SynopsisThe remote Debian host is missing a security-related update.
DescriptionIt was reported that a race condition exists in libnss-ldap, an NSS module for using LDAP as a naming service, which could cause denial of service attacks if applications use pthreads.
This problem was spotted in the dovecot IMAP/POP server but potentially affects more programs.
SolutionUpgrade the libnss-ldap package.
For the old stable distribution (sarge), this problem has been fixed in version 238-1sarge1.
For the stable distribution (etch), this problem has been fixed in version 251-7.5etch1.