SCIENTIFIC-LINUX-ERRATA Archives

August 2014

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Important: 389-ds-base on SL6.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Thu, 7 Aug 2014 19:24:28 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (33 lines) 
Synopsis:          Important: 389-ds-base security update
Advisory ID:       SLSA-2014:1031-1
Issue Date:        2014-08-07
CVE Numbers:       CVE-2014-3562
--

It was found that when replication was enabled for each attribute in 389
Directory Server, which is the default configuration, the server returned
replicated metadata when the directory was searched while debugging was
enabled. A remote attacker could use this flaw to disclose potentially
sensitive information. (CVE-2014-3562)

After installing this update, the 389 server service will be restarted
automatically.
--

SL6
  x86_64
    389-ds-base-1.2.11.15-34.el6_5.x86_64.rpm
    389-ds-base-debuginfo-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-debuginfo-1.2.11.15-34.el6_5.x86_64.rpm
    389-ds-base-devel-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-devel-1.2.11.15-34.el6_5.x86_64.rpm
    389-ds-base-libs-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-libs-1.2.11.15-34.el6_5.x86_64.rpm
  i386
    389-ds-base-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-debuginfo-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-devel-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-libs-1.2.11.15-34.el6_5.i686.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2