[Auth_ldap] Auth_ldap 1.6.1 Released
ace at suares.nl
Sun Jan 15 13:22:15 PST 2006
Hi Dave, and all,
On Monday 09 January 2006 15:33, Dave Carrigan wrote:
> I have released version 1.6.1 of auth_ldap. This release corrects a
> security issue where an attacker could potentially crash Apache or run
> other processes under the apache uid.
Thanks, Dave, for releasing a security fix! And from the changelog I see
that you also included several other patches that came along. Thanks for
mentioning my name in the ChangeLog, but Stig Venaas actually wrote the
patch. Which is still at http://www.suares.com/auth_ldap
Today I tried to install 1.6.1
I used ./configure without any options.
I 'maked', the module compiled, I moved it to the apache library
directory, restarted apache, so far so good.
Then I tried to login on one of my websites. I used a wrong password (and
in later attempts, wrong usernames too). Instead of coming up with
'Authorization failed, retry ?' it just showed the page that says
In the apache error log, I see:
Could not connect to LDAP server: No such file or directory
What could be the problem ? I only replaced the old auth_ldap.so with the
> Other long-standing bugs have also been fixed.
> You can get the latest version at http://www.rudedog.org/auth_ldap/
Babe I'm gonna see that you be back home in thirty days
You don't give me no consolation
I'm gonna take it to the United Nations
I'm gonna see that you be back home in Thirty Days!
- Chuck Berry
Ace Suares' Internet Consultancy
mail: PObox 2599, 4800 CN Breda, The Netherlands
phone: +31 6 244 33 608 (Jan Veuger, support Netherlands)
emergency: +599 786 23 73
voicemail & fax: +31 848 707 705
web: http://www.suares.nl email: support at suares.nl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://www.rudedog.org/pipermail/auth_ldap/attachments/20060115/34695c45/attachment.pgp
More information about the Auth_ldap