Bugfix Advisory (MDKA-2003:009): openldap

[aru]

MandrakeSoft Bugfix Advisory MDKA-2003:009 : openldap

 

May 1st, 2003

Updated openldap packages fix multiple bugs

 

The OpenLDAP packages in Mandrake Linux 9.1 did not properly migrate data from previous versions. This update provides a fix that corrects this issue.

 

The updated packages also correct a problem that has been persistent in Mandrake Linux for some time. Previously, attempting to use OpenLDAP for authentication would result in strange system behaviour because OpenLDAP was using a MD5 hash internally that was incompatible with the system crypt(3) MD5 hash. This would result in authentication working with nss_ldap, but not with pam_ldap. If one used ldappasswd to change a password, authentication would work with pam_ldap but not nss_ldap. The OpenLDAP packages have been updated to use the crypt(3) MD5 hash at all times.

 

As well, if OpenLDAP was used for authentication on Mandrake Linux 9.1, sshd would segfault when attempting to login as an LDAP user. The new pam_ldap and nss_ldap packages correct this problem.

 

WARNING: Users who are currently using pam_ldap with OpenLDAP, and who have used ldappasswd to change user passwords may have the MD5 hash that is not compatible with crypt(3) used to store the userPassword. If this is the case, updating to these packages may require you to, as root, change the password for each user with a now incompatible password.

 

 

The released versions of Mandrake GNU/Linux affected are:

• 8.2

 

[*] 8.2/PPC

 

[*] 9.0

 

[*] 9.1

 

[*] 9.1/PPC

 

[*] Multi Network Firewall 8.2

 

[*] Corporate Server 2.1

Full information about this advisory, including the updated packages, is available at:

www.mandrakesecure.net/en/advisories/advisory.php?name=MDKA-2003:009

 

Posted automatically by aru (mdksec2mub v0.0.5)