- Issued:
- 2008-05-09
- Updated:
- 2008-05-09
RHBA-2008:0273 - Bug Fix Advisory
Synopsis
nss_ldap bug fix update
Type/Severity
Bug Fix Advisory
Topic
An updated nss_ldap package that fixes a bug is now available for Red Hat
Enterprise Linux 3.
Description
The nss_ldap package contains the nss_ldap and pam_ldap modules. The
nss_ldap module is a plug-in which allows applications to retrieve
information about users and groups from a directory server. The pam_ldap
module allows PAM-aware applications to use a directory server to verify
user passwords.
When the nss_ldap plug-in attempted to format the list of a group's members
for an application, it did not correctly detect when the space provided to
store that list was insufficient. For large groups, this resulted in a
corrupt heap, which typically resulted in the calling application crashing,
or a segmentation fault.
Users of nss_ldap are advised to upgrade to this updated package, which
resolves this issue.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
Affected Products
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux Desktop 3 x86_64
- Red Hat Enterprise Linux Desktop 3 i386
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 3 ppc
Fixes
(none)CVEs
(none)
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.