Oval Definition:	oval:com.redhat.rhsa:def:20120899
Revision Date: 2012-06-20 Version: 638 Title: RHSA-2012:0899: openldap security and bug fix update (Low) Description: OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. A denial of service flaw was found in the way the OpenLDAP server daemon (slapd) processed certain search queries requesting only attributes and no values. In certain configurations, a remote attacker could issue a specially-crafted LDAP search query that, when processed by slapd, would cause slapd to crash due to an assertion failure. (CVE-2012-1164) These updated openldap packages include numerous bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes. Users of OpenLDAP are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the OpenLDAP daemons will be restarted automatically. Family: unix Class: patch Status: Reference(s): CVE-2012-1164 CVE-2012-1164 RHSA-2012:0899 RHSA-2012:0899-04 RHSA-2012:0899-04 Platform(s): Red Hat Enterprise Linux 6 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 6 is installed AND openldap is earlier than 0:2.4.23-26.el6 AND openldap is signed with Red Hat redhatrelease2 key openldap-clients is earlier than 0:2.4.23-26.el6 AND openldap-clients is signed with Red Hat redhatrelease2 key openldap-devel is earlier than 0:2.4.23-26.el6 AND openldap-devel is signed with Red Hat redhatrelease2 key openldap-servers is earlier than 0:2.4.23-26.el6 AND openldap-servers is signed with Red Hat redhatrelease2 key openldap-servers-sql is earlier than 0:2.4.23-26.el6 AND openldap-servers-sql is signed with Red Hat redhatrelease2 key
BACK