- Issued:
- 2011-10-31
- Updated:
- 2011-10-31
RHBA-2011:1413 - nss_ldap bug fix update
Synopsis
nss_ldap bug fix update
Type/Severity
Bug Fix Advisory
Topic
An updated nss_ldap package that fixes one bug is now available for Red Hat Enterprise Linux 5.
Description
The nss_ldap package contains the nss_ldap and pam_ldap modules. The nss_ldap module is a plug-in which allows applications to retrieve information about users and groups from a directory server. The pam_ldap module allows a directory server to be used by PAM-aware applications to verify user passwords.
This update fixes the following bug:
- Previously, a fixed size buffer to store the LDAP configuration could exceed its size. As a consequence, nss_ldap failed when it was used with certain large configurations, especially on 64-bit architectures where pointers in internal data structures occupy twice as much space in the buffer as on 32-bit architectures. This caused situations where a certain LDAP configuration worked on 32-bit architecture but not on 64-bit architecture. With this update, the size of the buffer has been increased to 64 KB, and nss_ldap now works correctly with LDAP configurations that do not exceed the size of 64 KB. (BZ#743193)
All users of nss_ldap are advised to upgrade to this updated package, which fixes this bug.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.https://access.redhat.com/kb/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- nss_ldap-253-42.el5_7.4.x86_64.rpm
- nss_ldap-253-42.el5_7.4.ppc.rpm
- nss_ldap-253-42.el5_7.4.s390x.rpm
- nss_ldap-253-42.el5_7.4.i386.rpm
- nss_ldap-253-42.el5_7.4.ppc64.rpm
- nss_ldap-253-42.el5_7.4.ia64.rpm
- nss_ldap-253-42.el5_7.4.src.rpm
- nss_ldap-253-42.el5_7.4.s390.rpm
Fixes
(none)
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.