- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Moderate: openldap security and enhancement update
Advisory ID:       RHSA-2007:1038-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:1038.html
Issue date:        2007-11-15
Updated on:        2007-11-15
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-5707 
- ---------------------------------------------------------------------1. Summary:

Updated openldap packages that fix a security flaw are now available for
Red Hat Enterprise Linux 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.

A flaw was found in the way OpenLDAP's slapd daemon handled malformed
objectClasses LDAP attributes.  An authenticated local or remote attacker
could create an LDAP request which could cause a denial of service by
crashing slapd. (CVE-2007-5707)

In addition, the following feature was added:
* OpenLDAP client tools now have new option to configure their bind timeout.

All users are advised to upgrade to these updated openldap packages, which
contain a backported patch to correct this issue and provide this security
enhancement.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

359851 - CVE-2007-5707 openldap slapd DoS via objectClasses attribute

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
d83f67fe727e11d6cf1160b024b1f9a2  openldap-2.2.13-8.el4_6.1.src.rpm

i386:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
219c613cf348abaaebc4c4f9f018ed9d  openldap-clients-2.2.13-8.el4_6.1.i386.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
7f40d96252d441fe7614a9beef25e0af  openldap-devel-2.2.13-8.el4_6.1.i386.rpm
4c19ad7c8b3adc537463852e1eba0233  openldap-servers-2.2.13-8.el4_6.1.i386.rpm
66e950a723214043bbe5b214b6bae217  openldap-servers-sql-2.2.13-8.el4_6.1.i386.rpm

ia64:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
6b8aaa38dfbca517ebc8c2eeab072225  compat-openldap-2.1.30-8.el4_6.1.ia64.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
e48a6a25b291ebe73a1e500a51d5752c  openldap-2.2.13-8.el4_6.1.ia64.rpm
42ab2e4a1af25c108f86b231af51321d  openldap-clients-2.2.13-8.el4_6.1.ia64.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
f016210f44503358b516cca1e9602042  openldap-debuginfo-2.2.13-8.el4_6.1.ia64.rpm
ebdf2edb9e264227f5877905afef97ee  openldap-devel-2.2.13-8.el4_6.1.ia64.rpm
817e4e1f9963c90506ec40817cb9a311  openldap-servers-2.2.13-8.el4_6.1.ia64.rpm
3a85b2d97f872c32929a36379b09ac65  openldap-servers-sql-2.2.13-8.el4_6.1.ia64.rpm

ppc:
15008c36556193ddd7107d59f319f706  compat-openldap-2.1.30-8.el4_6.1.ppc.rpm
0934b07a1e5daef1715a5905fb3298ff  compat-openldap-2.1.30-8.el4_6.1.ppc64.rpm
8ea26adb6a6c9c8d993f69d06e0c13b8  openldap-2.2.13-8.el4_6.1.ppc.rpm
dc6666f0c29108215a50e3042ec3f1f6  openldap-2.2.13-8.el4_6.1.ppc64.rpm
63be6242af95535f973448e04be6001c  openldap-clients-2.2.13-8.el4_6.1.ppc.rpm
7f3c6b841561748c440c9d5594ab10bb  openldap-debuginfo-2.2.13-8.el4_6.1.ppc.rpm
d70cd5cb7911fc0fef4c2ec82e450c11  openldap-debuginfo-2.2.13-8.el4_6.1.ppc64.rpm
62ed6b0c6972a93067b0ae7b5050fde1  openldap-devel-2.2.13-8.el4_6.1.ppc.rpm
addded6b3675c6fbd1fff79de7c9fd7a  openldap-servers-2.2.13-8.el4_6.1.ppc.rpm
86611366034b049e10e31120f23071ea  openldap-servers-sql-2.2.13-8.el4_6.1.ppc.rpm

