- Issued:
- 2009-05-18
- Updated:
- 2009-05-18
RHBA-2009:0986 - Bug Fix Advisory
Synopsis
nss_ldap bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated nss_ldap package that fixes various bugs is now available.
Description
The nss_ldap package contains the nss_ldap and pam_ldap modules. The
nss_ldap module is a plug-in which allows applications to retrieve
information about users and groups from a directory server. The pam_ldap
module allows PAM-aware applications to use a directory server to verify
user passwords.
This updated package addresses the following bugs:
- when resolving group membership information for a user, if the user
belonged to a nested group (that is, the group itself belonged to another
group), heap corruption and segmentation faults occurred. This update
backports improved parsing code which allows nss_ldap to handle nested
groups successfully. (BZ#426209, BZ#444086)
- nscd failed to close file descriptors when run against an LDAP
directory service. This resulted in loops which consumed all available
CPU. All file descriptors are now closed as part of this process, so the
error no longer presents. (BZ#491419)
- nss_ldap did not support paged results, so only partial lists were
returned when ennumerating users with getpwent(). Paged results are now
enabled and user lists should now be returned in full. (BZ#444058)
- man pages have been updated to include nss_ldap.5 and pam_ldap.5.
(BZ#447819)
Users are advised to upgrade to this updated package, which
resolves these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
Fixes
- BZ - 444058 - [RFE] getpwent() not working with nss_ldap+ lots of users; add '--enable-paged-results' for nss_ldap
- BZ - 447819 - nss_ldap is missing man pages
- BZ - 491419 - leaking file descriptors
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 4
SRPM | |
---|---|
nss_ldap-253-7.el4.src.rpm | SHA-256: 94da00e26ef33e118a44fb821e3f92d84431a4b315c95df8ef2627a72168ff4b |
x86_64 | |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
nss_ldap-253-7.el4.x86_64.rpm | SHA-256: cab6c98c71f93fb8830eeb12370e40689b894f95594d174522eb9718ab3033c4 |
nss_ldap-253-7.el4.x86_64.rpm | SHA-256: cab6c98c71f93fb8830eeb12370e40689b894f95594d174522eb9718ab3033c4 |
ia64 | |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
nss_ldap-253-7.el4.ia64.rpm | SHA-256: 30e71c9ad9a2e81e2d913ae2a50d132aaad6ab80c6785375965c0586517440df |
nss_ldap-253-7.el4.ia64.rpm | SHA-256: 30e71c9ad9a2e81e2d913ae2a50d132aaad6ab80c6785375965c0586517440df |
i386 | |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
Red Hat Enterprise Linux Workstation 4
SRPM | |
---|---|
nss_ldap-253-7.el4.src.rpm | SHA-256: 94da00e26ef33e118a44fb821e3f92d84431a4b315c95df8ef2627a72168ff4b |
x86_64 | |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
nss_ldap-253-7.el4.x86_64.rpm | SHA-256: cab6c98c71f93fb8830eeb12370e40689b894f95594d174522eb9718ab3033c4 |
ia64 | |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
nss_ldap-253-7.el4.ia64.rpm | SHA-256: 30e71c9ad9a2e81e2d913ae2a50d132aaad6ab80c6785375965c0586517440df |
i386 | |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
Red Hat Enterprise Linux Desktop 4
SRPM | |
---|---|
nss_ldap-253-7.el4.src.rpm | SHA-256: 94da00e26ef33e118a44fb821e3f92d84431a4b315c95df8ef2627a72168ff4b |
x86_64 | |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
nss_ldap-253-7.el4.x86_64.rpm | SHA-256: cab6c98c71f93fb8830eeb12370e40689b894f95594d174522eb9718ab3033c4 |
i386 | |
nss_ldap-253-7.el4.i386.rpm | SHA-256: d004ce645e7bc861f6d7a2e8c3829dc25c3162831193e72cf350a0807dc97cbd |
Red Hat Enterprise Linux for IBM z Systems 4
SRPM | |
---|---|
nss_ldap-253-7.el4.src.rpm | SHA-256: 94da00e26ef33e118a44fb821e3f92d84431a4b315c95df8ef2627a72168ff4b |
s390x | |
nss_ldap-253-7.el4.s390.rpm | SHA-256: ca9bc2590677c1752e165c6c5bf3dc9bbbaaaf2354835a05d056a96707433088 |
nss_ldap-253-7.el4.s390x.rpm | SHA-256: eccc9b61c036d5ec2885cc3a837e857bf91f9d4863084c2a4a4600207022297f |
s390 | |
nss_ldap-253-7.el4.s390.rpm | SHA-256: ca9bc2590677c1752e165c6c5bf3dc9bbbaaaf2354835a05d056a96707433088 |
Red Hat Enterprise Linux for Power, big endian 4
SRPM | |
---|---|
nss_ldap-253-7.el4.src.rpm | SHA-256: 94da00e26ef33e118a44fb821e3f92d84431a4b315c95df8ef2627a72168ff4b |
ppc | |
nss_ldap-253-7.el4.ppc.rpm | SHA-256: e901bfb645cbf30e4c96ff49eb0dd933c56d70678c9841a6c55ce1c184a64832 |
nss_ldap-253-7.el4.ppc64.rpm | SHA-256: d392c042060cadfb1173b39585724d8e11b67e28bce6766e0636081698970077 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.