Synopsis: Low: openldap security update
Issue date: 2007-05-01
CVE Names: CVE-2006-4600
A flaw was found in the way OpenLDAP handled selfwrite access. Users with
selfwrite access were able to modify the distinguished name of any user.
(CVE-2006-4600)
SRPMS:
openldap-2.2.13-7.4E.src.rpm
i386:
compat-openldap-2.1.30-7.4E.i386.rpm
openldap-2.2.13-7.4E.i386.rpm
openldap-clients-2.2.13-7.4E.i386.rpm
openldap-devel-2.2.13-7.4E.i386.rpm
openldap-servers-2.2.13-7.4E.i386.rpm
openldap-servers-sql-2.2.13-7.4E.i386.rpm
x86_64:
compat-openldap-2.1.30-7.4E.i386.rpm
compat-openldap-2.1.30-7.4E.x86_64.rpm
openldap-2.2.13-7.4E.i386.rpm
openldap-2.2.13-7.4E.x86_64.rpm
openldap-clients-2.2.13-7.4E.x86_64.rpm
openldap-devel-2.2.13-7.4E.x86_64.rpm
openldap-servers-2.2.13-7.4E.x86_64.rpm
openldap-servers-sql-2.2.13-7.4E.x86_64.rpm
-Connie Sieh
-Troy Dawson