Skip to navigation

Security Advisory Moderate: openldap security update

Advisory: RHSA-2010:0542-1
Type: Security Advisory
Severity: Moderate
Issued on: 2010-07-20
Last updated on: 2010-07-20
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2010-0211
CVE-2010-0212

Details

Updated openldap packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.

Multiple flaws were discovered in the way the slapd daemon handled modify
relative distinguished name (modrdn) requests. An authenticated user with
privileges to perform modrdn operations could use these flaws to crash the
slapd daemon via specially-crafted modrdn requests. (CVE-2010-0211,
CVE-2010-0212)

Red Hat would like to thank CERT-FI for responsibly reporting these flaws,
who credit Ilkka Mattila and Tuomas Salomäki for the discovery of the
issues.

Users of OpenLDAP should upgrade to these updated packages, which contain
a backported patch to correct these issues. After installing this update,
the OpenLDAP daemons will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
openldap-2.3.43-12.el5_5.1.src.rpm
File outdated by:  RHSA-2014:0206
    MD5: 39ed8018a39cb1d2fcb8723226232f3b
SHA-256: 05e2065f7092f6794d9edde47a2544f1038536fcdd515f596dca16ed68331d98
 
IA-32:
openldap-devel-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 480e9eb8e9b4c93c32312bdf879531ad
SHA-256: 08f88ba971223f5e66f8d333c9e1ac38fa66b5a2f2a9dfa2f5175cc98b4e59d3
openldap-servers-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: fa63cdfd5cf6d6ea61d4c759325ed0c0
SHA-256: 93543b4e7998cdc1cd4c3ca27683c9fe9c53121de2f0a76020b86b591d955daf
openldap-servers-overlays-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: e4ac8a397d980eb3c3b3ec663a6ed673
SHA-256: 47f5cb1c7ac8a88cdb3cea1854870d7f44c7cf19e1e7b7ee4b1ddf1667b234ea
openldap-servers-sql-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: ded4f0cd9bf5f264150814b9ef11720c
SHA-256: 800687929dfc9d9e2238d421273d45afb1a1b4a28ab67b99f6106b233d4f0afc
 
x86_64:
openldap-devel-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 480e9eb8e9b4c93c32312bdf879531ad
SHA-256: 08f88ba971223f5e66f8d333c9e1ac38fa66b5a2f2a9dfa2f5175cc98b4e59d3
openldap-devel-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: de68b339ba3e70dd7a2f1a520045afa0
SHA-256: b991b8a4849eb687094d7e4ef3dfef8b6d0404b51b98e8d6b2da72ebfb67a781
openldap-servers-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: e828704c77b22629a0d2528e23554454
SHA-256: 9e3ba8381df6cc49220969718b3d7d9f95ee6dd9809130d0e77abce8d9d3edaf
openldap-servers-overlays-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 777c960a7df9aa5eac84b0dbb212b1a1
SHA-256: 4502dd582a1a931fe3c63aaa2d727e3176c74a224d60115e3b0178b70787fca1
openldap-servers-sql-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: a1e447f14c47d7d3f75f17fb659b9897
SHA-256: c30d4e6b1bb9bade7bc5152d7a5e13ca42032b244afbb633e47af7ffc1cab11e
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
openldap-2.3.43-12.el5_5.1.src.rpm
File outdated by:  RHSA-2014:0206
    MD5: 39ed8018a39cb1d2fcb8723226232f3b
SHA-256: 05e2065f7092f6794d9edde47a2544f1038536fcdd515f596dca16ed68331d98
 
IA-32:
compat-openldap-2.3.43_2.2.29-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6c503499677559770760bdba2d7afab2
SHA-256: bde2b4cbf185f7600c0d59bc56c18e63e7cd3d5694840ea69dfe1b87abe7375c
openldap-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6b267e2eea171401f43493e9439ef9b0
SHA-256: 6fbc152e9eae74625c6b8ade4d16abdc0f43bd85d31f193b1bfc1bf44497fbb2
openldap-clients-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 231e2b4b0da1eba7a35345e023e5e775
SHA-256: b9ac3734cd108b6e9097c0621b4e83d4ffb20309fcae72c9c30f30868ce473ff
openldap-devel-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 480e9eb8e9b4c93c32312bdf879531ad
SHA-256: 08f88ba971223f5e66f8d333c9e1ac38fa66b5a2f2a9dfa2f5175cc98b4e59d3
openldap-servers-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: fa63cdfd5cf6d6ea61d4c759325ed0c0
SHA-256: 93543b4e7998cdc1cd4c3ca27683c9fe9c53121de2f0a76020b86b591d955daf
openldap-servers-overlays-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: e4ac8a397d980eb3c3b3ec663a6ed673
SHA-256: 47f5cb1c7ac8a88cdb3cea1854870d7f44c7cf19e1e7b7ee4b1ddf1667b234ea
openldap-servers-sql-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: ded4f0cd9bf5f264150814b9ef11720c
SHA-256: 800687929dfc9d9e2238d421273d45afb1a1b4a28ab67b99f6106b233d4f0afc
 
