- Issued:
- 2015-12-15
- Updated:
- 2016-05-09
RHBA-2015:2646 - Bug Fix Advisory
Synopsis
perl-LDAP bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated perl-LDAP package that fixes two bugs is now available for Red Hat Enterprise Linux 6.
Description
The perl-LDAP package provides a collection of modules that implements an LDAP services API for Perl programs. The modules can be used to search directories, or perform maintenance functions, such as adding, deleting, or modifying entries.
This update fixes the following bugs:
- When using the Net::LDAPS Perl module to connect to an LDAP server without specifying the list of allowed SSL ciphers, the SSL client offered and accepted all SSL ciphers, even those that were not enabled by default by the underlying cryptographic (OpenSSL) library. To fix this bug, the Net::LDAP source code and documentation have been modified not to request all ciphers by default. As a result, Perl LDAP clients use the default OpenSSL cipher list if not specified otherwise. (BZ#1090966)
- Previously, when using a Perl LDAP client with the Simple Authentication and Security Layer (SASL) mechanism, the LDAP server could receive corrupted LDAP queries. The Net::LDAP Perl module has been fixed to pass the actual query length to the syswrite() function instead of fixed 1,500 bytes. This can be redefined by other protocol layers like SASL authentication implementation. As a result, the Net::LDAP client no longer corrupts sent LDAP queries. (BZ#1104069)
Users of perl-LDAP are advised to upgrade to this updated package, which fixes these bugs.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x
Fixes
- BZ - 1090966 - Net::LDAP should not set ciphers to 'ALL' if not requested explicitly
- BZ - 1104069 - perl-LDAP sets wrong length for function _sendmesg
CVEs
(none)
Red Hat Enterprise Linux Server 6
SRPM | |
---|---|
x86_64 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
i386 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
SRPM | |
---|---|
x86_64 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
i386 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
Red Hat Enterprise Linux Workstation 6
SRPM | |
---|---|
x86_64 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
i386 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
Red Hat Enterprise Linux Desktop 6
SRPM | |
---|---|
x86_64 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
i386 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
Red Hat Enterprise Linux for IBM z Systems 6
SRPM | |
---|---|
s390x | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
Red Hat Enterprise Linux for Power, big endian 6
SRPM | |
---|---|
ppc64 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
Red Hat Enterprise Linux for Scientific Computing 6
SRPM | |
---|---|
x86_64 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
SRPM | |
---|---|
s390x | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6
SRPM | |
---|---|
x86_64 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
i386 | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6
SRPM | |
---|---|
s390x | |
perl-LDAP-0.40-2.el6.noarch.rpm | SHA-256: 8a7a471a5617f21f3a1df629548d7580209e6a1de9e2459de47a574c48b74791 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.