Medium: openldap

2017-02-14T12:00:00
ID ALAS-2017-799
Type amazon
Reporter Amazon
Modified 2017-02-14T12:00:00

Description

Issue Overview:

A flaw was found in the way OpenLDAP parsed OpenSSL-style cipher strings. As a result, OpenLDAP could potentially use ciphers that were not intended to be enabled.

Affected Packages:

openldap

Issue Correction:
Run yum update openldap to update your system.

New Packages:

i686:  
    openldap-debuginfo-2.4.40-12.30.amzn1.i686  
    openldap-clients-2.4.40-12.30.amzn1.i686  
    openldap-servers-sql-2.4.40-12.30.amzn1.i686  
    openldap-2.4.40-12.30.amzn1.i686  
    openldap-servers-2.4.40-12.30.amzn1.i686  
    openldap-devel-2.4.40-12.30.amzn1.i686

src:  
    openldap-2.4.40-12.30.amzn1.src

x86_64:  
    openldap-servers-2.4.40-12.30.amzn1.x86_64  
    openldap-servers-sql-2.4.40-12.30.amzn1.x86_64  
    openldap-clients-2.4.40-12.30.amzn1.x86_64  
    openldap-2.4.40-12.30.amzn1.x86_64  
    openldap-debuginfo-2.4.40-12.30.amzn1.x86_64  
    openldap-devel-2.4.40-12.30.amzn1.x86_64