Package name
openldap
Date
2010-01-26
Advisory ID
MDVSA-2010:026
Affected versions
2009.0 x86_64 , MES5 i586 , 2009.1 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2009.1 x86_64 , MES5 x86_64

Problem description

A vulnerability was discovered and corrected in openldap:

libraries/libldap/tls_o.c in OpenLDAP, when OpenSSL is used, does
not properly handle a \'\0\' (NUL) character in a domain name in
the subject's Common Name (CN) field of an X.509 certificate, which
allows man-in-the-middle attackers to spoof arbitrary SSL servers via
a crafted certificate issued by a legitimate Certification Authority,
a related issue to CVE-2009-2408 (CVE-2009-3767).

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.

The updated packages have been patched to correct this issue.

Updated packages

2009.0 x86_64

 54e430c0735f09e81cbc01f8d6d2e0cb  2009.0/x86_64/lib64ldap2.4_2-2.4.11-3.2mdv2009.0.x86_64.rpm
 a603ee71bb23a2482ba24d9b5aa0d441  2009.0/x86_64/lib64ldap2.4_2-devel-2.4.11-3.2mdv2009.0.x86_64.rpm
 d2f3bb877cdbca3a7c19694ddf998f70  2009.0/x86_64/lib64ldap2.4_2-static-devel-2.4.11-3.2mdv2009.0.x86_64.rpm
 d5679cdc3fe1a66c67856ff7cc820e97  2009.0/x86_64/openldap-2.4.11-3.2mdv2009.0.x86_64.rpm
 f9e4916cb87578bc2ee52456b1cc8612  2009.0/x86_64/openldap-clients-2.4.11-3.2mdv2009.0.x86_64.rpm
 45c0453372a06e434c92ee6d6e565326  2009.0/x86_64/openldap-doc-2.4.11-3.2mdv2009.0.x86_64.rpm
 3688fdc6044b0c069cfddbcafb8570dd  2009.0/x86_64/openldap-servers-2.4.11-3.2mdv2009.0.x86_64.rpm
 8ccdef4f247693f087b2f8ced9f6df75  2009.0/x86_64/openldap-testprogs-2.4.11-3.2mdv2009.0.x86_64.rpm
 2ff3c40955d05049b1b087fe4a46f470  2009.0/x86_64/openldap-tests-2.4.11-3.2mdv2009.0.x86_64.rpm 
 9cf49efc39d9e3b1e33d815ce4ecbb9b  2009.0/SRPMS/openldap-2.4.11-3.2mdv2009.0.src.rpm

MES5 i586

 09d4a893fbfb5aeeaba0d920717e7bf2  mes5/i586/libldap2.4_2-2.4.11-3.2mdvmes5.i586.rpm
 0431d42a2e6355abcb2ac3c06deb5fdf  mes5/i586/libldap2.4_2-devel-2.4.11-3.2mdvmes5.i586.rpm
 fc5961e23f65c182abc7a12bc5d151dd  mes5/i586/libldap2.4_2-static-devel-2.4.11-3.2mdvmes5.i586.rpm
 2972925135a2a05ead56437a9b5419dc  mes5/i586/openldap-2.4.11-3.2mdvmes5.i586.rpm
 f6065831019f66ad751b7ed2d7588685  mes5/i586/openldap-clients-2.4.11-3.2mdvmes5.i586.rpm
 40c97b12b13377de19c00d748714d312  mes5/i586/openldap-doc-2.4.11-3.2mdvmes5.i586.rpm
 30275464184256272fcf7cadea77d090  mes5/i586/openldap-servers-2.4.11-3.2mdvmes5.i586.rpm
 a29701216dc54d9c951a618ace801be8  mes5/i586/openldap-testprogs-2.4.11-3.2mdvmes5.i586.rpm
 853bca2f88cd4764e925fe3392a1ebda  mes5/i586/openldap-tests-2.4.11-3.2mdvmes5.i586.rpm 
 5f0cff3716ac2871124d0d3d24267b4b  mes5/SRPMS/openldap-2.4.11-3.2mdvmes5.src.rpm

