-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-2754 2013-02-20 03:33:33 --------------------------------------------------------------------------------
Name : nss-pam-ldapd Product : Fedora 17 Version : 0.7.16 Release : 3.fc17 URL : http://arthurdejong.org/nss-pam-ldapd/ Summary : An nsswitch module which uses directory servers Description : The nss-pam-ldapd daemon, nslcd, uses a directory server to look up name service information (users, groups, etc.) on behalf of a lightweight nsswitch module. -------------------------------------------------------------------------------- Update Information: Fixes: CVE-2013-0288 nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 19 2013 Jakub Hrozek <[email protected]> 0.7.16-3 - apply upstream r1926 to resolve CVE-2013-0288 nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow * Mon May 14 2012 Jakub Hrozek <[email protected]> 0.7.16-2 - backport upstream revision r1659 related to broken pipe when requesting a large group - use grep -E instead of egrep to avoid rpmlint warnings * Sat Apr 28 2012 Jakub Hrozek <[email protected]> 0.7.16-1 - new upstream release 0.7.16 * Thu Mar 15 2012 Jakub Hrozek <[email protected]> 0.7.15-2 - Do not print "Broken Pipe" error message when requesting a large group -------------------------------------------------------------------------------- References: [ 1 ] Bug #909119 - CVE-2013-0288 nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=909119 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nss-pam-ldapd' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