s390:
d10bae9f186810046b7c1f303d2b5275  compat-openldap-2.1.30-8.el4_6.1.s390.rpm
f6a5eb8f946114440c247a61ff3d39ad  openldap-2.2.13-8.el4_6.1.s390.rpm
19cd9d96abfaf4ae90c7c5c56d1963c5  openldap-clients-2.2.13-8.el4_6.1.s390.rpm
9e2f2f3537e2a78814cdbf681e4276c3  openldap-debuginfo-2.2.13-8.el4_6.1.s390.rpm
9cf8b1ccb6fcd9d15ff6bc204f06b4dc  openldap-devel-2.2.13-8.el4_6.1.s390.rpm
f25b8d09c7d36275569c1bd00d23d220  openldap-servers-2.2.13-8.el4_6.1.s390.rpm
349d84c877e0f870fa98e9830fc67454  openldap-servers-sql-2.2.13-8.el4_6.1.s390.rpm

s390x:
d10bae9f186810046b7c1f303d2b5275  compat-openldap-2.1.30-8.el4_6.1.s390.rpm
70801a51bef304886178af6806f9dbcb  compat-openldap-2.1.30-8.el4_6.1.s390x.rpm
f6a5eb8f946114440c247a61ff3d39ad  openldap-2.2.13-8.el4_6.1.s390.rpm
c7359a128c0d74e49a063578606bdaa8  openldap-2.2.13-8.el4_6.1.s390x.rpm
f9b40d30955a1db4f70e6b2cce3ac577  openldap-clients-2.2.13-8.el4_6.1.s390x.rpm
9e2f2f3537e2a78814cdbf681e4276c3  openldap-debuginfo-2.2.13-8.el4_6.1.s390.rpm
36e98eb7d5f13afb6efe38f3f1f13bba  openldap-debuginfo-2.2.13-8.el4_6.1.s390x.rpm
c82e16b66ac226d5263d7d1b7a5f57a8  openldap-devel-2.2.13-8.el4_6.1.s390x.rpm
4b5f38cbdec79291593221a66125e45e  openldap-servers-2.2.13-8.el4_6.1.s390x.rpm
d3c79b08b668917d1156f366c320bce2  openldap-servers-sql-2.2.13-8.el4_6.1.s390x.rpm

x86_64:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
a4a32d858eb9289ca447bea8513cfe1d  compat-openldap-2.1.30-8.el4_6.1.x86_64.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
49aa0f91ab6af3df095e47f5aaafa4b0  openldap-2.2.13-8.el4_6.1.x86_64.rpm
c4dc861ca1240793966e707a8f4a7cd3  openldap-clients-2.2.13-8.el4_6.1.x86_64.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
be99b06e1dbeeec8e5259e1385a368c2  openldap-debuginfo-2.2.13-8.el4_6.1.x86_64.rpm
48d7db553ba4c337e776005170b61d80  openldap-devel-2.2.13-8.el4_6.1.x86_64.rpm
59dce9ed46d0f6661fca7c2d1141da35  openldap-servers-2.2.13-8.el4_6.1.x86_64.rpm
6e64d976439bdacd8200ac3a2197c409  openldap-servers-sql-2.2.13-8.el4_6.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
d83f67fe727e11d6cf1160b024b1f9a2  openldap-2.2.13-8.el4_6.1.src.rpm

i386:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
219c613cf348abaaebc4c4f9f018ed9d  openldap-clients-2.2.13-8.el4_6.1.i386.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
7f40d96252d441fe7614a9beef25e0af  openldap-devel-2.2.13-8.el4_6.1.i386.rpm
4c19ad7c8b3adc537463852e1eba0233  openldap-servers-2.2.13-8.el4_6.1.i386.rpm
66e950a723214043bbe5b214b6bae217  openldap-servers-sql-2.2.13-8.el4_6.1.i386.rpm

