Moderate: 389-ds-base security, bug fix, and
Date: Thu, 28 Feb 2013 16:16:51 -0600
Reply-To: Pat Riehecky
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Organization: Fermilab
Subject: Security ERRATA Moderate: 389-ds-base on SL6.x i386/x86_64
MIME-Version: 1.0
Synopsis: Moderate: 389-ds-base security, bug fix, and
enhancement update
Issue Date: 2013-02-21
CVE Numbers: CVE-2012-4450
--
A flaw was found in the way 389 Directory Server enforced ACLs after
performing an LDAP modify relative distinguished name (modrdn) operation. After
modrdn was used to move part of a tree, the ACLs defined on the moved
(Distinguished Name) were not properly enforced until the server was restarted. This could allow
LDAP users to access information that should be restricted by the
defined ACLs. (CVE-2012-4450)
After installing this update, the 389 server service will be restarted
automatically.
--
SL6
x86_64
389-ds-base-1.2.11.15-11.el6.x86_64.rpm
389-ds-base-debuginfo-1.2.11.15-11.el6.i686.rpm
389-ds-base-debuginfo-1.2.11.15-11.el6.x86_64.rpm
389-ds-base-devel-1.2.11.15-11.el6.i686.rpm
389-ds-base-devel-1.2.11.15-11.el6.x86_64.rpm
389-ds-base-libs-1.2.11.15-11.el6.i686.rpm
389-ds-base-libs-1.2.11.15-11.el6.x86_64.rpm
i386
389-ds-base-1.2.11.15-11.el6.i686.rpm
389-ds-base-debuginfo-1.2.11.15-11.el6.i686.rpm
389-ds-base-devel-1.2.11.15-11.el6.i686.rpm
389-ds-base-libs-1.2.11.15-11.el6.i686.rpm
- Scientific Linux Development Team