IA-64:
compat-openldap-2.3.43_2.2.29-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6c503499677559770760bdba2d7afab2
SHA-256: bde2b4cbf185f7600c0d59bc56c18e63e7cd3d5694840ea69dfe1b87abe7375c
compat-openldap-2.3.43_2.2.29-12.el5_5.1.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 88c63d089ebdff08e9cb553290a31027
SHA-256: dc66726e74b99e64f1ff49cf141a2a0751fa67c738e3dec1454c5087dc93c176
openldap-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6b267e2eea171401f43493e9439ef9b0
SHA-256: 6fbc152e9eae74625c6b8ade4d16abdc0f43bd85d31f193b1bfc1bf44497fbb2
openldap-2.3.43-12.el5_5.1.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: bdcdf0cfe979f3f644c7409f0e32b7c9
SHA-256: 3902e3a195f98f6fc9e1ed36275c8ca9cf866ce5c1431c56783b75b1ef016358
openldap-clients-2.3.43-12.el5_5.1.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: d07cce435446df5f4159dc584447ed8b
SHA-256: fc8552d7b01495627a6509d1ca4dc1e38fdda35af23609604dbb2ebe132b9c64
openldap-devel-2.3.43-12.el5_5.1.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 3e2e04901911b925fd105cd148b7296a
SHA-256: 612404f95978cbb0aae29a6f0bc5a1970881b0d9f0093e1e166b42e35fe818b8
openldap-servers-2.3.43-12.el5_5.1.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 744a918a06855dc6ed0bc360b8365ac2
SHA-256: 5d9c67da96012a9e9e9f9b4001966ca675121c90fb4473939e008bb5df98a97b
openldap-servers-overlays-2.3.43-12.el5_5.1.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 5e9f897e0a9684ca56c39f651037039b
SHA-256: d52999fac28220115dc99233b726c559702d8652bbf021c4bf897b2f8b1a7ed9
openldap-servers-sql-2.3.43-12.el5_5.1.ia64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 80c0344c840fae55a26cf04ef1a373b7
SHA-256: a380c43703babcc3e79c816a0f24ece377e0aefa5ab665f5090ee74f493bfb67
 
PPC:
compat-openldap-2.3.43_2.2.29-12.el5_5.1.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: 5b45bf1542e48feebb1de86af2f3dbb6
SHA-256: 5bbbe07352784419058f73c5d949ced36d996b1699528fb65eda0d1086830495
compat-openldap-2.3.43_2.2.29-12.el5_5.1.ppc64.rpm
File outdated by:  RHSA-2014:0206
    MD5: a003f55eb273309ef00d9020a4d7f056
SHA-256: 55b46a1d81a97f59686475cabc2989fd8fd9d07d32d623f6d3218975ae3a092f
openldap-2.3.43-12.el5_5.1.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: a9b9cdf95967e072a261a174a967718d
SHA-256: 865c30cf7bc10024857b41c229b6b472b16fbdc6a78fa872670ff0a4029e41c6
openldap-2.3.43-12.el5_5.1.ppc64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 57dc5762e548a6b9d17df9d1bb7c86fa
SHA-256: e2fdfe25bb441e49e725fbd6d70b56ae73699f678649cc933789c77d8ffd06c0
openldap-clients-2.3.43-12.el5_5.1.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: f4804d7ca75e085b3f491ad0d2a72618
SHA-256: 400d02db72b01a9a491dae4f9e939c588be46aaf775707bb785aa9b12999b261
openldap-devel-2.3.43-12.el5_5.1.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: f28894147ebf7c68cda83d0dbf432775
SHA-256: a0713f54b9dea52d077b7cd47098d3366cfe6c68fa0f8808bcd3c4315f0031ea
openldap-devel-2.3.43-12.el5_5.1.ppc64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 61cd82735884c0664bfc4c42aa9c1ea2
SHA-256: 40df72461c3ee04610938372f85a86a62c1e49ab246a3ed1571760a21d4ee88d
openldap-servers-2.3.43-12.el5_5.1.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: 13f481f2b1d667c2f003870b29286fcd
SHA-256: 44b36132bb7db470c4ca449c164c2370a2bb587e7f7ce3bf1a88679e31c77ec0
openldap-servers-overlays-2.3.43-12.el5_5.1.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: 1bb2cd35c0da8d272f4bef7cdce9f8a4
SHA-256: e9b017bfeec60261e0928c86d666c6995c6d528eefe5f592a00e884e31df9891
openldap-servers-sql-2.3.43-12.el5_5.1.ppc.rpm
File outdated by:  RHSA-2014:0206
    MD5: 24d96f5957a0b19ef1d42ed8637a99fe
SHA-256: c634c03ab652c3f8690e9d69c4f0e970703dc9dcb923f239d980498f27f56133
 
