Synopsis: Important: openldap security and enhancement update
Issue date: 2007-11-08
CVE Names: CVE-2007-5707
A flaw was found in the way OpenLDAP's slapd daemon handled malformed
objectClasses LDAP attributes. A local or remote attacker could create
an LDAP request which could cause a denial of service by crashing slapd.
(CVE-2007-5707)
In addition, the following feature was added:
* OpenLDAP client tools now have new option to configure their bind timeout
SL 5.x
SRPMS:
openldap-2.3.27-8.el5_1.1.src.rpm
i386:
openldap-2.3.27-8.el5.1.i386.rpm
openldap-clients-2.3.27-8.el5.1.i386.rpm
openldap-devel-2.3.27-8.el5.1.i386.rpm
openldap-servers-2.3.27-8.el5.1.i386.rpm
openldap-servers-sql-2.3.27-8.el5.1.i386.rpm
x86_64:
openldap-2.3.27-8.el5.1.i386.rpm
openldap-2.3.27-8.el5.1.x86_64.rpm
openldap-clients-2.3.27-8.el5.1.x86_64.rpm
openldap-devel-2.3.27-8.el5.1.i386.rpm
openldap-devel-2.3.27-8.el5.1.x86_64.rpm
openldap-servers-2.3.27-8.el5.1.x86_64.rpm
openldap-servers-sql-2.3.27-8.el5.1.x86_64.rpm
-Connie Sieh
-Troy Dawson