- Issued:
- 2012-04-23
- Updated:
- 2012-04-23
RHBA-2012:0510 - Bug Fix Advisory
Synopsis
redhat-ds-base bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated redhat-ds-base packages that fix three bugs and add two enhancements is
now available for Red Hat Directory Server 8.
Description
Red Hat Directory Server is an LDAPv3-compliant directory server. The
redhat-ds-base packages include the LDAP server and command line utilities for
server administration.
This update fixes the following bugs:
- Prior to this update, the cos cache could become corrupted under load. As a
consequence, passwd policies defined by the subtree could fail to work. This
update modifies the update so that the cos cache no longer becomes corrupted and
passwd policies now persist. (BZ#787743)
- Prior to this update, search results were freed twice if a simple paged
results request was accidentally disconnected due a conflict between threads.
This update modifies the underlying code so that results are now only once
freed. (BZ#797946)
- Prior to this update, fractional replication could, under certain
circumstances, remove the "_all_ mods" function in an "add" or "modify"
operation. As a consequence, the mozldap Software Development Kit returned the
error "err=89 LDAP_PARAM_ERROR". This update excludes "add" or "modify"
operations that contain no data. fractional replication no longer removes "_all_
mods". (BZ#800173)
This update also adds the following enhancements:
- Prior to this update, the ACL cache size was set by default. As a consequence,
a significant performance degradation could occur if the cache was overflown.
This update allows to configure the ACL cache size using the configuration
parameter "nsslapd-pluginarg-aclpb-max-selected-acls" in the ACL plugin
configuration file entry "cn=ACL Plugin,cn=plugins,cn=config". (BZ#782414)
- Prior to this update, replication dropped unhashed passwords which were needed
for for Active Directory (AD) password synchronization. As a result, the
clear-password was logged only in the changelog of the master server on which
the "add" or "modify" operation was executed, but not in the changelog of the
replicated server. This update introduces a method to encrypt logs in the
changelog and allows for replicated passwords. (BZ#804828)
All users of Red Hat Directory Server 8 are advised to upgrade to this updated
package, which fixes these bugs.
Solution
Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Directory Server 8 x86_64
- Red Hat Directory Server 8 i386
Fixes
(none)CVEs
(none)
References
(none)
Red Hat Directory Server 8
SRPM | |
---|---|
redhat-ds-base-8.2.9-3.el5dsrv.src.rpm | SHA-256: 8178fd9510d60704e07af96815b18b1f50deafaee41451d721eac59477e9bc31 |
x86_64 | |
redhat-ds-base-8.2.9-3.el5dsrv.x86_64.rpm | SHA-256: da4c677aef586130cc5691701d2f6de124e98565691ec304a9631b97a881b8b9 |
redhat-ds-base-devel-8.2.9-3.el5dsrv.x86_64.rpm | SHA-256: 9a920b84139a4ac8305e58bfb200d3a6f9328a51ae3e876a1fea62f321c90313 |
i386 | |
redhat-ds-base-8.2.9-3.el5dsrv.i386.rpm | SHA-256: 2c9ad2cc46dd073f7ed83e851c74af0653135bc1c9afda40dbeabf947ae4d4f8 |
redhat-ds-base-devel-8.2.9-3.el5dsrv.i386.rpm | SHA-256: eeb258add735c97d30c714c38d9ecb0a0c3a7254e743f2b889824e74e61c9c72 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.