nss_ldap security and bug fix update

ID ELSA-2008-0389
Type oraclelinux
Reporter Oracle
Modified 2008-05-30T00:00:00


[253-12] - rebuild [253-11] - backport changes to group parsing from version 254 to fix heap corruption when parsing nested groups (#444031) [253-10] - remove unnecessary nss_ldap linkage to libnsl (part of #427370) [253-9] - rebuild [253-8] - incorporate Tomas Janouseks fix to prevent re-use of connections across fork() (#252337) [253-7] - add keyutils-libs-devel and libselinux-devel as a buildrequires: in order to static link with newer Kerberos (#427370) [253-6] - suppress password-expired errors encountered during referral chases during modify requests (#335661) - interpret server-supplied policy controls when chasing referrals, so that we dont give up when following a referral for a password change after reset (#335661) - dont attempt to change the password using ldap_modify if the password change mode is 'exop_send_old' (we already didnt for 'exop') (#364501) - dont drop the supplied password if the directory server indicates that the password needs to be changed because its just been reset: we may need it to chase a referral later (#335661) - correctly detect libresolv and build a URI using discovered settings, so that server discovery can work again (#254172) - honor the 'port' setting again by correctly detecting when a URI doesnt already specify one (#326351)