SCIENTIFIC-LINUX-ERRATA Archives

April 2015

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA important: Important: 389-Ds-Base Security Update on SL7.x srpm/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Thu, 30 Apr 2015 17:17:02 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (27 lines) 
important:         Important: 389-Ds-Base Security Update on SL7.x srpm/x86_64
Advisory ID:       SLSA-2015:0895-1
Issue Date:        2015-04-28
CVE Numbers:       CVE-2015-1854
--

A flaw was found in the way the Directory Server performed authorization
of modrdn operations. An unauthenticated attacker able to issue an
ldapmodrdn call to the directory server could use this flaw to
perform unauthorized modifications of entries in the directory server.
(CVE-2015-1854)

After installing this update, the 389 server service will be restarted
automatically.
--

SL7
  x86_64
    389-ds-base-1.3.3.1-16.el7_1.x86_64.rpm
    389-ds-base-debuginfo-1.3.3.1-16.el7_1.x86_64.rpm
    389-ds-base-libs-1.3.3.1-16.el7_1.x86_64.rpm
    389-ds-base-devel-1.3.3.1-16.el7_1.x86_64.rpm
  srpm
    389-ds-base-1.3.3.1-16.el7_1.src.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2