2009.1 i586

 b89b2509fe864d9750fef6c49f6c0184  2009.1/i586/libldap2.4_2-2.4.16-1.1mdv2009.1.i586.rpm
 e7e532035891022e817808e983e596a9  2009.1/i586/libldap2.4_2-devel-2.4.16-1.1mdv2009.1.i586.rpm
 b4b6f34878132d1c1c823ef89833e8f8  2009.1/i586/libldap2.4_2-static-devel-2.4.16-1.1mdv2009.1.i586.rpm
 942ed86998426b2b10ec399c3a52b77e  2009.1/i586/openldap-2.4.16-1.1mdv2009.1.i586.rpm
 82cfd7b50e08b313033aa3d3f5fe256b  2009.1/i586/openldap-clients-2.4.16-1.1mdv2009.1.i586.rpm
 9c95fafea86a758a2a6fe4770f125035  2009.1/i586/openldap-doc-2.4.16-1.1mdv2009.1.i586.rpm
 f23ef462351ad9f2a43857591af492c0  2009.1/i586/openldap-servers-2.4.16-1.1mdv2009.1.i586.rpm
 6ac2057dd719078e7f05033c4eeb8244  2009.1/i586/openldap-testprogs-2.4.16-1.1mdv2009.1.i586.rpm
 e9728e9007a3abeaed7b22ea70fde1b1  2009.1/i586/openldap-tests-2.4.16-1.1mdv2009.1.i586.rpm 
 6e7c1810d3fad170498c9b80887104ec  2009.1/SRPMS/openldap-2.4.16-1.1mdv2009.1.src.rpm

2009.0 i586

 1edb07acb66ec501f451ab12e82c701f  2009.0/i586/libldap2.4_2-2.4.11-3.2mdv2009.0.i586.rpm
 d89cc046166856ec10e6571646efc911  2009.0/i586/libldap2.4_2-devel-2.4.11-3.2mdv2009.0.i586.rpm
 d3895a847d8aad9d09446162b0ffcd8d  2009.0/i586/libldap2.4_2-static-devel-2.4.11-3.2mdv2009.0.i586.rpm
 069829021563439e98d464c942f8b465  2009.0/i586/openldap-2.4.11-3.2mdv2009.0.i586.rpm
 d10c57b7e4b2e47350be4ed9e0653d13  2009.0/i586/openldap-clients-2.4.11-3.2mdv2009.0.i586.rpm
 0e1cdfc7e0de6148feebdc28d7f957a5  2009.0/i586/openldap-doc-2.4.11-3.2mdv2009.0.i586.rpm
 c14ac5126b17775363da034cb68557b0  2009.0/i586/openldap-servers-2.4.11-3.2mdv2009.0.i586.rpm
 07f0a85987bcd586359852b7cad8649d  2009.0/i586/openldap-testprogs-2.4.11-3.2mdv2009.0.i586.rpm
 9a51e08fa565f830672328a0c00fc8e8  2009.0/i586/openldap-tests-2.4.11-3.2mdv2009.0.i586.rpm 
 9cf49efc39d9e3b1e33d815ce4ecbb9b  2009.0/SRPMS/openldap-2.4.11-3.2mdv2009.0.src.rpm

CS4.0 i586

 2680f39542c1a732ddfbf125bdb840ec  corporate/4.0/i586/libldap2.3_0-2.3.27-1.6.20060mlcs4.i586.rpm
 eba24e380a590ccab0c51cebd5a6b2b5  corporate/4.0/i586/libldap2.3_0-devel-2.3.27-1.6.20060mlcs4.i586.rpm
 c09bd1c40966ce05dcb250f60363cff0  corporate/4.0/i586/libldap2.3_0-static-devel-2.3.27-1.6.20060mlcs4.i586.rpm
 4b288051aaaae89e4fd51f3e23fff9de  corporate/4.0/i586/openldap-2.3.27-1.6.20060mlcs4.i586.rpm
 4a929338eaf5bdb04753e8e3a9e9a5f2  corporate/4.0/i586/openldap-clients-2.3.27-1.6.20060mlcs4.i586.rpm
 c1466377dd9d3085058a6239afc5c290  corporate/4.0/i586/openldap-doc-2.3.27-1.6.20060mlcs4.i586.rpm
 b3d3da31f572a96f4d206a7dc0024ea7  corporate/4.0/i586/openldap-servers-2.3.27-1.6.20060mlcs4.i586.rpm 
 97589a85f65923d54383b5a6dde41fb2  corporate/4.0/SRPMS/openldap-2.3.27-1.6.20060mlcs4.src.rpm

