ports/142963: [UPDATE] net/nss_ldapd: update to 0.7.2

Arthur de Jong arthur at arthurdejong.org
Thu Jan 21 22:00:19 UTC 2010


The following reply was made to PR ports/142963; it has been noted by GNATS.

From: Arthur de Jong <arthur at arthurdejong.org>
To: bug-followup at FreeBSD.org, freebsd at omnilan.de
Cc:  
Subject: Re: ports/142963: [UPDATE] net/nss_ldapd: update to 0.7.2
Date: Thu, 21 Jan 2010 22:35:26 +0100

 --=-UWOO0XvwyeEXUzM0vTLO
 Content-Type: text/plain; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable
 
 
 By chance I came across this page:
   http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dports/142963
 which suggests that a security vulnerability has been found in
 nss-pam-ldapd 0.7.1. This is not correct.
 
 Release 0.7.2 does not fix any known security problems. The confusion is
 probably a result of this security advisory:
   http://arthurdejong.org/nss-pam-ldapd/news.html#20091122
 
 The problem was fixed a in nss-ldapd version 0.6.11. At the time it was
 unclear that the previous behaviour had security implications. When this
 became clear a security advisory was issued. See the link above for more
 details.
 
 Anyway, thanks for packaging nss-pam-ldapd (though I don't fully
 understand the thing with rootbinddn).
 
 --=20
 -- arthur - arthur at arthurdejong.org - http://arthurdejong.org --
 
 --=-UWOO0XvwyeEXUzM0vTLO
 Content-Type: application/pgp-signature; name="signature.asc"
 Content-Description: This is a digitally signed message part
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (GNU/Linux)
 
 iQIcBAABAgAGBQJLWMiHAAoJECqLdGgQ4K/BS0oQAJmxvILtg4j0vEnokI2iSb+G
 CMQxmVsgeGA3aim7kxW1//7gv02UVZi2aDwS0uC0CTG7JJt9fbjXRdxwuo7jgEOm
 SpYUOqJ9sBK93ZQisy+23XgK7OPcP4gnXUebxGzSIb6soHo3HOXEa6c9YEIgC0r0
 EeWx0Fnvh6B9BTdjTKJ29OIpy8JiNAD6tAjJQHctQXsq8NCFE88veGDHerrLp598
 3vsxCKn3rPEWnJ4GFOGZRSErZpU3iQ3YsNAC5AmH3KBM1KH1YJC9+UpCw4MCAavb
 GLwEafY7w/yESTyGDolKi3xyekEyfMlPbkzwBywNYjOjanHEyP/nKtq6+MTLVLfW
 DsXWLba2Ws4p/wlmYvbXlY2RTCbz98oXyzbhznicvfCTDUivjrTOL3J/3Ez57td0
 o7RBbsSN4aTVg/Pv6HsKZeFubHudbnovULI3ThIpZ4NlM4S2Qk/AEngJT8c4SiIK
 qkvtm0Gbn2PtXKeFzBTeuLXTZb0Ca92fzkgAzwlSkmlUzSSFSFDciWM3T1KTGDu/
 CEcRVkwLneGnsSwQynp0bZ95WHsR6Dxv3+IvAoKqH2eYaFV0MeBIloMkeZH/xifg
 rZdQ/S9omGCsWgrSxWRuKdWYFsrGZY4MKlY1guS0Egl7iw1Ckql+HWcEiZCNtlI+
 ZnRWG/BU/bmt3hBxfduU
 =2ZPN
 -----END PGP SIGNATURE-----
 
 --=-UWOO0XvwyeEXUzM0vTLO--
 



More information about the freebsd-ports-bugs mailing list