Bug 592385

Summary: Update nss-pam-ldapd to 0.7.4 or later
Product: Red Hat Enterprise Linux 6 Reporter: Nalin Dahyabhai <nalin>
Component: nss-pam-ldapdAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED CURRENTRELEASE QA Contact: Ondrej Moriš <omoris>
Severity: medium Docs Contact:
Priority: low    
Version: 6.0CC: dpal, syeghiay
Target Milestone: rcKeywords: Rebase
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: nss-pam-ldapd-0.7.4-1 Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-11-11 09:51:49 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Nalin Dahyabhai 2010-05-14 14:05:13 EDT
Description of problem:
0.7.3 contains a buffer overflow bug which is not expected to be exploitable, but 0.7.4 also adds an nss_initgroups_ignoreusers option, which would be useful in situations where there's no caching being done (per #587306).
Comment 1 RHEL Product and Program Management 2010-05-14 14:15:29 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
Comment 2 Nalin Dahyabhai 2010-05-14 14:22:08 EDT
I don't think we do anything with the reconnect_sleeptime and reconnect_maxsleeptime settings, but the reconnect_maxsleeptime is also renamed to reconnect_retrytime in 0.7.4.  The other user-visible changes should be in the accompanying PAM module, which we don't package (at least, not yet).
Comment 8 releng-rhel@redhat.com 2010-11-11 09:51:49 EST
Red Hat Enterprise Linux 6.0 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.