release 0.8.1 of nss-pam-ldapd
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
release 0.8.1 of nss-pam-ldapd
- From: Arthur de Jong <arthur [at] arthurdejong.org>
- To: nss-pam-ldapd-announce <nss-pam-ldapd-announce [at] lists.arthurdejong.org>
- Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: release 0.8.1 of nss-pam-ldapd
- Date: Thu, 10 Mar 2011 23:05:37 +0100
Release 0.8.1 of nss-pam-ldapd has just been made available which fixes
a serious security problem that would allow login for users not in LDAP.
The CVE project has assigned CVE-2011-0438 to this problem.
More details about the vulnerability can be found here:
http://arthurdejong.org/nss-pam-ldapd/news.html#20110309
This release remains a development release and is expected to undergo
more active development. Users that require a stable release are
encouraged to stay with 0.7 until 0.8 stabilizes.
A summary of the changes since 0.8.0:
* properly handle user-not-found errors when doing authentication
(CVE-2011-0438)
* include a file that was missing for Solaris support
* add FreeBSD support, partially imported from the FreeBSD port (thanks
to Jacques Vidrine, Artem Kazakov and Alexander V. Chernikov)
* document how to replace pam_check_service_attr and pam_check_host_attr
options in PADL's pam_ldap with pam_authz_search in nss-pam-ldapd
* implement a fqdn variable that can be used in pam_authz_search filters
* create the directory to hold the socket and pidfile on startup
* implement host, network and netgroup support in pynslcd
More information on this release can be found at:
http://arthurdejong.org/nss-pam-ldapd/news.html#20110310
--
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --
--
To unsubscribe send an email to
nss-pam-ldapd-announce-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-announce
- release 0.8.1 of nss-pam-ldapd,
Arthur de Jong
