OVAL Reference oval:org.mitre.oval:def:23471

Oval Definition:

oval:org.mitre.oval:def:23471

Revision Date:	2014-05-26	Version:	13
Title:	ELSA-2012:1151: openldap security and bug fix update (Low)
Description:	libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2012-2668 ELSA-2012:1151-01
Platform(s):	Oracle Linux 6	Product(s):	openldap
Definition Synopsis
Oracle Linux 6.x AND rpm test openldap-servers is earlier than 0:2.4.23-26.el6_3.2 OR openldap is earlier than 0:2.4.23-26.el6_3.2 OR openldap-clients is earlier than 0:2.4.23-26.el6_3.2 OR openldap-devel is earlier than 0:2.4.23-26.el6_3.2 OR openldap-servers-sql is earlier than 0:2.4.23-26.el6_3.2