| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
MDKA-2003:009 - Updated openldap packages fix multiple bugs
| From: | Mandrake Linux Security Team <security@linux-mandrake.com> | |
| To: | announce@mandrakesecure.net | |
| Subject: | MDKA-2003:009 - Updated openldap packages fix multiple bugs | |
| Date: | 1 May 2003 23:22:35 -0000 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
________________________________________________________________________
Mandrake Linux Update Advisory
________________________________________________________________________
Package name: openldap
Advisory ID: MDKA-2003:009
Date: May 1st, 2003
Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1,
Multi Network Firewall 8.2
________________________________________________________________________
Problem Description:
The OpenLDAP packages in Mandrake Linux 9.1 did not properly
migrate data from previous versions. This update provides a fix
that corrects this issue.
The updated packages also correct a problem that has been persistent
in Mandrake Linux for some time. Previously, attempting to use
OpenLDAP for authentication would result in strange system behaviour
because OpenLDAP was using a MD5 hash internally that was incompatible
with the system crypt(3) MD5 hash. This would result in authentication
working with nss_ldap, but not with pam_ldap. If one used ldappasswd
to change a password, authentication would work with pam_ldap but not
nss_ldap. The OpenLDAP packages have been updated to use the crypt(3)
MD5 hash at all times.
As well, if OpenLDAP was used for authentication on Mandrake Linux 9.1,
sshd would segfault when attempting to login as an LDAP user. The
new pam_ldap and nss_ldap packages correct this problem.
WARNING: Users who are currently using pam_ldap with OpenLDAP, and who
have used ldappasswd to change user passwords may have the MD5 hash
that is not compatible with crypt(3) used to store the userPassword.
If this is the case, updating to these packages may require you to, as
root, change the password for each user with a now incompatible
password.
________________________________________________________________________
References:
________________________________________________________________________
Updated Packages:
Corporate Server 2.1:
228062e8f7c51897b28eaeb64f05eb6a corporate/2.1/RPMS/libldap2-2.0.25-7.2mdk.i586.rpm
d38b4c1cb2232ef5e00673ccaacbc0ef corporate/2.1/RPMS/libldap2-devel-2.0.25-7.2mdk.i586.rpm
959b4cee440aa432f4609fe2a6e94833 corporate/2.1/RPMS/libldap2-devel-static-2.0.25-7.2mdk.i586.rpm
2a4debaa1a3bc1c1b7e758331c36e1c2 corporate/2.1/RPMS/openldap-2.0.25-7.2mdk.i586.rpm
4e4bf480f21493f5fa62e1a8d520cbf0 corporate/2.1/RPMS/openldap-back_dnssrv-2.0.25-7.2mdk.i586.rpm
78d24da1251dc2560c4aec810866c17f corporate/2.1/RPMS/openldap-back_ldap-2.0.25-7.2mdk.i586.rpm
d392d2b1350967efa98c02a1a3b232ce corporate/2.1/RPMS/openldap-back_passwd-2.0.25-7.2mdk.i586.rpm
5e747e02a1105d3816155348a387f222 corporate/2.1/RPMS/openldap-back_sql-2.0.25-7.2mdk.i586.rpm
