- Issued:
- 2011-09-29
- Updated:
- 2011-09-29
RHEA-2011:1345 - openldap bug fix and enhancement update
Synopsis
openldap bug fix and enhancement update
Type/Severity
Product Enhancement Advisory
Topic
Updated openldap packages that fix several bugs and add an enhancement are now available for Red Hat Enterprise Linux 5.
Description
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. The openldap packages contain configuration files, libraries, and documentation for OpenLDAP.
These updated openldap packages provide fixes for the following bugs:
-
Prior to this update, some parts of OpenLDAP were impossible to debug due to incomplete debug data. The problem was caused by stripping debug data of some modules at an early stage of the package build process. This update disables the stripping and the openldap-debuginfo package is generated correctly. (BZ#734144)
-
The openldap package compilation log contained information about breaking strict-aliasing rules. The presence of these warnings may have led into unexpected runtime behavior. The "-fno-strict-aliasing" option is now passed to a compiler to avoid optimizations that can produce invalid code. The change might contribute to stability and reliability of OpenLDAP. (BZ#734145)
In addition, these updated openldap packages provide the following enhancement:
- In a distributed environment, a Root DN (distinguished name) can be specified instead of a hostname to connect to an OpenLDAP server. The Root DN is used to look up the corresponding hosts using the DNS SRV (Domain Name Server Service) records. Prior to this update, the priority and weight of individual SRV records were ignored and the connection was created to the host in the first SRV record returned by the DNS server. As a consequence, a server in a different geographic location may have been queried, leading to high response times. Servers are now queried according to their priority and weight, which conforms to the RFC 2782 standard. (BZ#733659)
Users are advised to upgrade to these updated openldap packages, which resolve these bugs and add this enhancement.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.https://access.redhat.com/kb/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- openldap-2.3.43-12.el5_7.9.s390x.rpm
- compat-openldap-2.3.43_2.2.29-12.el5_7.9.s390.rpm
- openldap-devel-2.3.43-12.el5_7.9.i386.rpm
- openldap-clients-2.3.43-12.el5_7.9.ia64.rpm
- openldap-2.3.43-12.el5_7.9.src.rpm
- compat-openldap-2.3.43_2.2.29-12.el5_7.9.i386.rpm
- openldap-devel-2.3.43-12.el5_7.9.s390x.rpm
- compat-openldap-2.3.43_2.2.29-12.el5_7.9.ppc.rpm
- compat-openldap-2.3.43_2.2.29-12.el5_7.9.ppc64.rpm
- openldap-2.3.43-12.el5_7.9.ia64.rpm
- openldap-servers-overlays-2.3.43-12.el5_7.9.s390x.rpm
- openldap-clients-2.3.43-12.el5_7.9.ppc.rpm
- compat-openldap-2.3.43_2.2.29-12.el5_7.9.s390x.rpm
- openldap-servers-2.3.43-12.el5_7.9.s390x.rpm
- openldap-servers-overlays-2.3.43-12.el5_7.9.i386.rpm
- openldap-servers-sql-2.3.43-12.el5_7.9.ia64.rpm
- openldap-servers-2.3.43-12.el5_7.9.ppc.rpm
- openldap-clients-2.3.43-12.el5_7.9.i386.rpm
- openldap-devel-2.3.43-12.el5_7.9.ppc.rpm
- openldap-2.3.43-12.el5_7.9.ppc.rpm
- openldap-devel-2.3.43-12.el5_7.9.s390.rpm
- openldap-clients-2.3.43-12.el5_7.9.x86_64.rpm
- openldap-servers-sql-2.3.43-12.el5_7.9.i386.rpm
- openldap-servers-2.3.43-12.el5_7.9.x86_64.rpm
- compat-openldap-2.3.43_2.2.29-12.el5_7.9.ia64.rpm
- openldap-2.3.43-12.el5_7.9.i386.rpm
- openldap-2.3.43-12.el5_7.9.x86_64.rpm
- openldap-clients-2.3.43-12.el5_7.9.s390x.rpm
- openldap-servers-sql-2.3.43-12.el5_7.9.ppc.rpm
- openldap-servers-overlays-2.3.43-12.el5_7.9.x86_64.rpm
- openldap-devel-2.3.43-12.el5_7.9.ia64.rpm
- openldap-2.3.43-12.el5_7.9.s390.rpm
- openldap-devel-2.3.43-12.el5_7.9.x86_64.rpm
- openldap-devel-2.3.43-12.el5_7.9.ppc64.rpm
- openldap-2.3.43-12.el5_7.9.ppc64.rpm
- openldap-servers-2.3.43-12.el5_7.9.i386.rpm
- openldap-servers-sql-2.3.43-12.el5_7.9.x86_64.rpm
- openldap-servers-overlays-2.3.43-12.el5_7.9.ia64.rpm
- compat-openldap-2.3.43_2.2.29-12.el5_7.9.x86_64.rpm
- openldap-servers-2.3.43-12.el5_7.9.ia64.rpm
- openldap-servers-overlays-2.3.43-12.el5_7.9.ppc.rpm
- openldap-servers-sql-2.3.43-12.el5_7.9.s390x.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.