x86_64:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
a4a32d858eb9289ca447bea8513cfe1d  compat-openldap-2.1.30-8.el4_6.1.x86_64.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
49aa0f91ab6af3df095e47f5aaafa4b0  openldap-2.2.13-8.el4_6.1.x86_64.rpm
c4dc861ca1240793966e707a8f4a7cd3  openldap-clients-2.2.13-8.el4_6.1.x86_64.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
be99b06e1dbeeec8e5259e1385a368c2  openldap-debuginfo-2.2.13-8.el4_6.1.x86_64.rpm
48d7db553ba4c337e776005170b61d80  openldap-devel-2.2.13-8.el4_6.1.x86_64.rpm
59dce9ed46d0f6661fca7c2d1141da35  openldap-servers-2.2.13-8.el4_6.1.x86_64.rpm
6e64d976439bdacd8200ac3a2197c409  openldap-servers-sql-2.2.13-8.el4_6.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
d83f67fe727e11d6cf1160b024b1f9a2  openldap-2.2.13-8.el4_6.1.src.rpm

i386:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
219c613cf348abaaebc4c4f9f018ed9d  openldap-clients-2.2.13-8.el4_6.1.i386.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
7f40d96252d441fe7614a9beef25e0af  openldap-devel-2.2.13-8.el4_6.1.i386.rpm
4c19ad7c8b3adc537463852e1eba0233  openldap-servers-2.2.13-8.el4_6.1.i386.rpm
66e950a723214043bbe5b214b6bae217  openldap-servers-sql-2.2.13-8.el4_6.1.i386.rpm

ia64:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
6b8aaa38dfbca517ebc8c2eeab072225  compat-openldap-2.1.30-8.el4_6.1.ia64.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
e48a6a25b291ebe73a1e500a51d5752c  openldap-2.2.13-8.el4_6.1.ia64.rpm
42ab2e4a1af25c108f86b231af51321d  openldap-clients-2.2.13-8.el4_6.1.ia64.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
f016210f44503358b516cca1e9602042  openldap-debuginfo-2.2.13-8.el4_6.1.ia64.rpm
ebdf2edb9e264227f5877905afef97ee  openldap-devel-2.2.13-8.el4_6.1.ia64.rpm
817e4e1f9963c90506ec40817cb9a311  openldap-servers-2.2.13-8.el4_6.1.ia64.rpm
3a85b2d97f872c32929a36379b09ac65  openldap-servers-sql-2.2.13-8.el4_6.1.ia64.rpm

x86_64:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
a4a32d858eb9289ca447bea8513cfe1d  compat-openldap-2.1.30-8.el4_6.1.x86_64.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
49aa0f91ab6af3df095e47f5aaafa4b0  openldap-2.2.13-8.el4_6.1.x86_64.rpm
c4dc861ca1240793966e707a8f4a7cd3  openldap-clients-2.2.13-8.el4_6.1.x86_64.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
be99b06e1dbeeec8e5259e1385a368c2  openldap-debuginfo-2.2.13-8.el4_6.1.x86_64.rpm
48d7db553ba4c337e776005170b61d80  openldap-devel-2.2.13-8.el4_6.1.x86_64.rpm
59dce9ed46d0f6661fca7c2d1141da35  openldap-servers-2.2.13-8.el4_6.1.x86_64.rpm
6e64d976439bdacd8200ac3a2197c409  openldap-servers-sql-2.2.13-8.el4_6.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
d83f67fe727e11d6cf1160b024b1f9a2  openldap-2.2.13-8.el4_6.1.src.rpm

i386:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
219c613cf348abaaebc4c4f9f018ed9d  openldap-clients-2.2.13-8.el4_6.1.i386.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
7f40d96252d441fe7614a9beef25e0af  openldap-devel-2.2.13-8.el4_6.1.i386.rpm
4c19ad7c8b3adc537463852e1eba0233  openldap-servers-2.2.13-8.el4_6.1.i386.rpm
66e950a723214043bbe5b214b6bae217  openldap-servers-sql-2.2.13-8.el4_6.1.i386.rpm

