ports/94457: [patch] www/auth_ldap upgrade to v1.6.1 (vulnerability fix)
Panagiotis Christias
p.christias at noc.ntua.gr
Wed Mar 15 00:30:19 UTC 2006
>Number: 94457
>Category: ports
>Synopsis: [patch] www/auth_ldap upgrade to v1.6.1 (vulnerability fix)
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Mar 15 00:30:12 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Panagiotis Christias
>Release: FreeBSD 5.3-SECURITY
>Organization:
National Technical University of Athens
>Environment:
FreeBSD ajax.noc.ntua.gr 5.3-SECURITY FreeBSD 5.3-SECURITY #0: Tue Feb 28 17:56:44 UTC 2006 root at builder.daemonology.net:/usr/obj/usr/src/sys/SMP i386
>Description:
Auth_ldap 1.6.0 was reported having remote format string vulnerabilities.
See CVE-2006-0150 (http://www.securityfocus.com/bid/16177). An upgrade to
version 1.6.1 is required.
Version 1.6.1 needes a patch in order to function properly (verified on
our FreeBSD boxes). See:
http://www.rudedog.org/pipermail/auth_ldap/2006-January/001710.html
>How-To-Repeat:
>Fix:
A port for version 1.6.1 including the patch was prepared. It is available at:
http://noc.ntua.gr/~christia/auth_ldap-1.6.1-port.tar.gz
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list