Issued:: 2011-12-06
Updated:: 2011-12-06

RHBA-2011:1715 - bind-dyndb-ldap bug fix update

Synopsis

bind-dyndb-ldap bug fix update

Type/Severity

Bug Fix Advisory (none)

Topic

An updated bind-dyndb-ldap package that fixes several bugs is now available for Red Hat Enterprise Linux 6.

Description

The dynamic LDAP (Lightweight Directory Access Protocol) back end is a plug-in for BIND that provides an LDAP database back-end capabilities. It features support for dynamic updates and internal caching to lift the load off of the LDAP server.

This update fixes the following bugs:

Previously, the bind-dyndb-ldap plug-in could faile to honor the selected authentication method because it did not call the ldap_bind() function on reconnection. Consequently, the plug-in connected to the LDAP server anonymously. With this update, the ldap_bind() function is executed on reconnection and the plug-in uses the correct authentication method in the described scenario. (BZ#742368)
The bind-dyndb-ldap plug-in failed to load new zones from the LDAP server runtime. This update adds the zone_refresh parameter to the plug-in which controls how often the zone check is performed. (BZ#707255)
The bind-dyndb-ldap plug-in could fail to connect to the LDAP server. This happened when the LDAP server was using localhost and FreeIPA installation was using a name different from the machine hostname. This update adds to the plug-in the ldap_hostname option, which can be used to set the correct LDAP server hostname. (BZ#745045)
The "named" process could have remained unresponsive due to a race condition in the bind-dyndb-ldap plug-in. With this update, the race condition has been resolved and the problem no longer occurs. (BZ#727856)

All users of bind-dyndb-ldap are advised to upgrade to this updated package, which fixes these bugs.

Solution

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.https://access.redhat.com/kb/docs/DOC-11259

Affected Products

Product	Version	Arch
Red Hat Enterprise Linux for Power, big endian	6	ppc64
Red Hat Enterprise Linux for IBM z Systems	6	s390x
Red Hat Enterprise Linux Workstation	6	x86_64
Red Hat Enterprise Linux Workstation	6	i386
Red Hat Enterprise Linux Server	6	x86_64
Red Hat Enterprise Linux Server	6	i386
Red Hat Enterprise Linux Server from RHUI	6	x86_64
Red Hat Enterprise Linux Server from RHUI	6	i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support	6	x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support	6	i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension	6	x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension	6	i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems)	6	s390x
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems)	6	s390x

Updated Packages

bind-dyndb-ldap-debuginfo-0.2.0-7.el6.x86_64.rpm
bind-dyndb-ldap-debuginfo-0.2.0-7.el6.ppc64.rpm
bind-dyndb-ldap-debuginfo-0.2.0-7.el6.s390x.rpm
bind-dyndb-ldap-debuginfo-0.2.0-7.el6.i686.rpm
bind-dyndb-ldap-0.2.0-7.el6.src.rpm
bind-dyndb-ldap-0.2.0-7.el6.x86_64.rpm
bind-dyndb-ldap-0.2.0-7.el6.s390x.rpm
bind-dyndb-ldap-0.2.0-7.el6.i686.rpm
bind-dyndb-ldap-0.2.0-7.el6.ppc64.rpm

Fixes

CVEs

(none)

References

(none)

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.