(RHSA-2007:1037) Important: openldap security and enhancement update

2007-11-08T05:00:00
ID RHSA-2007:1037
Type redhat
Reporter RedHat
Modified 2017-09-08T12:09:58

Description

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools.

A flaw was found in the way OpenLDAP's slapd daemon handled malformed objectClasses LDAP attributes. A local or remote attacker could create an LDAP request which could cause a denial of service by crashing slapd. (CVE-2007-5707)

In addition, the following feature was added: * OpenLDAP client tools now have new option to configure their bind timeout.

All users are advised to upgrade to these updated openldap packages, which contain a backported patch to correct this issue and provide this security enhancement.