s390x:
compat-openldap-2.3.43_2.2.29-12.el5_5.1.s390.rpm
File outdated by:  RHSA-2014:0206
    MD5: 9184ed30e2d0f5f0cd35603e56745886
SHA-256: 4d4a0253ebf20e97935bfa50656b257bf23de6d83d22b7fb035302b92efbd1ea
compat-openldap-2.3.43_2.2.29-12.el5_5.1.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: ae87c462d25242daa1ffbe37495d81ca
SHA-256: 925c9e803cb0189d30ccdf2c684e6953c0edea80e281f2dcd6096a1fbc6aaa36
openldap-2.3.43-12.el5_5.1.s390.rpm
File outdated by:  RHSA-2014:0206
    MD5: 3fa71843949f2f8e0d8a8136425cf8a3
SHA-256: dc4492d988ebbd23b97aeb6ac3dac467f767b5c35e88e3930e109f18788022a5
openldap-2.3.43-12.el5_5.1.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: b48d1f02804852586301fa2971c34ad0
SHA-256: e6b9222af860229f29a1ef32ebecef2766941480447a0d3a54dbe2965176d626
openldap-clients-2.3.43-12.el5_5.1.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: 0f99045b4353914b5970fac15e963551
SHA-256: 801ae8b4342cb5e192952bcf82f42b6c4344778e4524ef218709c8a9e633e556
openldap-devel-2.3.43-12.el5_5.1.s390.rpm
File outdated by:  RHSA-2014:0206
    MD5: beeca9e559c27adf805d519f334044ae
SHA-256: 4f8f44db52b210d16f74c25d97a92836bf180dbab86325feb0df79f8df3e18b1
openldap-devel-2.3.43-12.el5_5.1.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: 9983150cfbdd66887f7f18fc655c2f28
SHA-256: 92a4c04809c42e162e65607684c68457a2e5480d1117bc0a993c346a18d2124d
openldap-servers-2.3.43-12.el5_5.1.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: fa53311b8bf7013d04f7987804d149b7
SHA-256: 88ac346314123f4818a4fb3fb05e4ccbdebda10cf14bcf1136ab0bdd07e025dc
openldap-servers-overlays-2.3.43-12.el5_5.1.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: e6de3ba4775ea839957615c556eea377
SHA-256: cd55402d3d4b91bc9e2e48ef632be14904eb3fab63df9d0cb8cca7ac97cb60f0
openldap-servers-sql-2.3.43-12.el5_5.1.s390x.rpm
File outdated by:  RHSA-2014:0206
    MD5: ab502925b43e57d1f2ec6dd420bd6285
SHA-256: c93ecc3546ee2bf5f9b6c453051d1316175826b8d33f984ffcdb939129aa4225
 
