[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd does not answer in time

To: Brad Knowles <b.knowles@its.utexas.edu>, Hans Moser <hans.moser@ofd-sth.niedersachsen.de>
Subject: Re: slapd does not answer in time
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Thu, 21 Feb 2008 11:10:17 -0800
Cc: OpenLDAP Software List <openldap-software@openldap.org>
Content-disposition: inline
In-reply-to: <47BDC281.9030105@its.utexas.edu>
References: <47BD8876.6000409@ofd-sth.niedersachsen.de> <47BDC281.9030105@its.utexas.edu>

--On Thursday, February 21, 2008 12:27 PM -0600 Brad Knowles <b.knowles@its.utexas.edu> wrote:

Hans Moser wrote:

I have a 4 cpu machine with SLES 9 and OpenLDAP 2.3.35.


If you can, you want to upgrade your OpenLDAP version to at least 2.3.39,
otherwise if an object class is mis-spelled your LDAP server can be
crashed by a double-free bug.  This means anyone anywhere in the world
who can get a query executed on your LDAP server can cause it to crash.
You're wide open.

You may as well go to 2.3.41 if you are concerned about security issues, since anyone issuing a modrdn can crash your 2.3 server if it is less than 2.3.41. ;)

--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration

References:
- slapd does not answer in time
  - From: Hans Moser <hans.moser@ofd-sth.niedersachsen.de>
- Re: slapd does not answer in time
  - From: Brad Knowles <b.knowles@its.utexas.edu>

Prev by Date: Re: slapd does not answer in time
Next by Date: Re: ssf=0 for localhost
Index(es):
- Chronological
- Thread