Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
98
security advisorymoderatered hatRed Hat Enterprise Linux 8 RHSA-2021-2595-01 Moderate: 389-ds Security Flaw
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: 389-ds:1.4 security and bug fix update Advisory ID: RHSA-2021:2595-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2595 Issue date: 2021-06-29 CVE Names: CVE-2021-3514 ==================================================================== 1. Summary: An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() (CVE-2021-3514) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * ACIs are being evaluated against the Replication Manager account in a replication context. (BZ#1968588) * A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind rule (BZ#1970791) * Large updates can reset theCLcache to the beginning of the changelog (BZ#1972721) * Changelog cache can upload updates from a wrong starting point (CSN) (BZ#1972738) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1952907 - CVE-2021-3514 389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() 1960720 - CVE-2021-3514 389-ds:1.4/389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() [rhel-8] [rhel-8.4.0.z] 1968588 - ACIs are being evaluated against the Replication Manager account in a replication context. [rhel-8.4.0.z] 1970791 - A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind rule [rhel-8.4.0.z] 1972721 - Large updates can reset the CLcache to the beginning of the changelog [rhel-8.4.0.z] 1972738 - Changelog cache can upload updates from a wrong starting point (CSN) [rhel-8.4.0.z] 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.src.rpm aarch64: 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.aarch64.rpm noarch: python3-lib389-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.noarch.rpm ppc64le: 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.ppc64le.rpm s390x: 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.s390x.rpm x86_64: 389-ds-base-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm 389-ds-base-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm 389-ds-base-debugsource-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm 389-ds-base-devel-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm 389-ds-base-legacy-tools-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm 389-ds-base-legacy-tools-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm 389-ds-base-libs-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm 389-ds-base-libs-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm 389-ds-base-snmp-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm 389-ds-base-snmp-debuginfo-1.4.3.16-16.module+el8.4.0+11446+fc96bc48.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-3514 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYNtGdtzjgjWX9erEAQiZSRAAjwLLGnMmBPInL9f9xSB0MC4U6eX1jXTy KBQTqFEzBCFjztQ12Cxuz4AzhQuULpncgTHSGOZIZ9YuPUsqQY7e4y3oNF4VLTGx fgXe/cE4ZthKzMZmj5ol1Qeuooym03XpD2SQA1SpEZ7uenVITZUPiM8fQrre1oB3 X0ecHxSNVuT6Q93KGXH0/pXlYTDoq6Sw2DuiGyLHTTuvsPMjWOfoPYvuV553PCfv 0zBQJE/KT1O9FIbPCImZd3075Uvk/TC4KryU5mEbpmaM1Zpjovg2vKm7RZUI7c/u Bp2/emKRj+hJJRlkyAof/sUA8db/Vz3z/fpZdJLN4ME34H+PvUrcY89tkQHKGg9R LSHL9GZCEjvwlFLnhhMuwuiXPw6j7L/0JVk+YW055Q7QsiJgHnuOFhmIm8jt6ClE fGCrKCTfLZVc2Aw6/tDuzYCT51DHdfsbaMMAOHJE2tAr2qIJBEHnc+ORiRsBlmYB iy2E9eOMhT1IL1285Q4CZ2M4jbQ6mr72q7JCuze54PbeCKDLAaQuHzHDF/YEM4D0 yMCllkfLKxowo64r7NSspc7m1T/LmOht3LNYMewfE7LX6SqYqYx3cAGwcKHZKH35 tpVk/whAkNDxChDvpbJPkn7+Zbi9uhGcQjCTXB1tvfPG+Tx2P3/qbZlc+t9rMqWa aCgccqLLJ4E=HLbq -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 29, 2021
Red Hat
197
security advisorycritical issueupdateDebian: DLA-1483-1 Critical: Unhashed Password Threat in 389-ds-base
CVE-2018-10871 By default nsslapd-unhashed-pw-switch was set to 'on'. So a copy of . Package : 389-ds-base Version : 1.3.3.5-4+deb8u2 CVE ID : CVE-2018-10871 CVE-2018-10935 Debian Bug : 906985 CVE-2018-10871 By default nsslapd-unhashed-pw-switch was set to 'on'. So a copy of the unhashed password was kept in modifiers and was possibly logged in changelog and retroCL. Unless it is used by some plugin it does not require to keep unhashed passwords. The nsslapd-unhashed-pw-switch option is now 'off' by default. CVE-2018-10935 It was discovered that any authenticated user doing a search using ldapsearch with extended controls for server side sorting could bring down the LDAP server itself. The fix is to check if we are able to index the provided value. If we are not, then slapd_qsort returns an error (LDAP_OPERATION_ERROR) . For Debian 8 "Jessie", these problems have been fixed in version 1.3.3.5-4+deb8u2. We recommend that you upgrade your 389-ds-base packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail:
