![[LWN Logo]](/images/lcorner.png)
![[LWN.net]](/images/Included.png)
|
|
|
|
From: Eridani Star System <linux@eridani.co.uk> To: eridani-announce@eridani.co.uk Subject: [Eridani-Announce] ERISA-2002:019 - nss_ldap Date: Tue, 28 May 2002 22:56:44 +0100 (BST) ========================================================================= ERIDANI LINUX - SECURITY ANNOUNCEMENT ========================================================================= Package: nss_ldap (pam_ldap) Summary: string format bug in logging functon Date: 2002-05-28 ID: ERISA-2002:019 ========================================================================= Problem description: The pam_ldap module, provided by nss_ldap, enables a system to authenticate a user against an LDAP database. Versions of pam_ldap older than version 144 include a string format bug in its logging mechanism. These packages include version 144 of pam_ldap, and fix this issue. ------------------------------------------------------------------------- Updated packages: 5252a7bab1173b2bd26e8c1582822824 nss_ldap-189-2.src.rpm e21a80e93efe45c2eee48ab32a64b3e0 nss_ldap-189-2.i386.rpm ------------------------------------------------------------------------- References: http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0053.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0374 http://www.padl.com/OSS/pam_ldap.html ========================================================================= Packages available from ftp://ftp.eridani.co.uk/pub/Aeryn/ or by HTTP from http://ftp.eridani.co.uk/ Packages are signed with our GNU GPG key, also on our FTP site. Users of releases of Eridani Linux prior to 6.3 are advised to download the source RPM and rebuild for their system. Copyright (C)2002 Eridani Star System -- Michael "Soruk" McConnell http://www.eridani.co.uk Eridani Linux -- The Most Up-to-Date Red Hat-based Linux CDROMs Available Email: linux@eridani.co.uk -- Also Debian, Slackware, Mandrake and more... _______________________________________________ Eridani-Announce mailing list To be removed from this list email linux@eridani.co.uk requesting removal.