ports/142963: [UPDATE] net/nss_ldapd: update to 0.7.2
Arthur de Jong
arthur at arthurdejong.org
Thu Jan 21 22:00:19 UTC 2010
The following reply was made to PR ports/142963; it has been noted by GNATS.
From: Arthur de Jong <arthur at arthurdejong.org>
To: bug-followup at FreeBSD.org, freebsd at omnilan.de
Cc:
Subject: Re: ports/142963: [UPDATE] net/nss_ldapd: update to 0.7.2
Date: Thu, 21 Jan 2010 22:35:26 +0100
--=-UWOO0XvwyeEXUzM0vTLO
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
By chance I came across this page:
http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dports/142963
which suggests that a security vulnerability has been found in
nss-pam-ldapd 0.7.1. This is not correct.
Release 0.7.2 does not fix any known security problems. The confusion is
probably a result of this security advisory:
http://arthurdejong.org/nss-pam-ldapd/news.html#20091122
The problem was fixed a in nss-ldapd version 0.6.11. At the time it was
unclear that the previous behaviour had security implications. When this
became clear a security advisory was issued. See the link above for more
details.
Anyway, thanks for packaging nss-pam-ldapd (though I don't fully
understand the thing with rootbinddn).
--=20
-- arthur - arthur at arthurdejong.org - http://arthurdejong.org --
--=-UWOO0XvwyeEXUzM0vTLO
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAABAgAGBQJLWMiHAAoJECqLdGgQ4K/BS0oQAJmxvILtg4j0vEnokI2iSb+G
CMQxmVsgeGA3aim7kxW1//7gv02UVZi2aDwS0uC0CTG7JJt9fbjXRdxwuo7jgEOm
SpYUOqJ9sBK93ZQisy+23XgK7OPcP4gnXUebxGzSIb6soHo3HOXEa6c9YEIgC0r0
EeWx0Fnvh6B9BTdjTKJ29OIpy8JiNAD6tAjJQHctQXsq8NCFE88veGDHerrLp598
3vsxCKn3rPEWnJ4GFOGZRSErZpU3iQ3YsNAC5AmH3KBM1KH1YJC9+UpCw4MCAavb
GLwEafY7w/yESTyGDolKi3xyekEyfMlPbkzwBywNYjOjanHEyP/nKtq6+MTLVLfW
DsXWLba2Ws4p/wlmYvbXlY2RTCbz98oXyzbhznicvfCTDUivjrTOL3J/3Ez57td0
o7RBbsSN4aTVg/Pv6HsKZeFubHudbnovULI3ThIpZ4NlM4S2Qk/AEngJT8c4SiIK
qkvtm0Gbn2PtXKeFzBTeuLXTZb0Ca92fzkgAzwlSkmlUzSSFSFDciWM3T1KTGDu/
CEcRVkwLneGnsSwQynp0bZ95WHsR6Dxv3+IvAoKqH2eYaFV0MeBIloMkeZH/xifg
rZdQ/S9omGCsWgrSxWRuKdWYFsrGZY4MKlY1guS0Egl7iw1Ckql+HWcEiZCNtlI+
ZnRWG/BU/bmt3hBxfduU
=2ZPN
-----END PGP SIGNATURE-----
--=-UWOO0XvwyeEXUzM0vTLO--
More information about the freebsd-ports-bugs
mailing list