481745 – [RHEL4] CRM 1815690 nss_ldap causing segfaults wtih large nested groups

Bug 481745 - [RHEL4] CRM 1815690 nss_ldap causing segfaults wtih large nested groups

Summary: [RHEL4] CRM 1815690 nss_ldap causing segfaults wtih large nested groups

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	nss_ldap
Sub Component:
Version:	4.6
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Nalin Dahyabhai
QA Contact:	BaseOS QE
Docs Contact:
URL:
Whiteboard:
Depends On:	444086
Blocks:
TreeView+	depends on / blocked

Reported:	2009-01-27 13:25 UTC by RHEL Program Management
Modified:	2009-02-06 11:33 UTC (History)
CC List:	6 users (show)
Fixed In Version:	253-5.el4_7.1
Doc Type:	Bug Fix
Doc Text:	* the approach used by the nss_ldap module to parse group memberships led to heap corruption and a segmentation fault when resolving group membership information for a user in a nested group (that is, if groups to which the user belonged themselves belonged to other groups). This update backports improved parsing code that allows nss_ldap to handle nested groups successfully.
Clone Of:
Environment:
Last Closed:	2009-02-06 11:33:45 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2009:0268	0	normal	SHIPPED_LIVE	nss_ldap bug fix update	2009-02-06 11:33:43 UTC

Description RHEL Program Management 2009-01-27 13:25:47 UTC

This bug has been copied from bug #444086 and has been proposed
to be backported to 4.7 z-stream (EUS).

Comment 5 Ruediger Landmann 2009-01-29 06:11:28 UTC

Release note added. If any revisions are required, please set the 
"requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly.
All revisions will be proofread by the Engineering Content Services team.

New Contents:
* the approach used by the nss_ldap module to parse group memberships led to heap corruption and a segmentation fault when resolving group membership information for a user in a nested group (that is, if groups to which the user belonged themselves belonged to other groups). This update backports improved parsing code that allows nss_ldap to handle nested groups successfully.

Comment 8 errata-xmlrpc 2009-02-06 11:33:45 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0268.html

Note You need to log in before you can comment on or make changes to this bug.