Linux News Today: OpenLDAP Vulnerabilities Closes in All Supported Ubuntu OSes
A couple of OpenLDAP issues have been identified and fixed in the Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems.
The maintainers of the openldap have pushed a new version of the library in the repositories and users should get the new version. This latest version is about some security fixes that have been added and it’s a good idea to update.
“Dietrich Clauss discovered that the OpenLDAP package incorrectly shipped with a potentially unsafe default access control configuration. Depending on how the database is configure, this may allow users to impersonate others by modifying attributes such as their Unix user and group numbers,” reads the security notice.
This is just one of the vulnerabilities with the OpenLDAP packages. For a more detailed description of the problem, you should check the entire security notification.
The flaws can be fixed if you upgrade your system to the latest slapd package. To apply the patch, users will have to run the Update Manager application. In general, a standard system update will make all the necessary changes, and there is no need for a restart.
You can also use the terminal and enter the following commands (you will need to be root in order to make it work):
sudo apt-get update
sudo apt-get dist-upgrade
The update process should be fairly quick since this is not a big package.