[ALSA-2026:26455] Important: 389-ds-base security, bug fix, and enhancement update
Type:
security
Severity:
important
Release date:
2026-07-02
Description:
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS) (CVE-2026-9064) Bug Fix(es) and Enhancement(s): * Getting "build_candidate_list - Database error 11" messages after migrating to LMDB. [almalinux-9.8.z] (JIRA:AlmaLinux-152356) * Web console doesn't show the sub suffix of ou=foo,ou=people,dc=example,dc=com. [almalinux-9.8.z] (JIRA:AlmaLinux-168967) * DS 12 does not handle escape char in bind user [almalinux-9.8.z] (JIRA:AlmaLinux-170269) * [RFE] Add OS-level thread names to all server threads [almalinux-9.8.z] (JIRA:AlmaLinux-174524) * Online export is failing when using the option "-s" [almalinux-9.8.z] (JIRA:AlmaLinux-180716) * Server shutdown during online reindex may lead to data loss [almalinux-9.8.z] (JIRA:AlmaLinux-183895) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 389-ds-base-2.8.0-7.el9_8.aarch64.rpm 46e8278661300f5b45fd741f125e898bba6ff2ed62a7924819e38d72c026d309
aarch64 389-ds-base-snmp-2.8.0-7.el9_8.aarch64.rpm 702e64f8664b7d431ce210dd63c206404644c66efd49c04199933d6f1067d7f7
aarch64 389-ds-base-libs-2.8.0-7.el9_8.aarch64.rpm a0f45346950667c0a63326f675a137aff267a876b976a62db09636b1f625b706
aarch64 389-ds-base-devel-2.8.0-7.el9_8.aarch64.rpm d134a211878832adf06328b44d6501b2e337ff2904d77f3309acd38224f8a512
noarch python3-lib389-2.8.0-7.el9_8.noarch.rpm 78804c83fd98b10a8c1d117c439e62fae0e5e25f3f58c1f77b69764f2d9e3d92
ppc64le 389-ds-base-snmp-2.8.0-7.el9_8.ppc64le.rpm 05fd5e48f98eb240f34d764409aa47c96e1fc408eca028bc6c674d9be692c090
ppc64le 389-ds-base-libs-2.8.0-7.el9_8.ppc64le.rpm 0c04ad62c47949d67036a1d640183cdd40ed1503780058287267713aca427e06
ppc64le 389-ds-base-2.8.0-7.el9_8.ppc64le.rpm 33b7252132bf956249a148b3916f29c9ddc09d0f07abe5d4bac6f0b6f5df444c
ppc64le 389-ds-base-devel-2.8.0-7.el9_8.ppc64le.rpm f29a62b2a881a3b0f8708e285bfc72219b02a4ed5b6e8760a49a892e93582479
s390x 389-ds-base-2.8.0-7.el9_8.s390x.rpm 3ca7828836311d46bc1b03aef97bc5551fed9b16b1bf9e92127f16d32158f76f
s390x 389-ds-base-devel-2.8.0-7.el9_8.s390x.rpm 4bb7a929716f23c6a1b3748efb1edf582201a1ddc7ec1a33affb1f378f12f14c
s390x 389-ds-base-libs-2.8.0-7.el9_8.s390x.rpm 8a61a6ed261a17481c287d624466a0827cac7a24349e78854812d84c45d33153
s390x 389-ds-base-snmp-2.8.0-7.el9_8.s390x.rpm 93df09eef50f431bc096f76860f2f910e1aa65b9cfd18527c3a50f361017f082
x86_64 389-ds-base-2.8.0-7.el9_8.x86_64.rpm 45de491eeafbd39193d21dfac7c779731e06f8c9c739f5c7c7393efbce307908
x86_64 389-ds-base-snmp-2.8.0-7.el9_8.x86_64.rpm 6ab93e8531c1be6b76d3a0a06e259366bd19a8435ee1d73ca1d1b41144f08016
x86_64 389-ds-base-devel-2.8.0-7.el9_8.x86_64.rpm bc5ed01ae10e12cc2231810d43ec23e7a3ea00bc8ee6791cc8522edf9f060b82
x86_64 389-ds-base-libs-2.8.0-7.el9_8.x86_64.rpm d4d4629df95d6ec9816c2d55f1a7746334e4a1d32e07eb1ae0dac6ad036bbfae
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.