[ALSA-2026:36201] Important: 389-ds:1.4 security update
Type:
security
Severity:
important
Release date:
2026-07-13
Description:
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND (CVE-2026-11610) * 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow (CVE-2026-11774) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 389-ds-base-snmp-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.aarch64.rpm 3c1c58a90dfce07ec538a6438acea53b15d8faf7fddd53c92a65a7de209b2f11
aarch64 389-ds-base-legacy-tools-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.aarch64.rpm 428b2e13145fa8efaa2924f85555df207ebdaef2731d467ea67bf6281b46d553
aarch64 389-ds-base-libs-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.aarch64.rpm b6ad5f4bbc35c82bbc8fc93e5bc51f42f0386c732a93ee08f1bc852125d78339
aarch64 389-ds-base-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.aarch64.rpm dd7b7d9e4b5f93559e2b2ea454697054ddb356adf602fc2032b6c798951298d5
aarch64 389-ds-base-devel-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.aarch64.rpm e8e2e94f45495075386153bcc78a59e00da50e7e8aa04f9eb4b8a766f543a07d
noarch python3-lib389-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.noarch.rpm 4b07004d71422c25c3b945afabc448be4c7308e06cb3da86086ee1ea9313fe7e
ppc64le 389-ds-base-legacy-tools-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.ppc64le.rpm 2f33ac8ccf7d967d763b88815c8dfa003744c36d4ea872d9857fb1592a9cfb7e
ppc64le 389-ds-base-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.ppc64le.rpm 5afc55aa73a8aedeaa4f88ea1240908b66ae3a8722f3862d13f8da9e04e76955
ppc64le 389-ds-base-libs-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.ppc64le.rpm ae0f7e871ba77569e47034ad1e8494b801aca35357c2d1941e707095bd146b74
ppc64le 389-ds-base-devel-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.ppc64le.rpm c46e0cd415a5412a092f5791e60a4d038222451ff51f033d55d1b948bb07ce49
ppc64le 389-ds-base-snmp-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.ppc64le.rpm faff25ce534eb2be186aed1423346aae509826f8f60b59bf09b3a2a4224a17d9
s390x 389-ds-base-snmp-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.s390x.rpm 7392a785bd9d699ab15a4d1de468f493db7fa7e06326ec6a64d24bfe143f9980
s390x 389-ds-base-devel-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.s390x.rpm 772d3ad20cbe1208084e10e746e3e83851a9de2d016da7eb18cc2011fc175a6a
s390x 389-ds-base-legacy-tools-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.s390x.rpm 95467346cb268905f4aa2dbf1db275462383d860331907e145a387728da3c38a
s390x 389-ds-base-libs-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.s390x.rpm a881e34633ed9fbf5a29c5ceb9bd7f911d9ca709de7a6722d4498822f694e772
s390x 389-ds-base-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.s390x.rpm c4d431201a603bf5d37cd386b685948585c66fff4b80dbdf7fd7785bcca4b193
x86_64 389-ds-base-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.x86_64.rpm 1905ebf9430159e6f2e214d64b992fdcc0a923d4e9a8694938f533b3de79553f
x86_64 389-ds-base-legacy-tools-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.x86_64.rpm 38a80e686c5a2c49ea1d4c147fb7b453f8f25401f55ada7c9ac3d7a41b188e4d
x86_64 389-ds-base-libs-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.x86_64.rpm 6ef7111bfa0d7978014c0c9b388679b61ca8da997981a953d778f1feb56499a5
x86_64 389-ds-base-snmp-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.x86_64.rpm 790dd440d7c0d382f7cee538d087a79040303c29380e11e77b410602b8821c43
x86_64 389-ds-base-devel-1.4.3.39-25.module_el8.10.0+4214+f26e0f43.x86_64.rpm a903a60ad9b3143567e9253fd8cc713b75d6871b759eab347f90d5d33159b8ef
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.