdc
openldap-servers-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 578680c2217d0962811400a7783a0013
openldap-servers-overlays-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 7b87a301e6c7bd307f197ee3f039d0cc
openldap-servers-sql-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 4904239219984e9b4b209a2ef8aa2376
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
openldap-2.3.43-3.el5.src.rpm
File outdated by:  RHSA-2014:0206
    MD5: ceaf5496e6720ebf7044e4696eff07a4
 
IA-32:
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 30ea689e33aaf004906d6d7946a19263
openldap-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 34eb671734459c78fc44f1b26a69150b
openldap-clients-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 9c63339f8d3f83031f85b0553d1db641
openldap-devel-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 161bc1cc885d12fef597ba3d0adc3c32
openldap-servers-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: feb566a6ec277af81aba47ae7ec85c08
openldap-servers-overlays-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 1670ac9cacc3882289744f794c3a6d26
openldap-servers-sql-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 2bb671cf408c99fb9ed4ce064278a517
 
IA-64:
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 30ea689e33aaf004906d6d7946a19263
compat-openldap-2.3.43_2.2.29-3.el5.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 1faafe5ff53cc2b94d2b297c69457679
openldap-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 34eb671734459c78fc44f1b26a69150b
openldap-2.3.43-3.el5.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 0938dc3523dc4325d79a0a8007463128
openldap-clients-2.3.43-3.el5.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: dfda6c5bd664e1a1b4fb6a1d56a3267d
openldap-devel-2.3.43-3.el5.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: fa9b011f8fa165aeb77ad2ba96bce214
openldap-servers-2.3.43-3.el5.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 7b1196a9ca001fe5a669af34ebb02d45
openldap-servers-overlays-2.3.43-3.el5.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 9b149145a271aa2f78f46dbb89fe90fb
openldap-servers-sql-2.3.43-3.el5.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 38c4582476099bdb5f2ef267c9064eab
 
PPC:
compat-openldap-2.3.43_2.2.29-3.el5.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: 37dd512717f73dd80912186b8fc158bd
compat-openldap-2.3.43_2.2.29-3.el5.ppc64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 71edd534def66e85bd2424f49868d48f
openldap-2.3.43-3.el5.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: 1fc276ab6001782384532a08fb684ef6
openldap-2.3.43-3.el5.ppc64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 1ba7fba6c34be2b0a397b4718cb6020a
openldap-clients-2.3.43-3.el5.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: 5b345734488a18f45c3efbd31dc4cedb
openldap-devel-2.3.43-3.el5.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: ce56d8c91a0112ac198ed134a87e9c16
openldap-devel-2.3.43-3.el5.ppc64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 043693c0937f7d72ae7fc844aa755bb6
openldap-servers-2.3.43-3.el5.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6ad7ba66f777b865d3fe7ad8398e4c76
openldap-servers-overlays-2.3.43-3.el5.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: b0b183ededdc77e4219d98953cd8ea9b
openldap-servers-sql-2.3.43-3.el5.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: a8fe685220ee5ccbd0aaed8b98f17fb9
 
s390x:
compat-openldap-2.3.43_2.2.29-3.el5.s390.rpm
File outdated by:  RHSA-2014:0206
    MD5: 90064f3462ffa4344da0b8d6bae22c72
compat-openldap-2.3.43_2.2.29-3.el5.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: 91b0c96b3852436d62416431b377622b
openldap-2.3.43-3.el5.s390.rpm
File outdated by:  RHSA-2014:0206
    MD5: db995bb3894fa524b6e82dcf04d7e5fb
openldap-2.3.43-3.el5.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: 5494f59c2dc76cdad5ad41bb281059c5
openldap-clients-2.3.43-3.el5.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: f2d061dfb904fb3fe605472240a33a5b
openldap-devel-2.3.43-3.el5.s390.rpm
File outdated by:  RHSA-2014:0206
    MD5: c4238a0cb7779a2884320bd311f4834d
openldap-devel-2.3.43-3.el5.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: 81d329c93e5d66fecf223060042d6c40
openldap-servers-2.3.43-3.el5.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: 93facef8534d5c68de4540d1460248fe
openldap-servers-overlays-2.3.43-3.el5.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: 929f5213e2cf231b480c0c758a780801
openldap-servers-sql-2.3.43-3.el5.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: 186b5bba944b2c754f7805876b48c333
 
x86_64:
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 30ea689e33aaf004906d6d7946a19263
compat-openldap-2.3.43_2.2.29-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: bd9756e256aba3635a0380aaa98bd653
openldap-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 34eb671734459c78fc44f1b26a69150b
openldap-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: b54b2c53c7042c53749ce6cecfbf268a
openldap-clients-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 64ccac8ec7b41bdf5927bd2121370939
openldap-devel-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 161bc1cc885d12fef597ba3d0adc3c32
openldap-devel-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 5b61528fbdae6741478b5d45db514cdc
openldap-servers-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 578680c2217d0962811400a7783a0013
openldap-servers-overlays-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 7b87a301e6c7bd307f197ee3f039d0cc
openldap-servers-sql-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 4904239219984e9b4b209a2ef8aa2376
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
openldap-2.3.43-3.el5.src.rpm
File outdated by:  RHSA-2014:0206
    MD5: ceaf5496e6720ebf7044e4696eff07a4
 
IA-32:
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 30ea689e33aaf004906d6d7946a19263
openldap-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 34eb671734459c78fc44f1b26a69150b
openldap-clients-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 9c63339f8d3f83031f85b0553d1db641
 
x86_64:
compat-openldap-2.3.43_2.2.29-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 30ea689e33aaf004906d6d7946a19263
compat-openldap-2.3.43_2.2.29-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: bd9756e256aba3635a0380aaa98bd653
openldap-2.3.43-3.el5.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 34eb671734459c78fc44f1b26a69150b
openldap-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: b54b2c53c7042c53749ce6cecfbf268a
openldap-clients-2.3.43-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 64ccac8ec7b41bdf5927bd2121370939
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

246060 - Some debuginfo libraries are stripped
329441 - Please package the smbk5pwd overlay
356401 - slapd aborts on startup when /etc/openldap/ldap.conf contains an invalid TLS_CACERT entry
370411 - RPM for openldap ppolicy overlay module (patch included)
428638 - RFE: provide a way to specify KRB5CCNAME for slurpd + run as non-root
436046 - openldap-servers RPM unnecessarily does dump / restore of database
440693 - slapd when running as a syncrepl consumer uses the search timout from ldap.conf over the one from the syncrepl statement in slapd.conf
442324 - Package openldap overlays
454857 - db-4 in openldap needs new patches
454994 - Rebase to openldap-2.3.43
460307 - Removing openldap-devel breaks sudo command


Keywords

ldap, openldap


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/