---

Mandrake security update: openldap

[ Thanks to Gael
Duval
for this link. ]

OpenLDAP follows symbolic links when creating files. The default
location for these files is /usr/tmp, which is a symlink to /tmp,
which in turn is a world-writable directory. Local users can
destroy the contents of any file on any mounted filesystem. This
security issue affects Linux-Mandrake 7.0 only. Please upgrade
to:

e15137088145d315952586f1ad6330ef
openldap-1.2.9-5mdk.i586.rpm
0807d4c34bf6cec47fede3cf7c2572c5
openldap-1.2.9-5mdk.src.rpm

This bug doesn’t affect older versions of Linux-Mandrake.