Date: Mon, 11 Feb 2008 23:28:57 -0900
From: Foresight Linux Essential Announcement Service <foresight-security-noreply@foresightlinux.org.>
To: [email protected]Subject: FLEA-2008-0003-1 nss_ldap
Message-ID: <47b158c9.gmPDw6UFwzlOlRzF%[email protected]>
User-Agent: Heirloom mailx 12.3 7/15/07
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Foresight Linux Essential Advisory: 2008-0003-1
Published: 2008-02-11
Rating: Minor
Updated Versions:
nss_ldap=/conary.rpath.com@rpl:devel//1/239-9.2-1
group-dist=/foresight.rpath.org@fl:1-devel//1/1.4.2-0.7-3
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5794http://wiki.rpath.com/Advisories:rPSA-2007-0255
Description:
Previous versions of nss_ldap contain a race condition that can allow
nss_ldap to return the wrong information, allowing for the possibility of
improper information disclosure.
- ---
Copyright 2008 Foresight Linux Project
This file is distributed under the terms of the MIT License.
A copy is available at http://www.foresightlinux.org/permanent/mit-license.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.8 (GNU/Linux)
iQIcBAEBAgAGBQJHsVi/AAoJENfwEn07iAtZLs0QAM1moc22EEiI9KjFJF1IuBb9
0liRnLyVsWBHzYOqAIlvPFhzUfMvODJs+9L1UnwKEXidkBUWcwLh6a6A6Um5cQWv
r6f+R/HHutcWuVfOv5W0rv6j16sdvpbIxiB3mgEiHR3hP8HGHcN9e5xAPVRqT1eF
z0DlEsZrp++fhLMn7vU3dRN0sUFr3S2WqJvQnZbKADGLXQs2lBqE4nLqPOL/UqAK
IkFjJL0A7A5JeI3npqHQIRpCNhYWmZCvi/ulzFvMQmXOJ47K/hfESJoanG95aVPb
z4w3eammw27HMakYD+YFhrx80TlAKX5VRC4vhzDoqe8Fs5g9gPp9JmOclh7/+EHE
/ENu1H0haVROOZofgWr9YHXCXEiV2WOuVdSoo6DYGqnWasEV0cBVGJZChz/Ho2KK
tfFhs7BHjd0Z12SZFwbgkzsnkcvgn/3yG2YlbT67Sbfpo4gxplRL9JlNP1rH/2kP
or8V7l1Id/BgtLdash9Q9WcnpQAAnCq+jEiz5nA7PWURw7QNjv3ssy6Akg5kfkEZ
V05vs1RNGbJefq2mcKcxLwRLHhPFRiGQMfS5a0+Ta/wD0Xz8qrYuISb38TBerrEA
ZCbvVyecuzXodT4DFVIwwEQaLj9jYjJB8xYYSrCbPjIUJmU956+Nf2XzlXLCFekG
A3nNY7P+qVgGGxUnbfKq
=CK6W
-----END PGP SIGNATURE-----