8d55caae1ce7aa03b9c1df62deec5a9d corporate/2.1/RPMS/openldap-clients-2.0.25-7.2mdk.i586.rpm
5d845d76ee6bbd3a0516b7263be299d4 corporate/2.1/RPMS/openldap-guide-2.0.25-7.2mdk.i586.rpm
20cccb296beb5b57286e2f52f04388f3 corporate/2.1/RPMS/openldap-migration-2.0.25-7.2mdk.i586.rpm
a8c118bb205d7ddf54bb5b424f50fdae corporate/2.1/RPMS/openldap-servers-2.0.25-7.2mdk.i586.rpm
00adf85f89898912f3f892bd740808c3 corporate/2.1/SRPMS/openldap-2.0.25-7.2mdk.src.rpm
Mandrake Linux 8.2:
81152a500eba55ac00a6bbade73e8eed 8.2/RPMS/libldap2-2.0.21-4.2mdk.i586.rpm
3d5f6b84cb1fc5c968f1446b5fac03c2 8.2/RPMS/libldap2-devel-2.0.21-4.2mdk.i586.rpm
699e296d6e096e2577f54c20e2b40a0a 8.2/RPMS/libldap2-devel-static-2.0.21-4.2mdk.i586.rpm
b89bfacb5aec5cbe21be0b100c8ae4db 8.2/RPMS/openldap-2.0.21-4.2mdk.i586.rpm
bb2c2e5abdc55cedc9039d8093c4abc8 8.2/RPMS/openldap-back_dnssrv-2.0.21-4.2mdk.i586.rpm
6e62517341700b30ba7cd22ab9e441ce 8.2/RPMS/openldap-back_ldap-2.0.21-4.2mdk.i586.rpm
8d99170673fd6091132c40e57a9d4d2e 8.2/RPMS/openldap-back_passwd-2.0.21-4.2mdk.i586.rpm
437e79c044f9ca9100115e07688a6c8a 8.2/RPMS/openldap-back_sql-2.0.21-4.2mdk.i586.rpm
c13459596a37f2db4f88a1768beb19ac 8.2/RPMS/openldap-clients-2.0.21-4.2mdk.i586.rpm
d50672996002d3934cf3d9a646f12cf0 8.2/RPMS/openldap-guide-2.0.21-4.2mdk.i586.rpm
84bafab30b6fce090855b8f1f4d38dd9 8.2/RPMS/openldap-migration-2.0.21-4.2mdk.i586.rpm
dc09fbe20346172136b8db79aae92723 8.2/RPMS/openldap-servers-2.0.21-4.2mdk.i586.rpm
b36e43857a114a79c46312d19b1f78b0 8.2/SRPMS/openldap-2.0.21-4.2mdk.src.rpm
Mandrake Linux 8.2/PPC:
8d1f3829ff437eb7dc578e04b3121fa7 ppc/8.2/RPMS/libldap2-2.0.21-4.2mdk.ppc.rpm
b47b3498f787ece9a6794d000cdbc334 ppc/8.2/RPMS/libldap2-devel-2.0.21-4.2mdk.ppc.rpm
30046c2c0293dfe6b29da0c1348b08e6 ppc/8.2/RPMS/libldap2-devel-static-2.0.21-4.2mdk.ppc.rpm
5a39af47c4e8305b942a7b8645157b13 ppc/8.2/RPMS/openldap-2.0.21-4.2mdk.ppc.rpm
75c7e21bf9955677f21e87103c8b23f9 ppc/8.2/RPMS/openldap-back_dnssrv-2.0.21-4.2mdk.ppc.rpm
2caf422c849325fa6225980a131b314b ppc/8.2/RPMS/openldap-back_ldap-2.0.21-4.2mdk.ppc.rpm
85d53c254e8f2bf292b2eb6f5e2658a4 ppc/8.2/RPMS/openldap-back_passwd-2.0.21-4.2mdk.ppc.rpm
063ff5de0735751e1ce28304eba9d787 ppc/8.2/RPMS/openldap-back_sql-2.0.21-4.2mdk.ppc.rpm
2f3394214ac49796ab55ab18924213b9 ppc/8.2/RPMS/openldap-clients-2.0.21-4.2mdk.ppc.rpm
b72e626a45ee45e483521ec4eecd568d ppc/8.2/RPMS/openldap-guide-2.0.21-4.2mdk.ppc.rpm
5c6965074fb258f70c449ed3efb780cd ppc/8.2/RPMS/openldap-migration-2.0.21-4.2mdk.ppc.rpm
addad7f22155332a1b4bc11e0af70bcb ppc/8.2/RPMS/openldap-servers-2.0.21-4.2mdk.ppc.rpm
b36e43857a114a79c46312d19b1f78b0 ppc/8.2/SRPMS/openldap-2.0.21-4.2mdk.src.rpm
Mandrake Linux 9.0:
228062e8f7c51897b28eaeb64f05eb6a 9.0/RPMS/libldap2-2.0.25-7.2mdk.i586.rpm
d38b4c1cb2232ef5e00673ccaacbc0ef 9.0/RPMS/libldap2-devel-2.0.25-7.2mdk.i586.rpm
959b4cee440aa432f4609fe2a6e94833 9.0/RPMS/libldap2-devel-static-2.0.25-7.2mdk.i586.rpm
2a4debaa1a3bc1c1b7e758331c36e1c2 9.0/RPMS/openldap-2.0.25-7.2mdk.i586.rpm