x86_64:
compat-openldap-2.3.43_2.2.29-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6c503499677559770760bdba2d7afab2
SHA-256: bde2b4cbf185f7600c0d59bc56c18e63e7cd3d5694840ea69dfe1b87abe7375c
compat-openldap-2.3.43_2.2.29-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 5bf4df766f822d9cdee8dcc9d8f85349
SHA-256: 0ac39381717511c0ac8f6f6533c577d2a52b83808fb13c9efb96225d28de6808
openldap-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6b267e2eea171401f43493e9439ef9b0
SHA-256: 6fbc152e9eae74625c6b8ade4d16abdc0f43bd85d31f193b1bfc1bf44497fbb2
openldap-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: f377eecb50f78673f0b29ece6280407b
SHA-256: ee1efaeca6815d38d44d782a9ff3de5e1860e1c9dc3b8825f9bb93c25aa84b74
openldap-clients-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 08c88a99aa3acf77d5f65f6d2a4d81ab
SHA-256: 27de2a58631ecdf511aba7115c11139cccdd41a31b87ebb3d6a6aa4143a36a05
openldap-devel-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 480e9eb8e9b4c93c32312bdf879531ad
SHA-256: 08f88ba971223f5e66f8d333c9e1ac38fa66b5a2f2a9dfa2f5175cc98b4e59d3
openldap-devel-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: de68b339ba3e70dd7a2f1a520045afa0
SHA-256: b991b8a4849eb687094d7e4ef3dfef8b6d0404b51b98e8d6b2da72ebfb67a781
openldap-servers-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: e828704c77b22629a0d2528e23554454
SHA-256: 9e3ba8381df6cc49220969718b3d7d9f95ee6dd9809130d0e77abce8d9d3edaf
openldap-servers-overlays-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 777c960a7df9aa5eac84b0dbb212b1a1
SHA-256: 4502dd582a1a931fe3c63aaa2d727e3176c74a224d60115e3b0178b70787fca1
openldap-servers-sql-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: a1e447f14c47d7d3f75f17fb659b9897
SHA-256: c30d4e6b1bb9bade7bc5152d7a5e13ca42032b244afbb633e47af7ffc1cab11e
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
openldap-2.3.43-12.el5_5.1.src.rpm
File outdated by:  RHSA-2014:0206
    MD5: 39ed8018a39cb1d2fcb8723226232f3b
SHA-256: 05e2065f7092f6794d9edde47a2544f1038536fcdd515f596dca16ed68331d98
 
IA-32:
compat-openldap-2.3.43_2.2.29-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6c503499677559770760bdba2d7afab2
SHA-256: bde2b4cbf185f7600c0d59bc56c18e63e7cd3d5694840ea69dfe1b87abe7375c
openldap-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6b267e2eea171401f43493e9439ef9b0
SHA-256: 6fbc152e9eae74625c6b8ade4d16abdc0f43bd85d31f193b1bfc1bf44497fbb2
openldap-clients-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 231e2b4b0da1eba7a35345e023e5e775
SHA-256: b9ac3734cd108b6e9097c0621b4e83d4ffb20309fcae72c9c30f30868ce473ff
 
x86_64:
compat-openldap-2.3.43_2.2.29-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6c503499677559770760bdba2d7afab2
SHA-256: bde2b4cbf185f7600c0d59bc56c18e63e7cd3d5694840ea69dfe1b87abe7375c
compat-openldap-2.3.43_2.2.29-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 5bf4df766f822d9cdee8dcc9d8f85349
SHA-256: 0ac39381717511c0ac8f6f6533c577d2a52b83808fb13c9efb96225d28de6808
openldap-2.3.43-12.el5_5.1.i386.rpm
File outdated by:  RHSA-2014:0206
    MD5: 6b267e2eea171401f43493e9439ef9b0
SHA-256: 6fbc152e9eae74625c6b8ade4d16abdc0f43bd85d31f193b1bfc1bf44497fbb2
openldap-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: f377eecb50f78673f0b29ece6280407b
SHA-256: ee1efaeca6815d38d44d782a9ff3de5e1860e1c9dc3b8825f9bb93c25aa84b74
openldap-clients-2.3.43-12.el5_5.1.x86_64.rpm
File outdated by:  RHSA-2014:0206
    MD5: 08c88a99aa3acf77d5f65f6d2a4d81ab
SHA-256: 27de2a58631ecdf511aba7115c11139cccdd41a31b87ebb3d6a6aa4143a36a05
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

605448 - CVE-2010-0211 openldap: modrdn processing uninitialized pointer free
605452 - CVE-2010-0212 openldap: modrdn processing IA5StringNormalize NULL pointer dereference


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/