Bug 94457 - [patch] www/auth_ldap upgrade to v1.6.1 (vulnerability fix)
Summary: [patch] www/auth_ldap upgrade to v1.6.1 (vulnerability fix)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-03-15 00:30 UTC by Panagiotis Christias
Modified: 2006-03-19 16:26 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Panagiotis Christias 2006-03-15 00:30:12 UTC
Auth_ldap 1.6.0 was reported having remote format string vulnerabilities.
See CVE-2006-0150 (http://www.securityfocus.com/bid/16177). An upgrade to
version 1.6.1 is required.

Version 1.6.1 needes a patch in order to function properly (verified on
our FreeBSD boxes). See:
http://www.rudedog.org/pipermail/auth_ldap/2006-January/001710.html

Fix: 

A port for version 1.6.1 including the patch was prepared. It is available at:
http://noc.ntua.gr/~christia/auth_ldap-1.6.1-port.tar.gz
Comment 1 Clement Laforet freebsd_committer freebsd_triage 2006-03-19 16:26:28 UTC
State Changed
From-To: open->closed

Committed, thanks !