[El-errata] ELSA-2013-0503 Moderate: Oracle Linux 6 389-ds-base security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Feb 25 10:27:22 PST 2013 

Oracle Linux Security Advisory ELSA-2013-0503

https://rhn.redhat.com/errata/RHSA-2013-0503.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
389-ds-base-1.2.11.15-11.el6.i686.rpm
389-ds-base-devel-1.2.11.15-11.el6.i686.rpm
389-ds-base-libs-1.2.11.15-11.el6.i686.rpm

x86_64:
389-ds-base-1.2.11.15-11.el6.x86_64.rpm
389-ds-base-devel-1.2.11.15-11.el6.i686.rpm
389-ds-base-devel-1.2.11.15-11.el6.x86_64.rpm
389-ds-base-libs-1.2.11.15-11.el6.i686.rpm
389-ds-base-libs-1.2.11.15-11.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/389-ds-base-1.2.11.15-11.el6.src.rpm



Description of changes:

[1.2.11.15-11]
- Resolves: Bug 896256 - updating package touches configuration files

[1.2.11.15-10]
- Resolves: Bug 889083 - For modifiersName/internalModifiersName 
feature, internalModifiersname is not working for DNA plugin

[1.2.11.15-9]
- Resolves: Bug 891930 - DNA plugin no longer reports additional info 
when range is depleted

[1.2.11.15-8]
- Resolves: Bug 887855 - RootDN Access Control plugin is missing after 
upgrade from RHEL63 to RHEL64

[1.2.11.15-7]
- Resolves: Bug 830355 - [RFE] improve cleanruv functionality
- Resolves: Bug 876650 - Coverity revealed defects
- Ticket #20 - [RFE] Allow automember to work on entries that have 
already been added (Bug 768084)
- Resolves: Bug 834074 - [RFE] Disable replication agreements
- Resolves: Bug 878111 - ns-slapd segfaults if it cannot rename the logs

[1.2.11.15-6]
- Resolves: Bug 880305 - spec file missing dependencies for x86_64 
6ComputeNode
-   use perl-Socket6 on RHEL6

[1.2.11.15-5]
- Resolves: Bug 880305 - spec file missing dependencies for x86_64 
6ComputeNode

[1.2.11.15-4]
- Resolves: Bug 868841 - Newly created users with organizationalPerson 
objectClass fails to sync from AD to DS with missing attribute error
- Resolves: Bug 868853 - Winsync: DS error logs report wrong version of 
Windows AD when winsync is configured.
- Resolves: Bug 875862 - crash in DNA if no dnamagicregen is specified
- Resolves: Bug 876694 - RedHat Directory Server crashes (segfaults) 
when moving ldap entry
- Resolves: Bug 876727 - Search with a complex filter including range 
search is slow
- Ticket #495 - internalModifiersname not updated by DNA plugin (Bug 834053)

[1.2.11.15-3]
- Resolves: Bug 870158 - slapd entered to infinite loop during new index 
addition
- Resolves: Bug 870162 - Cannot abandon simple paged result search
- c970af0 Coverity defects
- 1ac087a Fixing compiler warnings in the posix-winsync plugin
- 2f960e4 Coverity defects
- Ticket #491 - multimaster_extop_cleanruv returns wrong error codes

[1.2.11.15-2]
- Resolves: Bug 834063 [RFE] enable attribute that tracks when a 
password was last set on an entry in the LDAP store; Ticket #478 
passwordTrackUpdateTime stops working with subtree password policies
- Resolves: Bug 847868 [RFE] support posix schema for user and group 
sync; Ticket #481 expand nested posix groups
- Resolves: Bug 860772 Change on SLAPI_MODRDN_NEWSUPERIOR is not 
evaluated in acl
- Resolves: Bug 863576 Dirsrv deadlock locking up IPA
- Resolves: Bug 864594 anonymous limits are being applied to directory 
manager

[1.2.11.15-1]
- Resolves: Bug 856657 dirsrv init script returns 0 even when few or all 
instances fail to start
- Resolves: Bug 858580 389 prevents from adding a posixaccount with 
userpassword after schema reload

[1.2.11.14-1]
- Resolves: Bug 852202 Ipa master system initiated more than a dozen 
simultaneous replication sessions, shut itself down and wiped out its db
- Resolves: Bug 855438 CLEANALLRUV task gets stuck on winsync 
replication agreement

[1.2.11.13-1]
- Resolves: Bug 847868 [RFE] support posix schema for user and group sync
-  fix upgrade issue with plugin config schema
-  posix winsync has default plugin precedence of 25