ia64:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
6b8aaa38dfbca517ebc8c2eeab072225  compat-openldap-2.1.30-8.el4_6.1.ia64.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
e48a6a25b291ebe73a1e500a51d5752c  openldap-2.2.13-8.el4_6.1.ia64.rpm
42ab2e4a1af25c108f86b231af51321d  openldap-clients-2.2.13-8.el4_6.1.ia64.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
f016210f44503358b516cca1e9602042  openldap-debuginfo-2.2.13-8.el4_6.1.ia64.rpm
ebdf2edb9e264227f5877905afef97ee  openldap-devel-2.2.13-8.el4_6.1.ia64.rpm
817e4e1f9963c90506ec40817cb9a311  openldap-servers-2.2.13-8.el4_6.1.ia64.rpm
3a85b2d97f872c32929a36379b09ac65  openldap-servers-sql-2.2.13-8.el4_6.1.ia64.rpm

x86_64:
b2c433fe08be943cb34d7ae75d29f022  compat-openldap-2.1.30-8.el4_6.1.i386.rpm
a4a32d858eb9289ca447bea8513cfe1d  compat-openldap-2.1.30-8.el4_6.1.x86_64.rpm
6ddb8c954ba2f85aa11850541d09f2f1  openldap-2.2.13-8.el4_6.1.i386.rpm
49aa0f91ab6af3df095e47f5aaafa4b0  openldap-2.2.13-8.el4_6.1.x86_64.rpm
c4dc861ca1240793966e707a8f4a7cd3  openldap-clients-2.2.13-8.el4_6.1.x86_64.rpm
3a5d6b07337958bdfdf7528abcd0ffb2  openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm
be99b06e1dbeeec8e5259e1385a368c2  openldap-debuginfo-2.2.13-8.el4_6.1.x86_64.rpm
48d7db553ba4c337e776005170b61d80  openldap-devel-2.2.13-8.el4_6.1.x86_64.rpm
59dce9ed46d0f6661fca7c2d1141da35  openldap-servers-2.2.13-8.el4_6.1.x86_64.rpm
6e64d976439bdacd8200ac3a2197c409  openldap-servers-sql-2.2.13-8.el4_6.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

RedHat: Moderate: openldap security and enhancement

Updated openldap packages that fix a security flaw are now available for Red Hat Enterprise Linux 4

