[ALSA-2022:8162] Moderate: 389-ds-base security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2022-11-18
Description:
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base (2.1.3). (BZ#2061801) Security Fix(es): * 389-ds-base: sending crafted message could result in DoS (CVE-2022-0918) * 389-ds-base: SIGSEGV in sync_repl (CVE-2022-2850) * 389-ds-base: expired password was still allowed to access the database (CVE-2022-0996) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 389-ds-base-2.1.3-4.el9_1.aarch64.rpm 027c130c7e073748b7bd711ef4e90a8e8a6b5a18202c98749632b078abcfe330
aarch64 389-ds-base-libs-2.1.3-4.el9_1.aarch64.rpm cf8017d08c89f2ac07a7eb6aafea90e171fb530b77bf89a8ec40d88e72234e99
noarch python3-lib389-2.1.3-4.el9_1.noarch.rpm cfe6a2e6540b9a9d7046536d24a4a25cad66d232402fdb5e9951d205ecf04c6f
ppc64le 389-ds-base-2.1.3-4.el9_1.ppc64le.rpm 0864489028da62f6ec163a3db63b4eb028b37c81b2af54d206e485b573d4db98
ppc64le 389-ds-base-libs-2.1.3-4.el9_1.ppc64le.rpm 87545b498dff0204a3f981f5372d302e29ebe1a545f4fbc1d7fc5339fd1799a2
s390x 389-ds-base-2.1.3-4.el9_1.s390x.rpm 23819698eefaa613b27fbc75dfa7a4e449f45ccc2b96bb9153e509c86919405f
s390x 389-ds-base-libs-2.1.3-4.el9_1.s390x.rpm edbfc4726d34137fbcdfb97b8e73be5c755a06aaf4c1b24012ade4f8a3ca0011
x86_64 389-ds-base-libs-2.1.3-4.el9_1.x86_64.rpm 39b9508d2df3d7207c27024048b34b1b6c7e18e8423bb94a1ade8b6c94cd8e82
x86_64 389-ds-base-2.1.3-4.el9_1.x86_64.rpm e95ddc672e86cf19aed9ad7895299a08cddfe72ccb4c3778c76dea5d6b61fe4b
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.