Mageia 6: MGASA-2018-0404 Critical: 389-ds-base DoS and Crash Threats
mageia
October 19, 2018
Updated 389-ds-base package fixes security vulnerabilities: a race condition on reference counter leads to DoS using persistent search (CVE-2018-10850)
Summary
Updated 389-ds-base package fixes security vulnerabilities:
a race condition on reference counter leads to DoS using persistent
search (CVE-2018-10850)
ldapsearch with server side sort allows users to cause a crash
(CVE-2018-10935)
a server crash through the modify command with large DN
(CVE-2018-14624)
References
- https://bugs.mageia.org/show_bug.cgi?id=23610
- https://access.redhat.com/errata/RHSA-2018:2757
- https://bugzilla.redhat.com/show_bug.cgi?id=1588056
- https://bugzilla.redhat.com/show_bug.cgi?id=1613606
- https://bugzilla.redhat.com/show_bug.cgi?id=1619450
- https://www.cve.org/CVERecord?id=CVE-2018-10850
- https://www.cve.org/CVERecord?id=CVE-2018-10935
- https://www.cve.org/CVERecord?id=CVE-2018-14624
Topics Covered
Resolution
SRPMS
- 6/core/389-ds-base-1.3.5.17-1.6.mga6
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 19 Oct 2018
URL: https://advisories.mageia.org/MGASA-2018-0404.html
Type: security
CVE: CVE-2018-10850,
CVE-2018-10935,
CVE-2018-14624
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!