Summary



Summary

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. A flaw was found in the way OpenLDAP's slapd daemon handled malformed objectClasses LDAP attributes. An authenticated local or remote attacker could create an LDAP request which could cause a denial of service by crashing slapd. (CVE-2007-5707) In addition, the following feature was added: * OpenLDAP client tools now have new option to configure their bind timeout. All users are advised to upgrade to these updated openldap packages, which contain a backported patch to correct this issue and provide this security enhancement.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at
5. Bug IDs fixed (http://bugzilla.redhat.com/):
359851 - CVE-2007-5707 openldap slapd DoS via objectClasses attribute
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS: d83f67fe727e11d6cf1160b024b1f9a2 openldap-2.2.13-8.el4_6.1.src.rpm
i386: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm 219c613cf348abaaebc4c4f9f018ed9d openldap-clients-2.2.13-8.el4_6.1.i386.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm 7f40d96252d441fe7614a9beef25e0af openldap-devel-2.2.13-8.el4_6.1.i386.rpm 4c19ad7c8b3adc537463852e1eba0233 openldap-servers-2.2.13-8.el4_6.1.i386.rpm 66e950a723214043bbe5b214b6bae217 openldap-servers-sql-2.2.13-8.el4_6.1.i386.rpm
ia64: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm 6b8aaa38dfbca517ebc8c2eeab072225 compat-openldap-2.1.30-8.el4_6.1.ia64.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm e48a6a25b291ebe73a1e500a51d5752c openldap-2.2.13-8.el4_6.1.ia64.rpm 42ab2e4a1af25c108f86b231af51321d openldap-clients-2.2.13-8.el4_6.1.ia64.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm f016210f44503358b516cca1e9602042 openldap-debuginfo-2.2.13-8.el4_6.1.ia64.rpm ebdf2edb9e264227f5877905afef97ee openldap-devel-2.2.13-8.el4_6.1.ia64.rpm 817e4e1f9963c90506ec40817cb9a311 openldap-servers-2.2.13-8.el4_6.1.ia64.rpm 3a85b2d97f872c32929a36379b09ac65 openldap-servers-sql-2.2.13-8.el4_6.1.ia64.rpm
ppc: 15008c36556193ddd7107d59f319f706 compat-openldap-2.1.30-8.el4_6.1.ppc.rpm 0934b07a1e5daef1715a5905fb3298ff compat-openldap-2.1.30-8.el4_6.1.ppc64.rpm 8ea26adb6a6c9c8d993f69d06e0c13b8 openldap-2.2.13-8.el4_6.1.ppc.rpm dc6666f0c29108215a50e3042ec3f1f6 openldap-2.2.13-8.el4_6.1.ppc64.rpm 63be6242af95535f973448e04be6001c openldap-clients-2.2.13-8.el4_6.1.ppc.rpm 7f3c6b841561748c440c9d5594ab10bb openldap-debuginfo-2.2.13-8.el4_6.1.ppc.rpm d70cd5cb7911fc0fef4c2ec82e450c11 openldap-debuginfo-2.2.13-8.el4_6.1.ppc64.rpm 62ed6b0c6972a93067b0ae7b5050fde1 openldap-devel-2.2.13-8.el4_6.1.ppc.rpm addded6b3675c6fbd1fff79de7c9fd7a openldap-servers-2.2.13-8.el4_6.1.ppc.rpm 86611366034b049e10e31120f23071ea openldap-servers-sql-2.2.13-8.el4_6.1.ppc.rpm
s390: d10bae9f186810046b7c1f303d2b5275 compat-openldap-2.1.30-8.el4_6.1.s390.rpm f6a5eb8f946114440c247a61ff3d39ad openldap-2.2.13-8.el4_6.1.s390.rpm 19cd9d96abfaf4ae90c7c5c56d1963c5 openldap-clients-2.2.13-8.el4_6.1.s390.rpm 9e2f2f3537e2a78814cdbf681e4276c3 openldap-debuginfo-2.2.13-8.el4_6.1.s390.rpm 9cf8b1ccb6fcd9d15ff6bc204f06b4dc openldap-devel-2.2.13-8.el4_6.1.s390.rpm f25b8d09c7d36275569c1bd00d23d220 openldap-servers-2.2.13-8.el4_6.1.s390.rpm 349d84c877e0f870fa98e9830fc67454 openldap-servers-sql-2.2.13-8.el4_6.1.s390.rpm
