Trustix Security Advisory - bind, openldap | Linux Today
Security
SHARE
Facebook X Pinterest WhatsApp

Trustix Security Advisory – bind, openldap

Written By
Web Webster
Web Webster
Jan 29, 2001

Date: Mon, 29 Jan 2001 15:12:23 +0100
From: Trustix Secure Linux Team tsl@TRUSTIX.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Trustix Security Advisory – bind, openldap

Hi

Trustix today released security updates for the following
packages:

bind:
Trustix specific: no
Distribution versions: All
A remote hole in bind allows for the environment of the server
process to be leaked to an attacker.

openldap:
Trustix specific: yes
Distribution versions: 1.2 from jan. 19. 2000
A silly bug in the rpm spec file for openldap makes the server run
by default, which violates Trustix’ standard of no running services
by default. Note that there are no known remote security holes in
openldap as shipped by Trustix.

People who have this version of openldap installed on their
systems without intentions of using it should run this set of
commands:
# chkconfig ldap off
# service ldap stop

MD5sums:
1.2:
1ff0878fb7b01f51c23607c1a06b28e5 bind-8.2.3-1tr.i586.rpm
048b5aae3b80be0e9a844726292471ef bind-devel-8.2.3-1tr.i586.rpm
9794142fc249de3946ed38202b53e5f1 bind-utils-8.2.3-1tr.i586.rpm

1.1:
2773155e1e5d634a629c003f3d9991cf bind-8.2.3-1tr.i586.rpm
5e7aa542e892540626ff7f0d424dc8fe bind-devel-8.2.3-1tr.i586.rpm
fcaff512f1486ad16241da80f9ff1e0a bind-utils-8.2.3-1tr.i586.rpm

1.0:
Use the 1.1 packages.

Packages can be downloaded from:
ftp://ftp.trustix.net/pub/Trustix/updates/

http://www.trustix.net/pub/Trustix/updates/

Or from one of our mirrors:
http://www.trustix.net/mirrors.php3

1.2 users who have installed the optional SWUP-package (from
ftp://ftp.trustix.com/pub/Trustix/software/swup/) can use
ftp://ftp.trustix.com/pub/Trustix/software/swup/)
can use ‘swup –upgrade’ to automatically download and install the
new packages.

For a full update history of the 1.2 release, see:
ftp://ftp.trustix.com/pub/Trustix/updates/1.2/ChangeLog

Trustix Security Team
Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

facebook
linkedin
x

Company

Contact us

Categories

News IT Management Infrastructure Developer Security High Performance Storage Blog

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information