Issued:
2013-11-20
Updated:
2013-11-20

RHBA-2013:1636 - bind-dyndb-ldap bug fix update

Synopsis

bind-dyndb-ldap bug fix update

Type/Severity

Bug Fix Advisory (none)

Topic

Updated bind-dyndb-ldap packages that fix several bugs are now available for Red Hat Enterprise Linux 6.

Description

The dynamic LDAP back-end is a plug-in for BIND that provides back-end capabilities to LDAP databases. It features support for dynamic updates and internal caching that helps to reduce the load on LDAP servers.

This update fixes the following bugs:

  • Previously, the bind-dyndb-ldap plug-in did not handle DNS zones without the "idnsUpdatePolicy" attribute properly, which led to a harmless, but misleading error message:

    zone serial ([zone serial]) unchanged. zone may fail to transfer to slaves.

This message was logged after each zone reload or potentially after each change in the affected DNS zone. The bind-dyndb-ldap plug-in has been fixed, so that it no longer prints any error message if the "idnsUpdatePolicy" attribute is not defined in the DNS zone. (BZ#908780)

  • Previously, the bind-dyndb-ldap plug-in processed update policies with the "zonesub" match-type incorrectly, which led to the BIND daemon terminating unexpectedly during the processing of the update-policy parameter. The bind-dyndb-ldap plug-in has been fixed to process update-policy with the "zonesub" match-type correctly, and so it no longer crashes in this scenario. (BZ#921167)

  • The bind-dyndb-ldap plug-in processed settings too early, which led to the BIND daemon terminating unexpectedly with an assertion failure during startup or reload. The bind-dyndb-ldap plug-in has been fixed to process its options later, and so no longer crashes during startup or reload. (BZ#923113)

  • Prior to this update, the bind-dyndb-ldap plug-in with the default configuration did not establish enough connections to LDAP server for the pointer record (PTR) synchronization feature and, consequently, the PTR record synchronization failed. With this update, the default number of connections has been raised to four, and the PTR record synchronization now works as expected. (BZ#1010396)

Users of bind-dyndb-ldap are advised to upgrade to these updated packages, which fix these bugs.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258

Affected Products

ProductVersionArch
Red Hat Enterprise Linux for Power, big endian6ppc64
Red Hat Enterprise Linux for IBM z Systems6s390x
Red Hat Enterprise Linux Workstation6x86_64
Red Hat Enterprise Linux Workstation6i386
Red Hat Enterprise Linux Server6x86_64
Red Hat Enterprise Linux Server6i386
Red Hat Enterprise Linux Server from RHUI6x86_64
Red Hat Enterprise Linux Server from RHUI6i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support6x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support6i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension6x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension6i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems)6s390x
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems)6s390x

Updated Packages

  • bind-dyndb-ldap-debuginfo-2.3-5.el6.s390x.rpm
  • bind-dyndb-ldap-2.3-5.el6.i686.rpm
  • bind-dyndb-ldap-debuginfo-2.3-5.el6.i686.rpm
  • bind-dyndb-ldap-debuginfo-2.3-5.el6.ppc64.rpm
  • bind-dyndb-ldap-2.3-5.el6.src.rpm
  • bind-dyndb-ldap-debuginfo-2.3-5.el6.x86_64.rpm
  • bind-dyndb-ldap-2.3-5.el6.x86_64.rpm
  • bind-dyndb-ldap-2.3-5.el6.s390x.rpm
  • bind-dyndb-ldap-2.3-5.el6.ppc64.rpm

Fixes

CVEs

(none)

References

(none)

Additional information