ALSA-2024:5192

[ALSA-2024:5192] Moderate: 389-ds-base security update

Type:

security

Severity:

moderate

Release date:

2024-08-13

Description:

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

* 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953)
* 389-ds-base: unauthenticated user can trigger a DoS by sending a specific extended search request (CVE-2024-6237)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	389-ds-base-2.4.5-9.el9_4.aarch64.rpm	61b681a1344f882bd4280f993317f8a6a8bc4585f0d21fdf54b8dcfdfeb4a530
aarch64	389-ds-base-libs-2.4.5-9.el9_4.aarch64.rpm	97a127ea75363e24bac156358d8db3f09df68ae186daa89f53e5f6d421752ab6
aarch64	389-ds-base-devel-2.4.5-9.el9_4.aarch64.rpm	e0fd820f5a57cf508707adc2ecba139fcd29961812a55696be945fdef00064ce
noarch	python3-lib389-2.4.5-9.el9_4.noarch.rpm	997deceabd3440cbb5e7221f2b55f9b34c4f83cb166e3a748bd3d5c89b6475ee
ppc64le	389-ds-base-libs-2.4.5-9.el9_4.ppc64le.rpm	45ae0ee1e4835f295f9054e7a52d3dd7dd8d7a91bd2bf9e938aacdcd7ff3e6f6
ppc64le	389-ds-base-2.4.5-9.el9_4.ppc64le.rpm	86e34a19c5136c0e64d07ae4e764072cccab1e615207bf90921b8eee8df38603
ppc64le	389-ds-base-devel-2.4.5-9.el9_4.ppc64le.rpm	9574f6be0b6f559cfe156382dd9b78dcea70b2c1bf8fcc72ab9397ef129e1d6d
s390x	389-ds-base-devel-2.4.5-9.el9_4.s390x.rpm	4840dd677ba9d8c550a50979970d78180da6b96b2b67349b07b4a4b408e0b710
s390x	389-ds-base-libs-2.4.5-9.el9_4.s390x.rpm	cd3a33efbfb395d5cc9b7b15b85848c79ed71f070c30dc2d5a69fb7bc76d86bc
s390x	389-ds-base-2.4.5-9.el9_4.s390x.rpm	dfa00100132c18bffc3ae4ff0c3b2dc1ff31c9b853df3786abce3e54ab72dab3
x86_64	389-ds-base-devel-2.4.5-9.el9_4.x86_64.rpm	495f442140d399c4b7835795b06c0501e511233a790f66bcda7c29e7dcc53bc4
x86_64	389-ds-base-2.4.5-9.el9_4.x86_64.rpm	73f3d6bd35590d889cc699bf67ce5cf24ca71a0d2f7826f4a60fd02657a1eba8
x86_64	389-ds-base-libs-2.4.5-9.el9_4.x86_64.rpm	f5ba1995e15232501b101423fc1afd19226fe1098581109678a4f41ff2a7e5dc

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.