ALSA-2026:5513

[ALSA-2026:5513] Moderate: 389-ds:1.4 security update

Type:

security

Severity:

moderate

Release date:

2026-03-26

Description:

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.   

Security Fix(es):  

  * 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow (CVE-2025-14905)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	389-ds-base-devel-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.aarch64.rpm	652241ab706d813d3a5a1cef6f615c1fcf24e0d5986d8d4a408bd004e88da75a
aarch64	389-ds-base-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.aarch64.rpm	6941fc0695fd435a362f921ae0ab6d2c02f812dae10282605e901225c1e30539
aarch64	389-ds-base-legacy-tools-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.aarch64.rpm	a9861a1d90a1d90946f19849be610fa91153df82e3557eb7468341ea44bd0266
aarch64	389-ds-base-snmp-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.aarch64.rpm	c3b118edbff88847f625275b01dd8d6630094d4977c3c2f043beb78f05738553
aarch64	389-ds-base-libs-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.aarch64.rpm	eb56ee3fd511f51da5667097d80cedbccc1013af866f29163b8e762dff066407
noarch	python3-lib389-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.noarch.rpm	a7dba57a01d3280d5a874e59691d3ce731eeee6fa9d2f4883cd975c5b54c1cb7
ppc64le	389-ds-base-devel-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.ppc64le.rpm	09bfd4a2c91762852e255b287c9ad7e9a2e17341440fc66d70a7e2a97d15220d
ppc64le	389-ds-base-snmp-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.ppc64le.rpm	1e795bf98b6a65c6e523e8cce7e27839e10e57c1a6c3c599a3e690b3385327d8
ppc64le	389-ds-base-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.ppc64le.rpm	5875c941f1bdb302812cab100a72546164c9c46aab6d94cf3bd33ed383c21619
ppc64le	389-ds-base-libs-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.ppc64le.rpm	8520e6974eda4f40bbb37c1a338d07ac9327dc43dc6b323a788764246164c0ff
ppc64le	389-ds-base-legacy-tools-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.ppc64le.rpm	969fa3288d3a4565a349ab6dd12237437b83cc4ee811f87622d588508b504e43
s390x	389-ds-base-snmp-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.s390x.rpm	05a18f1d2a3834c091284880c288b9b4849191ccc8726dab70283c0fbf01da23
s390x	389-ds-base-legacy-tools-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.s390x.rpm	1490c890b285322bc55ca0a4a9b2908f2de6749327d3850b5208db8e16b90ec2
s390x	389-ds-base-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.s390x.rpm	428c2aa0e9add8fb3902edbfff822f87a42b3f022f5fd5a30342452732449591
s390x	389-ds-base-libs-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.s390x.rpm	717b45d6f44ae069adf731de2c0541235a2d4053088c18ca6253286b61897f3b
s390x	389-ds-base-devel-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.s390x.rpm	d02af1e802c86b173411d51e8f13e6e75a7ba4a2ca0ed240ae4a928c46c6db0b
x86_64	389-ds-base-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.x86_64.rpm	84892c8f36a98511df02a59aefa23e30a351e0264209bf46d71da051dda99d1d
x86_64	389-ds-base-legacy-tools-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.x86_64.rpm	90a7e7d738665c8b72e70bea8e74c83579c7613ebe96a7265a4a45826266ebe5
x86_64	389-ds-base-snmp-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.x86_64.rpm	93f29c76b5f562ea6e6b26735e8f614a0bd59daae3914530c1ff89bcbe6c6692
x86_64	389-ds-base-devel-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.x86_64.rpm	a8e63d7649203d59facc48339ea82d1fbfc1380787db5c630cc9fad8ed340d99
x86_64	389-ds-base-libs-1.4.3.39-23.module_el8.10.0+4139+ef6adba4.x86_64.rpm	f0421bbc1d760b75207cda243e6ad2282e71ebf18cdcccb8af2116a9966be245

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.