ALSA-2024:3047

[ALSA-2024:3047] Moderate: 389-ds:1.4 security update

Type:

security

Severity:

moderate

Release date:

2024-05-29

Description:

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. 

Security Fix(es):

* 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr) (CVE-2024-1062)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	389-ds-base-1.4.3.39-3.module_el8.10.0+3829+ea459e35.aarch64.rpm	1357fd120b767392780bc4e95ed9613789fc871e2ff524981dfb267dbd5bd64b
aarch64	389-ds-base-snmp-1.4.3.39-3.module_el8.10.0+3829+ea459e35.aarch64.rpm	4634c0dda8f8916c5aeb5ea5472f75f409c893d5c4e211d6e2c83fecbbc76c32
aarch64	389-ds-base-libs-1.4.3.39-3.module_el8.10.0+3829+ea459e35.aarch64.rpm	81d6b7c7cd7b766e57cde35038e23c84c10023568173c12b51755d58318a19aa
aarch64	389-ds-base-devel-1.4.3.39-3.module_el8.10.0+3829+ea459e35.aarch64.rpm	853870f033b335c040ed33bd71f176595eb6472fcaffd54fd37c659cd2721a88
aarch64	389-ds-base-legacy-tools-1.4.3.39-3.module_el8.10.0+3829+ea459e35.aarch64.rpm	9eac02003d642e49eb8c625d8491c3450e83f267df5acc2f030d6bf6d81d2bed
noarch	python3-lib389-1.4.3.39-3.module_el8.10.0+3829+ea459e35.noarch.rpm	21f0b8263fe49462044ab5903c51d4f2d8d6749a981ab3b650bef9bd36080fc3
ppc64le	389-ds-base-devel-1.4.3.39-3.module_el8.10.0+3829+ea459e35.ppc64le.rpm	10eb80934acb36b96b12a08e3763751d343981fd8a232571113967cad3193384
ppc64le	389-ds-base-libs-1.4.3.39-3.module_el8.10.0+3829+ea459e35.ppc64le.rpm	11c0fb03300d7df653158f253309bced527a34694d7adc3ea278fe50b8570a76
ppc64le	389-ds-base-1.4.3.39-3.module_el8.10.0+3829+ea459e35.ppc64le.rpm	4a61010579c81b359261e47a2a951370133f5f84e42d28dd0d853ac1aa60ed3f
ppc64le	389-ds-base-legacy-tools-1.4.3.39-3.module_el8.10.0+3829+ea459e35.ppc64le.rpm	57f86c9868f1bfe589c642498e4e94d68159aec36f3bfa93d70f7025d747fabd
ppc64le	389-ds-base-snmp-1.4.3.39-3.module_el8.10.0+3829+ea459e35.ppc64le.rpm	782ed04ecb19c951288493a1a17b628d9184a51e80823171e16f9ad776abfd6d
s390x	389-ds-base-1.4.3.39-3.module_el8.10.0+3829+ea459e35.s390x.rpm	28441d0c9197b3d9636ccd6def0cadf005c065f5c89803ca5f3f4f7fb0b2a7e0
s390x	389-ds-base-snmp-1.4.3.39-3.module_el8.10.0+3829+ea459e35.s390x.rpm	3138261f0e173f5ec8c29db0013cd333a6b4ed5e6ee9f42df0f5dbb6e6d19ec5
s390x	389-ds-base-devel-1.4.3.39-3.module_el8.10.0+3829+ea459e35.s390x.rpm	4b74a23452a56b3e4942a93d97a5c052c763c154fd7b1d9722fc8dc52d45c632
s390x	389-ds-base-libs-1.4.3.39-3.module_el8.10.0+3829+ea459e35.s390x.rpm	ab294156485a061738ad29dafe47577b0feb30aaafc9e87945644ed5ede22d86
s390x	389-ds-base-legacy-tools-1.4.3.39-3.module_el8.10.0+3829+ea459e35.s390x.rpm	ea3f8730c97c263e87bff4eebf878787e946b7d3e7f6b5a56267728e6851384b
x86_64	389-ds-base-snmp-1.4.3.39-3.module_el8.10.0+3829+ea459e35.x86_64.rpm	29bf8384614618b219c2f146b202d07383652362dd3a776a1c9596fde9379605
x86_64	389-ds-base-libs-1.4.3.39-3.module_el8.10.0+3829+ea459e35.x86_64.rpm	4c95faea0d0f003ead3b12f707dcdf926ac5c9a9685741748d74620b6dd5ba55
x86_64	389-ds-base-legacy-tools-1.4.3.39-3.module_el8.10.0+3829+ea459e35.x86_64.rpm	6bba7b95a89bbefba341df5c6c21eecfeffa4008da166495906da541785c159b
x86_64	389-ds-base-devel-1.4.3.39-3.module_el8.10.0+3829+ea459e35.x86_64.rpm	af9cd1b11a4d1d2a14d2e737c42c1b3671c9424c2b8ba3380389c01d9f676127
x86_64	389-ds-base-1.4.3.39-3.module_el8.10.0+3829+ea459e35.x86_64.rpm	bb648eee9a0b5bfe14e9542ec3b77a8016b9939c514d4be77c97c8efd354c185

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.