Aug 30, 2018
•Critical
Debian LTS
98
security advisorysecurity fiximportantRed Hat Enterprise Linux 6 RHSA-2018:1364 Important: 389-ds-base Crash Fix
An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: 389-ds-base security update Advisory ID: RHSA-2018:1364-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1364 Issue date: 2018-05-09 CVE Names: CVE-2018-1089 ==================================================================== 1. Summary: An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: ns-slapd crash via large filter value in ldapsearch (CVE-2018-1089) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in theReferences section. Red Hat would like to thank Greg Kubok for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the 389 server service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1559802 - CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: 389-ds-base-1.2.11.15-95.el6_9.src.rpm i386: 389-ds-base-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.i686.rpm x86_64: 389-ds-base-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: 389-ds-base-1.2.11.15-95.el6_9.src.rpm x86_64: 389-ds-base-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: 389-ds-base-1.2.11.15-95.el6_9.src.rpm i386: 389-ds-base-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.i686.rpm x86_64: 389-ds-base-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.x86_64.rpm Red HatEnterprise Linux Server Optional (v. 6): i386: 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: 389-ds-base-1.2.11.15-95.el6_9.src.rpm i386: 389-ds-base-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.i686.rpm x86_64: 389-ds-base-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-95.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-95.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-95.el6_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2018-1089 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFa8wV4XlSAg2UNWIIRAlxVAJ9SdplQ39K6+vYaUb5ZkFAU/CJ45gCgwah6 AObdndNFzRUjGpCrRReSJGo=02kz -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 09, 2018
•Important
Red Hat
89
security advisorycriticalFedoraFedora 25: 389-ds-base Security Update FEDORA-2016-8f9d466bcc Critical
Bump version to 1.3.5.15-1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-8f9d466bcc 2016-11-19 18:59:18.554463 -------------------------------------------------------------------------------- Name : 389-ds-base Product : Fedora 25 Version : 1.3.5.15 Release : 1.fc25 URL : https://www.port389.org/ Summary : 389 Directory Server (base) Description : 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. -------------------------------------------------------------------------------- Update Information: Bump version to 1.3.5.15-1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360268 - Duplicate collation entries https://bugzilla.redhat.com/show_bug.cgi?id=1360268 [ 2 ] Bug #1350393 - setup-ds.pl fails on F24 if perl-Errno is not updated https://bugzilla.redhat.com/show_bug.cgi?id=1350393 [ 3 ] Bug #1255701 - USE_64 variable is not used by upstream https://bugzilla.redhat.com/show_bug.cgi?id=1255701 [ 4 ] Bug #1246604 - [PATCH] Please depend on policycoreutils-python-utils https://bugzilla.redhat.com/show_bug.cgi?id=1246604 [ 5 ] Bug #1114928 - setup-ds.pl creates configuration files under /usr https://bugzilla.redhat.com/show_bug.cgi?id=1114928 [ 6 ] Bug #1361420 - CVE-2016-5416 389-ds-base: ACI readable by anonymous user [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361420 [ 7 ] Bug #1339177 - 389-ds-base-1.3.5.4-1.fc25.1 FTBFS: no Systemd pkg-config files https://bugzilla.redhat.com/show_bug.cgi?id=1339177 [ 8 ] Bug #1306224 - 389-ds-base: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1306224 [ 9 ] Bug #1244234 - Use python3 in scripts in 389-ds-base https://bugzilla.redhat.com/show_bug.cgi?id=1244234 [ 10 ] Bug #1146030 - split out snmpagent into a subpackage https://bugzilla.redhat.com/show_bug.cgi?id=1146030 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade 389-ds-base' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 19, 2016
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!