Mageia 7: MGASA-2019-0411 High: 389-ds-base LDAP Denial of Service

he updated packages fix security vulnerabilities and a packaging problem:
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service. (CVE-2018-1054)
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with sufficiently high privileges, such as root or Directory Manager, can query these files in order to retrieve plaintext passwords. (CVE-2018-10871)
In 389-ds-base up to version 1.4.1.2, requests are handled by workersthreads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However th...