[1.2.11.12-1]
- Resolves: Bug 800051 Rebase 389-ds-base to 1.2.11
- Resolves: Bug 742054 SASL/PLAIN binds do not work
- Resolves: Bug 742381 MOD operations with chained delete/add get back 
error 53 on backend config
- Resolves: Bug 746642 [RFE] define pam_passthru service per subtree
- Resolves: Bug 757836 logconv.pl restarts count on conn=0 instead of conn=1
- Resolves: Bug 768084 [RFE] Allow automember to work on entries that 
have already been added
- Resolves: Bug 782975 krbExtraData is being null modified and 
replicated on each ssh login
- Resolves: Bug 803873 Sync with group attribute containing () fails
- Resolves: Bug 818762 winsync should not delete entry that appears to 
be out of scope
- Resolves: Bug 830001 unhashed#user#password visible after changing 
password [rhel-6.4]
- Resolves: Bug 830256 Audit log - clear text password in user changes
- Resolves: Bug 830331 ns-slapd exits/crashes if /var fills up
- Resolves: Bug 830334 Invalid chaining config triggers a disk full 
error and shutdown
- Resolves: Bug 830335 restore of replica ldif file on second master 
after deleting two records shows only 1 deletion
- Resolves: Bug 830336 db deadlock return should not log error
- Resolves: Bug 830337 usn + mmr = deletions are not replicated
- Resolves: Bug 830338 Change DS to purge ticket from krb cache in case 
of authentication error
- Resolves: Bug 830340 Make the CLEANALLRUV task one step
- Resolves: Bug 830343 managed entry sometimes doesn't delete the 
managed entry
- Resolves: Bug 830344 [RFE] Improve replication agreement status messages
- Resolves: Bug 830346 ADD operations not in audit log
- Resolves: Bug 830347 389 DS does not support multiple paging controls 
on a single connection
- Resolves: Bug 830348 Slow shutdown when you have 100+ replication 
agreements
- Resolves: Bug 830349 cannot use & in a sasl map search filter
- Resolves: Bug 830353 valgrind reported memleaks and mem errors
- Resolves: Bug 830355 [RFE] improve cleanruv functionality
- Resolves: Bug 830356 coverity 12625-12629 - leaks, dead code, 
unchecked return
- Resolves: Bug 832560 [abrt] 389-ds-base-1.2.10.6-1.fc16: 
slapi_attr_value_cmp: Process /usr/sbin/ns-slapd was killed by signal 11 
(SIGSEGV)
- Resolves: Bug 833202 transaction retries need to be cache aware
- Resolves: Bug 833218 ldapmodify returns Operations error
- Resolves: Bug 833222 memberOf attribute and plugin behaviour between 
sub-suffixes
- Resolves: Bug 834046 [RFE] Add nsTLS1 attribute to schema and 
objectclass nsEncryptionConfig
- Resolves: Bug 834047 Fine Grained Password policy: if passwordHistory 
is on, deleting the password fails.
- Resolves: Bug 834049 [RFE] Add schema for DNA plugin
- Resolves: Bug 834052 [RFE] limiting Directory Manager (nsslapd-rootdn) 
bind access by source host (e.g. 127.0.0.1)
- Resolves: Bug 834053 [RFE] Plugins - ability to control behavior of 
modifyTimestamp/modifiersName
- Resolves: Bug 834054 Should only update modifyTimestamp/modifiersName 
on MODIFY ops
- Resolves: Bug 834056 Automembership plugin fails in a MMR setup, if 
data and config area mixed in the plugin configuration
- Resolves: Bug 834057 ldap-agent crashes on start with signal SIGSEGV
- Resolves: Bug 834058 [RFE] logconv.pl : use of getopts to parse 
commandline options
- Resolves: Bug 834060 passwordMaxFailure should lockout password one 
sooner - and should be configurable to avoid regressions
- Resolves: Bug 834061 [RFE] RHDS: Implement SO_KEEPALIVE in network calls.
- Resolves: Bug 834063 [RFE] enable attribute that tracks when a 
password was last set on an entry in the LDAP store
- Resolves: Bug 834064 dnaNextValue gets incremented even if the user 
addition fails
- Resolves: Bug 834065 Adding Replication agreement should complain if 
required nsds5ReplicaCredentials not supplied
- Resolves: Bug 834074 [RFE] Disable replication agreements
- Resolves: Bug 834075 logconv.pl reporting unindexed search with 
different search base than shown in access logs
- Resolves: Bug 835238 Account Usability Control Not Working
- Resolves: Bug 836386 slapi_ldap_bind() doesn't check bind results
- Resolves: Bug 838706 referint modrdn not working if case is different
- Resolves: Bug 840153 Impossible to rename entry (modrdn) with 
Attribute Uniqueness plugin enabled
- Resolves: Bug 841600 Referential integrity plug-in does not work when 
update interval is not zero
- Resolves: Bug 842437 dna memleak reported by valgrind
- Resolves: Bug 842438 Report during startup if nsslapd-cachememsize is 
too small
- Resolves: Bug 842440 memberof performance enhancement
- Resolves: Bug 842441 "Server is unwilling to perform" when running 
ldapmodify on nsds5ReplicaStripAttrs
- Resolves: Bug 847868 [RFE] support posix schema for user and group sync
- Resolves: Bug 850683 nsds5ReplicaEnabled can be set with any invalid 
values.
- Resolves: Bug 852087 [RFE] add attribute nsslapd-readonly so we can 
reference it in acis
- Resolves: Bug 852088 server to server ssl client auth broken with 
latest openldap
- Resolves: Bug 852839 variable dn should not be used in ldbm_back_delete

-------------- next part --------------

More information about the El-errata mailing list