Bug 1588549 - MongoDB Affected by Indirect Linking of Non-Thread-Safe LDAP Library
Summary: MongoDB Affected by Indirect Linking of Non-Thread-Safe LDAP Library
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: openldap
Version: 7.5
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Matus Honek
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-06-07 14:14 UTC by aheverle
Modified: 2018-11-07 09:35 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-11-07 09:35:42 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1626077 1 None None None 2021-12-07 22:37:58 UTC

Internal Links: 1626077

Description aheverle 2018-06-07 14:14:28 UTC 
MongDB asked us to open this bug.

####################
I wanted to open a ticket on your end related to this bug affecting our joint customers:
https://jira.mongodb.org/browse/SERVER-33852

It seems to be another high level symptom of an existing bug previously reported against Fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=1370065

I'm hoping that it's possible to employ a similar fix/workaround to what other vendors have done -- e.g. in Debian->Ubuntu: http://www.openldap.org/lists/openldap-technical/201608/msg00094.html -- by effectively just always using the thread safe version of the openldap library.

The resulting SEGFAULTs happen periodically for all MongoDB Enterprise users on RHEL 6 or 7 that are using the LDAP plugin for auth.
####################
Note You need to log in before you can comment on or make changes to this bug.