s390x: d10bae9f186810046b7c1f303d2b5275 compat-openldap-2.1.30-8.el4_6.1.s390.rpm 70801a51bef304886178af6806f9dbcb compat-openldap-2.1.30-8.el4_6.1.s390x.rpm f6a5eb8f946114440c247a61ff3d39ad openldap-2.2.13-8.el4_6.1.s390.rpm c7359a128c0d74e49a063578606bdaa8 openldap-2.2.13-8.el4_6.1.s390x.rpm f9b40d30955a1db4f70e6b2cce3ac577 openldap-clients-2.2.13-8.el4_6.1.s390x.rpm 9e2f2f3537e2a78814cdbf681e4276c3 openldap-debuginfo-2.2.13-8.el4_6.1.s390.rpm 36e98eb7d5f13afb6efe38f3f1f13bba openldap-debuginfo-2.2.13-8.el4_6.1.s390x.rpm c82e16b66ac226d5263d7d1b7a5f57a8 openldap-devel-2.2.13-8.el4_6.1.s390x.rpm 4b5f38cbdec79291593221a66125e45e openldap-servers-2.2.13-8.el4_6.1.s390x.rpm d3c79b08b668917d1156f366c320bce2 openldap-servers-sql-2.2.13-8.el4_6.1.s390x.rpm
x86_64: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm a4a32d858eb9289ca447bea8513cfe1d compat-openldap-2.1.30-8.el4_6.1.x86_64.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm 49aa0f91ab6af3df095e47f5aaafa4b0 openldap-2.2.13-8.el4_6.1.x86_64.rpm c4dc861ca1240793966e707a8f4a7cd3 openldap-clients-2.2.13-8.el4_6.1.x86_64.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm be99b06e1dbeeec8e5259e1385a368c2 openldap-debuginfo-2.2.13-8.el4_6.1.x86_64.rpm 48d7db553ba4c337e776005170b61d80 openldap-devel-2.2.13-8.el4_6.1.x86_64.rpm 59dce9ed46d0f6661fca7c2d1141da35 openldap-servers-2.2.13-8.el4_6.1.x86_64.rpm 6e64d976439bdacd8200ac3a2197c409 openldap-servers-sql-2.2.13-8.el4_6.1.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS: d83f67fe727e11d6cf1160b024b1f9a2 openldap-2.2.13-8.el4_6.1.src.rpm
i386: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm 219c613cf348abaaebc4c4f9f018ed9d openldap-clients-2.2.13-8.el4_6.1.i386.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm 7f40d96252d441fe7614a9beef25e0af openldap-devel-2.2.13-8.el4_6.1.i386.rpm 4c19ad7c8b3adc537463852e1eba0233 openldap-servers-2.2.13-8.el4_6.1.i386.rpm 66e950a723214043bbe5b214b6bae217 openldap-servers-sql-2.2.13-8.el4_6.1.i386.rpm
x86_64: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm a4a32d858eb9289ca447bea8513cfe1d compat-openldap-2.1.30-8.el4_6.1.x86_64.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm 49aa0f91ab6af3df095e47f5aaafa4b0 openldap-2.2.13-8.el4_6.1.x86_64.rpm c4dc861ca1240793966e707a8f4a7cd3 openldap-clients-2.2.13-8.el4_6.1.x86_64.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm be99b06e1dbeeec8e5259e1385a368c2 openldap-debuginfo-2.2.13-8.el4_6.1.x86_64.rpm 48d7db553ba4c337e776005170b61d80 openldap-devel-2.2.13-8.el4_6.1.x86_64.rpm 59dce9ed46d0f6661fca7c2d1141da35 openldap-servers-2.2.13-8.el4_6.1.x86_64.rpm 6e64d976439bdacd8200ac3a2197c409 openldap-servers-sql-2.2.13-8.el4_6.1.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS: d83f67fe727e11d6cf1160b024b1f9a2 openldap-2.2.13-8.el4_6.1.src.rpm
i386: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm 219c613cf348abaaebc4c4f9f018ed9d openldap-clients-2.2.13-8.el4_6.1.i386.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm 7f40d96252d441fe7614a9beef25e0af openldap-devel-2.2.13-8.el4_6.1.i386.rpm 4c19ad7c8b3adc537463852e1eba0233 openldap-servers-2.2.13-8.el4_6.1.i386.rpm 66e950a723214043bbe5b214b6bae217 openldap-servers-sql-2.2.13-8.el4_6.1.i386.rpm
ia64: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm 6b8aaa38dfbca517ebc8c2eeab072225 compat-openldap-2.1.30-8.el4_6.1.ia64.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm e48a6a25b291ebe73a1e500a51d5752c openldap-2.2.13-8.el4_6.1.ia64.rpm 42ab2e4a1af25c108f86b231af51321d openldap-clients-2.2.13-8.el4_6.1.ia64.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm f016210f44503358b516cca1e9602042 openldap-debuginfo-2.2.13-8.el4_6.1.ia64.rpm ebdf2edb9e264227f5877905afef97ee openldap-devel-2.2.13-8.el4_6.1.ia64.rpm 817e4e1f9963c90506ec40817cb9a311 openldap-servers-2.2.13-8.el4_6.1.ia64.rpm 3a85b2d97f872c32929a36379b09ac65 openldap-servers-sql-2.2.13-8.el4_6.1.ia64.rpm
