[ALSA-2022:0889] Low: 389-ds:1.4 security and bug fix update
Type:
security
Severity:
low
Release date:
2022-03-16
Description:
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: double free of the virtual attribute context in persistent search (CVE-2021-4091) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Paged search lookthroughlimit counter doesnt take read ahead into account (BZ#2059893) * Based on 1944494 (RFC 4530 entryUUID attribute) - plugin entryuuid failing (BZ#2060106)
References:
Updated packages listed below:
Architecture Package Checksum
noarch python3-lib389-1.4.3.23-14.module_el8.5.0+2628+c731dc97.noarch.rpm 5221ec0ebac4115f1c3ee862f8c0e245bcd557e3bad9f98caf6571273a66bec1
x86_64 389-ds-base-devel-1.4.3.23-14.module_el8.5.0+2628+c731dc97.x86_64.rpm 0fac378232c4603a1d0e1a67fdd435693cca473885b40463fa2f76d279d44d2c
x86_64 389-ds-base-1.4.3.23-14.module_el8.5.0+2628+c731dc97.x86_64.rpm 83de2d20d005f3294f08873fce7f4463f7890df05bb745361125b180c86687d6
x86_64 389-ds-base-snmp-1.4.3.23-14.module_el8.5.0+2628+c731dc97.x86_64.rpm 8b975b0944541839aec68514a36cbec398a36d246158e403b8f22826f9212d1e
x86_64 389-ds-base-legacy-tools-1.4.3.23-14.module_el8.5.0+2628+c731dc97.x86_64.rpm cfec6206e14405f48c01f580915e1416622216cecd6c780548257c9c1fee3f31
x86_64 389-ds-base-libs-1.4.3.23-14.module_el8.5.0+2628+c731dc97.x86_64.rpm e5d86579d90e8d9cd983398310384ed89909b425b371f93e0a2b3032a7b7edf4
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.