4e4bf480f21493f5fa62e1a8d520cbf0 9.0/RPMS/openldap-back_dnssrv-2.0.25-7.2mdk.i586.rpm
78d24da1251dc2560c4aec810866c17f 9.0/RPMS/openldap-back_ldap-2.0.25-7.2mdk.i586.rpm
d392d2b1350967efa98c02a1a3b232ce 9.0/RPMS/openldap-back_passwd-2.0.25-7.2mdk.i586.rpm
5e747e02a1105d3816155348a387f222 9.0/RPMS/openldap-back_sql-2.0.25-7.2mdk.i586.rpm
8d55caae1ce7aa03b9c1df62deec5a9d 9.0/RPMS/openldap-clients-2.0.25-7.2mdk.i586.rpm
5d845d76ee6bbd3a0516b7263be299d4 9.0/RPMS/openldap-guide-2.0.25-7.2mdk.i586.rpm
20cccb296beb5b57286e2f52f04388f3 9.0/RPMS/openldap-migration-2.0.25-7.2mdk.i586.rpm
a8c118bb205d7ddf54bb5b424f50fdae 9.0/RPMS/openldap-servers-2.0.25-7.2mdk.i586.rpm
00adf85f89898912f3f892bd740808c3 9.0/SRPMS/openldap-2.0.25-7.2mdk.src.rpm
Mandrake Linux 9.1:
881f08c3c26a7007cf53df5f3493e0c2 9.1/RPMS/libldap2-2.0.27-5.3mdk.i586.rpm
8778e8c43c57c217eac05ae52457634c 9.1/RPMS/libldap2-devel-2.0.27-5.3mdk.i586.rpm
38ed2b492286e3b9931907d5447c10d4 9.1/RPMS/libldap2-devel-static-2.0.27-5.3mdk.i586.rpm
a503690c93eeaafdeb85c74459031e78 9.1/RPMS/nss_ldap-204-1.1mdk.i586.rpm
9ddbdc978bc53cc4f47329066340c997 9.1/RPMS/openldap-2.0.27-5.3mdk.i586.rpm
e93d209e416d98921fba0d194efd351d 9.1/RPMS/openldap-back_dnssrv-2.0.27-5.3mdk.i586.rpm
37a9e9f02ed5b7d2d77b20523d18f15b 9.1/RPMS/openldap-back_ldap-2.0.27-5.3mdk.i586.rpm
fbcf0db8fd69f74934175e310f2cda81 9.1/RPMS/openldap-back_passwd-2.0.27-5.3mdk.i586.rpm
7ce7fa324d32730f483919456763120a 9.1/RPMS/openldap-back_sql-2.0.27-5.3mdk.i586.rpm
42e1621795dd0275dfce2cd3a2b26210 9.1/RPMS/openldap-clients-2.0.27-5.3mdk.i586.rpm
5f5b67698144010868de879f1953577b 9.1/RPMS/openldap-guide-2.0.27-5.3mdk.i586.rpm
f134c9ddad9682206413a87877f6681e 9.1/RPMS/openldap-migration-2.0.27-5.3mdk.i586.rpm
f594ce9f9a2e14d52ad582f30b26cb38 9.1/RPMS/openldap-servers-2.0.27-5.3mdk.i586.rpm
215808a6f3f2039a7b66996c098682db 9.1/RPMS/pam_ldap-161-1.1mdk.i586.rpm
d721a84c3f699bd52156a40825113386 9.1/SRPMS/nss_ldap-204-1.1mdk.src.rpm
f25a960ab5dacf247dcb09974db6dba6 9.1/SRPMS/openldap-2.0.27-5.3mdk.src.rpm
Mandrake Linux 9.1/PPC:
fdf3b03329e6ef324203bc26f445f29f ppc/9.1/RPMS/libldap2-2.0.27-5.3mdk.ppc.rpm
672b0827760098e441d4cc1a473e88bd ppc/9.1/RPMS/libldap2-devel-2.0.27-5.3mdk.ppc.rpm
0cbe6bbc86b40666d778fe4806d10d75 ppc/9.1/RPMS/libldap2-devel-static-2.0.27-5.3mdk.ppc.rpm
4bd40abc6bfd515c20a86cd14690ec03 ppc/9.1/RPMS/nss_ldap-204-1.1mdk.ppc.rpm
b01f7a882e3671e00998a9ace2266a21 ppc/9.1/RPMS/openldap-2.0.27-5.3mdk.ppc.rpm
803a4f82739f14fcc0ba8cac6535c81a ppc/9.1/RPMS/openldap-back_dnssrv-2.0.27-5.3mdk.ppc.rpm
82901bfc19b5d5b72ec122451df14ad9 ppc/9.1/RPMS/openldap-back_ldap-2.0.27-5.3mdk.ppc.rpm
fffac70593b316b52fb7bd5c06e751cf ppc/9.1/RPMS/openldap-back_passwd-2.0.27-5.3mdk.ppc.rpm
eb1682c1cdbb1299f35bd94905d66f1f ppc/9.1/RPMS/openldap-back_sql-2.0.27-5.3mdk.ppc.rpm
a4da26feb72ab155fc97c650233d9d25 ppc/9.1/RPMS/openldap-clients-2.0.27-5.3mdk.ppc.rpm
d4681c4aae54b2f5334734f5f9a58cf4 ppc/9.1/RPMS/openldap-guide-2.0.27-5.3mdk.ppc.rpm
