It was reported that a race condition exists in libnss-ldap, an NSS module for using LDAP as a naming service, which could cause denial of service attacks if applications use pthreads. This problem was spotted in the dovecot IMAP/POP server but potentially affects more programs. For the old stable distribution (sarge), this problem has been fixed in version 238-1sarge1. For the stable distribution (etch), this problem has been fixed in version 251-7.5etch1. For the unstable distribution (sid), this problem has been fixed in version 256-1. We recommend that you upgrade your libnss-ldap package.
It was reported that a race condition exists in libnss-ldap, an NSS module for using LDAP as a naming service, which could cause denial of service attacks if applications use pthreads.
This problem was spotted in the dovecot IMAP/POP server but potentially affects more programs.
For the old stable distribution (sarge), this problem has been fixed in version 238-1sarge1.
For the stable distribution (etch), this problem has been fixed in version 251-7.5etch4.
For the unstable distribution (sid), this problem has been fixed in version 256-1.
We recommend that you upgrade your libnss-ldap package.
MD5 checksums of the listed files are available in the original advisory.