SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for nss-pam-ldapd-0.8.10-16.1.x86_64.rpm :
Fri Apr 26 14:00:00 2013 mmeisterAATTsuse.com
- Added autoreconf -i option to fix build with new automake

Wed Mar 13 13:00:00 2013 varkolyAATTsuse.com
- bnc#804682 - VUL-0: CVE-2013-0288: nss-pam-ldapd: FD_SET array index
error, leading to stack-based buffer overflow

Fri Aug 17 14:00:00 2012 larsAATTsamba.org
- Update to 0.8.10:

* documentation improvements

* fix a problem that causes the PAM module to prompt for a new password even
though the old one was wrong

* log successful password change in nslcd

* install default configuration file with reduced permissions (further
protection for CVE-2009-1073)
- The 0.8 series has a few advantages over the 0.7 series. Apart from numerous
small improvements and new features the biggest changes are:

* introduction of pynslcd, an experimental alternative for nslcd

* addition of a validnames option

* checking shadow attributes for PAM authorisation

* support mapping to the objectSid attribute

* support pam_unix when not getting shadow information from LDAP
- Add configure option --with-pam-seclib-dir

Fri Dec 2 13:00:00 2011 cooloAATTsuse.com
- add automake as buildrequire to avoid implicit dependency

Tue Aug 2 14:00:00 2011 ajAATTsuse.de
- Create ghost /var/run/nslcd to fix build failure.

Tue Jan 4 13:00:00 2011 seife+obsAATTb1-systems.com
- update to 0.7.13:

* fix handling of idle_timelimit option

* fix error code for problem while doing password modification
- fix build for pre-11.3 systems

Tue Nov 16 13:00:00 2010 rhaferAATTnovell.com
- Renamed to nss-pam-ldapd to reflect upstream rename
- Updated to 0.7.12:

* rename software to nss-pam-ldapd to indicate that PAM module
is now a standard part of the software

* the PAM module is now built by default

* the default configuration file name has been changed to
/etc/nslcd.conf

Mon Feb 1 13:00:00 2010 jengelhAATTmedozas.de
- package baselibs.conf

Wed Aug 26 14:00:00 2009 mlsAATTsuse.de
- make patch0 usage consistent

Tue Jun 30 14:00:00 2009 rhaferAATTnovell.com
- Updated to 0.6.10:

* implement searching through multiple search bases, based on a
patch by Leigh Wedding

* fix a segmentation fault that could occur when using any of
the tls_
* options with a string parameter

* the code for reading and writing protocol entries between the
NSS module and the daemon was improved

* documentation updates

* removed SSL/TLS related warnings during startup

* produce more detailed logging in debug mode and allow
multiple -d options to be specified to also include logging
from the LDAP library

* some LDAP configuration options are now initialized globally
instead of per connection which should fix problems with the
tls_reqcert option

* documentation improvements for the NSLCD protocol used between
the NSS module and the nslcd server

* fix a bug with writing alternate service names and add checks
for validity of passed buffer in NSS module
- Fixed a possible off by one bug in nslcd (bnc#515559)

Thu Jun 25 14:00:00 2009 sbrabecAATTsuse.cz
- Supplement glibc-32bit/glibc-64bit in baselibs.conf (bnc#354164).

Wed Mar 25 13:00:00 2009 rhaferAATTsuse.de
- Updated to 0.6.8:

* the nss-ldapd.conf was created world-readable which could cause
problems if the bindpw option is used. (bnc#487737, CVE-2009-1073)

* clean the environment and set LDAPNOINIT to disable parsing of LDAP
configuration files (.ldaprc, /etc/ldap/ldap.conf, etc)

* remove sslpath option because it wasn\'t used

* correctly set SSL/TLS options when using StartTLS

* rename the tls_checkpeer option to tls_reqcert, deprecating the old name
and supporting all values that OpenLDAP supports

* allow backslashes in user and group names execpt as first or last
character

* check user and group names against LOGIN_NAME_MAX if it is defined

* allow spaces in user and group names because it was causing problems in
some environments

* if ldap_set_option() fails log the option name instead of number

* retry connecting to LDAP server in more cases
- Adjust config file permissions upon update, to fix world-readable
/etc/nss-ldapd.conf as created by older versions
(bnc#487737, CVE-2009-1073)


  
ICM