95df74cec38deea5eeb7f5a275b24099 ppc/9.1/RPMS/openldap-migration-2.0.27-5.3mdk.ppc.rpm
55edbff6830379c4364dda37892e5ffc ppc/9.1/RPMS/openldap-servers-2.0.27-5.3mdk.ppc.rpm
600f30573d85b798545c5592c19c62c2 ppc/9.1/RPMS/pam_ldap-161-1.1mdk.ppc.rpm
d721a84c3f699bd52156a40825113386 ppc/9.1/SRPMS/nss_ldap-204-1.1mdk.src.rpm
f25a960ab5dacf247dcb09974db6dba6 ppc/9.1/SRPMS/openldap-2.0.27-5.3mdk.src.rpm
Multi Network Firewall 8.2:
81152a500eba55ac00a6bbade73e8eed mnf8.2/RPMS/libldap2-2.0.21-4.2mdk.i586.rpm
b36e43857a114a79c46312d19b1f78b0 mnf8.2/SRPMS/openldap-2.0.21-4.2mdk.src.rpm
________________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
________________________________________________________________________
To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of
FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig <filename>
All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team from:
https://www.mandrakesecure.net/RPM-GPG-KEYS
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.7 (GNU/Linux)
mQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday
L4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7
WKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo
P0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl
hynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx
PFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg
2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs
iyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD
LLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu
ZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t
PohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy
/NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA
BgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP
WdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w
Pk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPaIRgQQEQIA
BgUCPI+UAwAKCRDniYrgcHcf8xK5AKCm/Mq8qP8GE0o1hEX22QsJMZwH5gCfZ72H
8TacOb3oAmBdprf+K6gkdOiIRgQQEQIABgUCOtOieAAKCRCv2bZyU0yB80MeAJ9K
+jXt0cKuaUonRU+CRGetk6t9dgCfTRRL6/puOKdD6md70+K5EBBSvsG0OE1hbmRy
YWtlIExpbnV4IFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QG1hbmRyYWtlc29mdC5j
b20+iFcEExECABcFAjyPnuUFCwcKAwQDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmFi+
AJsHhohgnU3ik4+gy3EdFlB2i/MBoACg6lHn5cnVvTcmgNccWxeNxLLZI5e5AQ0E
OWnn7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ
9F779FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzR
xBXVJb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z
269s+A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN
6SCXVl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZ
jTcl3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo
0NAiRYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJ
EJGXlA==
=yGlX
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+saw7mqjQ0CJFipgRAr9hAJ43xySXN/h0IJBZGstzfkGImS1JVgCbBm13
XtbvSHlQy204VZF3je6FrV8=
=v8kr
-----END PGP SIGNATURE-----
(Log in to post comments)