2008.0 x86_64

 fd10ca40cbd47ac92f0fb018abeb43b0  2008.0/x86_64/lib64ldap2.3_0-2.3.38-3.4mdv2008.0.x86_64.rpm
 6f70689679ee97a5c0586190b0c14fe3  2008.0/x86_64/lib64ldap2.3_0-devel-2.3.38-3.4mdv2008.0.x86_64.rpm
 804c10f2e0fc978bdaff791fffdf6cb3  2008.0/x86_64/lib64ldap2.3_0-static-devel-2.3.38-3.4mdv2008.0.x86_64.rpm
 2e9eaa2bc8024bab086d6719371c104b  2008.0/x86_64/openldap-2.3.38-3.4mdv2008.0.x86_64.rpm
 a11488a1a69f82d75bd9cbb0162810df  2008.0/x86_64/openldap-clients-2.3.38-3.4mdv2008.0.x86_64.rpm
 2f8a0560815adc858f9751d50154233b  2008.0/x86_64/openldap-doc-2.3.38-3.4mdv2008.0.x86_64.rpm
 82dba0aa278c64c7c588d468b910ed7f  2008.0/x86_64/openldap-servers-2.3.38-3.4mdv2008.0.x86_64.rpm
 37c4c53990d046d55eb37a4c89b41421  2008.0/x86_64/openldap-testprogs-2.3.38-3.4mdv2008.0.x86_64.rpm
 fb880135c85355b26e2769fadacb3563  2008.0/x86_64/openldap-tests-2.3.38-3.4mdv2008.0.x86_64.rpm 
 d43ec379be752a4229b996bf0212123e  2008.0/SRPMS/openldap-2.3.38-3.4mdv2008.0.src.rpm

CS4.0 x86_64

 4d757bcbeff60980e7161905ee84f4f3  corporate/4.0/x86_64/lib64ldap2.3_0-2.3.27-1.6.20060mlcs4.x86_64.rpm
 71a4b1de7f60e959bf293bf97c69b2ff  corporate/4.0/x86_64/lib64ldap2.3_0-devel-2.3.27-1.6.20060mlcs4.x86_64.rpm
 f72e33cf6b5c9ce48651ad338c4764b7  corporate/4.0/x86_64/lib64ldap2.3_0-static-devel-2.3.27-1.6.20060mlcs4.x86_64.rpm
 119b451378a0db92afd13ab320ae0780  corporate/4.0/x86_64/openldap-2.3.27-1.6.20060mlcs4.x86_64.rpm
 4ecc97d7aa99bc3ae29d5c5e93283dd1  corporate/4.0/x86_64/openldap-clients-2.3.27-1.6.20060mlcs4.x86_64.rpm
 731857c379ce789f8f495b1d707d7e82  corporate/4.0/x86_64/openldap-doc-2.3.27-1.6.20060mlcs4.x86_64.rpm
 e72705d3d650cf099748091e7293e706  corporate/4.0/x86_64/openldap-servers-2.3.27-1.6.20060mlcs4.x86_64.rpm 
 97589a85f65923d54383b5a6dde41fb2  corporate/4.0/SRPMS/openldap-2.3.27-1.6.20060mlcs4.src.rpm

