lists.arthurdejong.org
RSS feed

release 0.8.1 of nss-pam-ldapd

[Date Prev][Date Next] [Thread Prev][Thread Next]

release 0.8.1 of nss-pam-ldapd



Release 0.8.1 of nss-pam-ldapd has just been made available which fixes
a serious security problem that would allow login for users not in LDAP.
The CVE project has assigned CVE-2011-0438 to this problem.
More details about the vulnerability can be found here:
  http://arthurdejong.org/nss-pam-ldapd/news.html#20110309

This release remains a development release and is expected to undergo
more active development. Users that require a stable release are
encouraged to stay with 0.7 until 0.8 stabilizes. 

A summary of the changes since 0.8.0:
* properly handle user-not-found errors when doing authentication
  (CVE-2011-0438)
* include a file that was missing for Solaris support
* add FreeBSD support, partially imported from the FreeBSD port (thanks
  to Jacques Vidrine, Artem Kazakov and Alexander V. Chernikov)
* document how to replace pam_check_service_attr and pam_check_host_attr
  options in PADL's pam_ldap with pam_authz_search in nss-pam-ldapd
* implement a fqdn variable that can be used in pam_authz_search filters
* create the directory to hold the socket and pidfile on startup
* implement host, network and netgroup support in pynslcd

More information on this release can be found at:
  http://arthurdejong.org/nss-pam-ldapd/news.html#20110310

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --
-- 
To unsubscribe send an email to
nss-pam-ldapd-announce-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-announce