[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8459) security scans causing slapd failure

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8459) security scans causing slapd failure
From: michael@stroeder.com
Date: Tue, 05 Jul 2016 19:32:30 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

duffy.lasker@sykes.com wrote:
> Full_Name: duffy lasker
> Version: slapd version 2.4.40
> OS: CentOS 7
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (184.96.44.7)
> 
> 
> security scans for kernel segmentation testing causes the slapd service to enter
> failed state, whether the test is successful (causes segmentation fault) or
> not.
> 
> the ldap server is apparently flooded with STARTTLS events until test end or
> successful fault caused.

Note that the RHEL/CentOS packages of OpenLDAP are heavily patched and linked
against libnss. Hence it's probably better to report this to them. Also there
were some fixes in their packages recently. Did you yum update to latest package
version?

You can also try to reproduce this failure with recent OpenLDAP release built
from source and linked to OpenSSL. That would be more important to the OpenLDAP
community.

Ciao, Michael.

Prev by Date: (ITS#8459) security scans causing slapd failure
Next by Date: (ITS#8460) Invalid pointer free
Index(es):
- Chronological
- Thread