x86_64: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm a4a32d858eb9289ca447bea8513cfe1d compat-openldap-2.1.30-8.el4_6.1.x86_64.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm 49aa0f91ab6af3df095e47f5aaafa4b0 openldap-2.2.13-8.el4_6.1.x86_64.rpm c4dc861ca1240793966e707a8f4a7cd3 openldap-clients-2.2.13-8.el4_6.1.x86_64.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm be99b06e1dbeeec8e5259e1385a368c2 openldap-debuginfo-2.2.13-8.el4_6.1.x86_64.rpm 48d7db553ba4c337e776005170b61d80 openldap-devel-2.2.13-8.el4_6.1.x86_64.rpm 59dce9ed46d0f6661fca7c2d1141da35 openldap-servers-2.2.13-8.el4_6.1.x86_64.rpm 6e64d976439bdacd8200ac3a2197c409 openldap-servers-sql-2.2.13-8.el4_6.1.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS: d83f67fe727e11d6cf1160b024b1f9a2 openldap-2.2.13-8.el4_6.1.src.rpm
i386: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm 219c613cf348abaaebc4c4f9f018ed9d openldap-clients-2.2.13-8.el4_6.1.i386.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm 7f40d96252d441fe7614a9beef25e0af openldap-devel-2.2.13-8.el4_6.1.i386.rpm 4c19ad7c8b3adc537463852e1eba0233 openldap-servers-2.2.13-8.el4_6.1.i386.rpm 66e950a723214043bbe5b214b6bae217 openldap-servers-sql-2.2.13-8.el4_6.1.i386.rpm
ia64: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm 6b8aaa38dfbca517ebc8c2eeab072225 compat-openldap-2.1.30-8.el4_6.1.ia64.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm e48a6a25b291ebe73a1e500a51d5752c openldap-2.2.13-8.el4_6.1.ia64.rpm 42ab2e4a1af25c108f86b231af51321d openldap-clients-2.2.13-8.el4_6.1.ia64.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm f016210f44503358b516cca1e9602042 openldap-debuginfo-2.2.13-8.el4_6.1.ia64.rpm ebdf2edb9e264227f5877905afef97ee openldap-devel-2.2.13-8.el4_6.1.ia64.rpm 817e4e1f9963c90506ec40817cb9a311 openldap-servers-2.2.13-8.el4_6.1.ia64.rpm 3a85b2d97f872c32929a36379b09ac65 openldap-servers-sql-2.2.13-8.el4_6.1.ia64.rpm
x86_64: b2c433fe08be943cb34d7ae75d29f022 compat-openldap-2.1.30-8.el4_6.1.i386.rpm a4a32d858eb9289ca447bea8513cfe1d compat-openldap-2.1.30-8.el4_6.1.x86_64.rpm 6ddb8c954ba2f85aa11850541d09f2f1 openldap-2.2.13-8.el4_6.1.i386.rpm 49aa0f91ab6af3df095e47f5aaafa4b0 openldap-2.2.13-8.el4_6.1.x86_64.rpm c4dc861ca1240793966e707a8f4a7cd3 openldap-clients-2.2.13-8.el4_6.1.x86_64.rpm 3a5d6b07337958bdfdf7528abcd0ffb2 openldap-debuginfo-2.2.13-8.el4_6.1.i386.rpm be99b06e1dbeeec8e5259e1385a368c2 openldap-debuginfo-2.2.13-8.el4_6.1.x86_64.rpm 48d7db553ba4c337e776005170b61d80 openldap-devel-2.2.13-8.el4_6.1.x86_64.rpm 59dce9ed46d0f6661fca7c2d1141da35 openldap-servers-2.2.13-8.el4_6.1.x86_64.rpm 6e64d976439bdacd8200ac3a2197c409 openldap-servers-sql-2.2.13-8.el4_6.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707 http://www.redhat.com/security/updates/classification/#moderate

Package List


Severity
Advisory ID: RHSA-2007:1038-01
Advisory URL: https://access.redhat.com/errata/RHSA-2007:1038.html
Issued Date: : 2007-11-15
Updated on: 2007-11-15
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-5707 Updated openldap packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64


Bugs Fixed


Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved