Language and Page Formatting Options
An updated perl-Authen-SASL package that fixes one bug is now available for Red Hat Enterprise Linux 6.
Simple Authentication and Security Layer (SASL) is a generic mechanism for authentication used by several network protocols. The Authen::SASL module provides an implementation framework that all protocols should be able to share.
- Due to a bug in the Authen::SASL Perl module, the substr() function attempted to read data outside of the appropriate string. As a consequence, when the user was authenticated against an LDAP server over SASL, performing logical operations, such as search, with a Perl program on that server failed. With this update, the Authen::SASL module verifies the length of the string that is encrypted and written to a filehandle. As a result, performing a search returns correct results in the described situation.
Users of perl-Authen-SASL are advised to upgrade to this updated package, which fixes this bug.