2008.0 i586

 05d27c8e50b79e16c345756251c5e819  2008.0/i586/libldap2.3_0-2.3.38-3.4mdv2008.0.i586.rpm
 c3b564ed72214c88e4f97b754baec0d3  2008.0/i586/libldap2.3_0-devel-2.3.38-3.4mdv2008.0.i586.rpm
 cb184b75f27937fbf10bee2c4526ccb8  2008.0/i586/libldap2.3_0-static-devel-2.3.38-3.4mdv2008.0.i586.rpm
 53a1cb617be31adf8002d03c975242df  2008.0/i586/openldap-2.3.38-3.4mdv2008.0.i586.rpm
 48114cab21906ac3f736d669ea9c1a21  2008.0/i586/openldap-clients-2.3.38-3.4mdv2008.0.i586.rpm
 a16e2a6e65d1f68eea0989590f0057b7  2008.0/i586/openldap-doc-2.3.38-3.4mdv2008.0.i586.rpm
 1184787dc8596fc25c660396d012d6eb  2008.0/i586/openldap-servers-2.3.38-3.4mdv2008.0.i586.rpm
 84c2fe50106a22d3fe27b3cdba4197d9  2008.0/i586/openldap-testprogs-2.3.38-3.4mdv2008.0.i586.rpm
 b3facfc070aee1223d254ec984c61ab7  2008.0/i586/openldap-tests-2.3.38-3.4mdv2008.0.i586.rpm 
 d43ec379be752a4229b996bf0212123e  2008.0/SRPMS/openldap-2.3.38-3.4mdv2008.0.src.rpm

2009.1 x86_64

 bf51e99f555efe4c1433c61fb1b970a1  2009.1/x86_64/lib64ldap2.4_2-2.4.16-1.1mdv2009.1.x86_64.rpm
 b27971669d145b8d77b422a6239d9c12  2009.1/x86_64/lib64ldap2.4_2-devel-2.4.16-1.1mdv2009.1.x86_64.rpm
 79d8a022b0fc68cac40c3b9c59ee0a94  2009.1/x86_64/lib64ldap2.4_2-static-devel-2.4.16-1.1mdv2009.1.x86_64.rpm
 bd047c1075c1a37885f698ee3262892e  2009.1/x86_64/openldap-2.4.16-1.1mdv2009.1.x86_64.rpm
 9a3062118ab8c405bb059839b98ac85d  2009.1/x86_64/openldap-clients-2.4.16-1.1mdv2009.1.x86_64.rpm
 a14bb0244d99eb101c34da5cd404c323  2009.1/x86_64/openldap-doc-2.4.16-1.1mdv2009.1.x86_64.rpm
 05597018b9ae1a5cd27849f4e2630aa1  2009.1/x86_64/openldap-servers-2.4.16-1.1mdv2009.1.x86_64.rpm
 dc514f10efe28460c2cc9531dd46fded  2009.1/x86_64/openldap-testprogs-2.4.16-1.1mdv2009.1.x86_64.rpm
 99ac81225c652a1e11d6fc0259e79339  2009.1/x86_64/openldap-tests-2.4.16-1.1mdv2009.1.x86_64.rpm 
 6e7c1810d3fad170498c9b80887104ec  2009.1/SRPMS/openldap-2.4.16-1.1mdv2009.1.src.rpm

MES5 x86_64

 b5470e8cd7073d008be83c8731b32bd3  mes5/x86_64/lib64ldap2.4_2-2.4.11-3.2mdvmes5.x86_64.rpm
 b4be80b1527524287f36d9f7d829fa13  mes5/x86_64/lib64ldap2.4_2-devel-2.4.11-3.2mdvmes5.x86_64.rpm
 2b8410175476f709bf6a1a54e8f158ff  mes5/x86_64/lib64ldap2.4_2-static-devel-2.4.11-3.2mdvmes5.x86_64.rpm
 597714018771bba7e50aecbf850b19d9  mes5/x86_64/openldap-2.4.11-3.2mdvmes5.x86_64.rpm
 c05436b7c7aca704564d19b656b94d63  mes5/x86_64/openldap-clients-2.4.11-3.2mdvmes5.x86_64.rpm
 05b5482d288d6b877246ca8a7332fd86  mes5/x86_64/openldap-doc-2.4.11-3.2mdvmes5.x86_64.rpm
 deb1329b1735d506be64f7a599e32df1  mes5/x86_64/openldap-servers-2.4.11-3.2mdvmes5.x86_64.rpm
 447c0303692296fde9c5555d782435cb  mes5/x86_64/openldap-testprogs-2.4.11-3.2mdvmes5.x86_64.rpm
 fc597de3166dc25c92b7eada78ebf242  mes5/x86_64/openldap-tests-2.4.11-3.2mdvmes5.x86_64.rpm 
 5f0cff3716ac2871124d0d3d24267b4b  mes5/SRPMS/openldap-2.4.11-3.2mdvmes5.src.rpm

References