dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Conectiva Linux Security Announcement: OpenLDAP

Jul 26, 2000, 20:09 (0 Talkback[s])

Date: Wed, 26 Jul 2000 14:47:45 -0300
From: Security secure@CONECTIVA.COM.BR
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: CONECTIVA LINUX SECURITY ANNOUNCEMENT - OPENLDAP


CONECTIVA LINUX SECURITY ANNOUNCEMENT


PACKAGE : openldap
SUMMARY : logrotate script kills klogd
DATE    : 2000-07-26
AFFECTED CONECTIVA VERSIONS : 4.1, 4.2 and 5.0
DESCRIPTION
Our previous update introduced a logrotate script for the ldap logs. This script incorrectly signals the klogd daemon and kills it. This new update also upgrades the openldap package to version 1.2.11 which fixes some bugs in the 1.2.10 release.

SOLUTION
Users should upgrade to the new packages or at least remove the reference to klogd in /etc/logrotate.d/openldap. After upgrading, users should restart the slapd daemon so that the new version will be used. As root, issue the following command:

/etc/rc.d/init.d/ldap restart

Users who did not upgrade but only fixed the logrotate script do not need to restart the server.

DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/i386/openldap-1.2.11-5cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/i386/openldap-devel-1.2.11-5cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/i386/openldap-1.2.11-5cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/i386/openldap-devel-1.2.11-5cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/openldap-1.2.11-5cl.i386.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/openldap-devel-1.2.11-5cl.i386.rpm

DIRECT LINK TO THE SOURCE PACKAGES
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/SRPMS/openldap-1.2.11-5cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/SRPMS/openldap-1.2.11-5cl.src.rpm
ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/openldap-1.2.11-5cl.src.rpm


All packages are signed with Conectiva's PGP key. The key can be obtained at
http://www.conectiva.com.br/conectiva/contato.html


subscribe: atualizacoes-anuncio-subscribe@bazar.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribe@bazar.conectiva.com.br