Red Hat Bugzilla – Full Text Bug Listing
|Summary:||Update nss-pam-ldapd to 0.7.4 or later|
|Product:||Red Hat Enterprise Linux 6||Reporter:||Nalin Dahyabhai <nalin>|
|Component:||nss-pam-ldapd||Assignee:||Nalin Dahyabhai <nalin>|
|Status:||CLOSED CURRENTRELEASE||QA Contact:||Ondrej Moriš <omoris>|
|Fixed In Version:||nss-pam-ldapd-0.7.4-1||Doc Type:||Rebase: Bug Fixes and Enhancements|
|Doc Text:||Story Points:||---|
|Last Closed:||2010-11-11 09:51:49 EST||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Nalin Dahyabhai 2010-05-14 14:05:13 EDT
Description of problem: 0.7.3 contains a buffer overflow bug which is not expected to be exploitable, but 0.7.4 also adds an nss_initgroups_ignoreusers option, which would be useful in situations where there's no caching being done (per #587306).
Comment 1 RHEL Product and Program Management 2010-05-14 14:15:29 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux major release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Major release. This request is not yet committed for inclusion.
Comment 2 Nalin Dahyabhai 2010-05-14 14:22:08 EDT
I don't think we do anything with the reconnect_sleeptime and reconnect_maxsleeptime settings, but the reconnect_maxsleeptime is also renamed to reconnect_retrytime in 0.7.4. The other user-visible changes should be in the accompanying PAM module, which we don't package (at least, not yet).
Comment 8 firstname.lastname@example.org 2010-11-11 09:51:49 EST
Red Hat Enterprise Linux 6.0 is now available and should resolve the problem described in this bug report. This report is therefore being closed with a resolution of CURRENTRELEASE. You may reopen this bug report if the solution does not work for you.