[El-errata] ELSA-2006:0719 Moderate nss_ldap security update
el-errata at oss.oracle.com
el-errata at oss.oracle.com
Thu Nov 30 19:26:58 PST 2006
Enterprise Linux Security Advisory 2006:0719
https://rhn.redhat.com/errata/RHSA-2006-0719.html
The following updated rpms for Enterprise Linux 4 have been uploaded to
the Unbreakable Linux Network:
i386:
nss_ldap-226-17.i386.rpm
x86_64:
nss_ldap-226-17.i386.rpm
nss_ldap-226-17.x86_64.rpm
SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/nss_ldap-226-17.src.rpm
Description of changes:
[226-17]
- temporarily disable fixes for #190256 and #206438 for security update
[226-16]
- include backported fix for off-by-one crasher in various result parsing
functions (Carsten Clashom, #206438)
[226-15]
- don't suppress policy errors encountered during authentication if the
specific policy error isn't one which the PAM spec indicates should be
reported during account management (CVE-2006-5170, #207286, upstream #291)
[226-14]
- return PAM_NEW_AUTHTOK_REQD instead of PAM_PERM_DENIED in case of a
POLICY_ERROR_CHANGE_AFTER_RESET policy response from the server (#190256)
More information about the El-errata
mailing list