 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Tue, 3 Dec 2013 20:07:04 +0000 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Important: 389-ds-base security update
Advisory ID: SLSA-2013:1752-1
Issue Date: 2013-11-21
CVE Numbers: CVE-2013-4485
--
It was discovered that the 389 Directory Server did not properly handle
certain Get Effective Rights (GER) search queries when the attribute list,
which is a part of the query, included several names using the '@'
character. An attacker able to submit search queries to the 389 Directory
Server could cause it to crash. (CVE-2013-4485)
After installing this update, the 389 server service will be restarted
automatically.
--
SL6
x86_64
389-ds-base-1.2.11.15-30.el6_5.x86_64.rpm
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
389-ds-base-debuginfo-1.2.11.15-30.el6_5.x86_64.rpm
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
389-ds-base-devel-1.2.11.15-30.el6_5.x86_64.rpm
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
389-ds-base-libs-1.2.11.15-30.el6_5.x86_64.rpm
i386
389-ds-base-1.2.11.15-30.el6_5.i686.rpm
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
The following RPMs were added for dependency resolution:
x86_64
openssl-1.0.1e-15.el6.i686.rpm
openssl-1.0.1e-15.el6.x86_64.rpm
openssl-devel-1.0.1e-15.el6.i686.rpm
openssl-devel-1.0.1e-15.el6.x86_64.rpm
openssl-perl-1.0.1e-15.el6.x86_64.rpm
openssl-static-1.0.1e-15.el6.x86_64.rpm
p11-kit-0.18.5-2.el6.i686.rpm
p11-kit-0.18.5-2.el6.x86_64.rpm
p11-kit-devel-0.18.5-2.el6.i686.rpm
p11-kit-devel-0.18.5-2.el6.x86_64.rpm
p11-kit-trust-0.18.5-2.el6.i686.rpm
p11-kit-trust-0.18.5-2.el6.x86_64.rpm
i386
openssl-1.0.1e-15.el6.i686.rpm
openssl-devel-1.0.1e-15.el6.i686.rpm
openssl-perl-1.0.1e-15.el6.i686.rpm
openssl-static-1.0.1e-15.el6.i686.rpm
p11-kit-0.18.5-2.el6.i686.rpm
p11-kit-devel-0.18.5-2.el6.i686.rpm
p11-kit-trust-0.18.5-2.el6.i686.rpm
- Scientific Linux Development Team
|
|
|
