[Lunar-commits] <moonbase> openldap: +0.0.01 bugfixes
Zbigniew Luszpinski
zbiggy at o2.pl
Tue Mar 4 14:25:27 CET 2008
Tuesday 04 of March 2008 02:08:42 Dennis Veatch wrote:
> > Author: Zbigniew Luszpinski <zbiggy at lunar-linux.org>
> > --- a/utils/openldap/BUILD
> > +++ b/utils/openldap/BUILD
> > @@ -26,8 +26,10 @@
> > + --disable-bdb \
> > + --disable-hdb \
>
> I am confused why you are disabling sleepycat and Hierarchical DB backends.
> Is there some incompatibility with the current moonbase version of db?
checking Berkeley DB version for BDB/HDB backends... no
configure: error: BDB/HDB: BerkeleyDB version incompatible
New OpenLDAP version is hanging on distrowatch since long time.
I did not bump it because encountered BDB/HDB error then.
Recently I found CVE-2007-5707:
"OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service
(slapd crash) via an LDAP request with a malformed objectClasses attribute.
NOTE: this has been reported as a double free, but the reports are
inconsistent."
So decided to bump it asap by droping BDB/HDB.
What I learned is:
-BDB/HDB error is caused by db module version
-there is no patch for ldap to fix this
-db 4.5.20.2 is reported to work with ldap
-db 4.6 may work with OpenLDAP 2.4.6 and higher
zbiggy
More information about the Lunar-dev
mailing list