SCIENTIFIC-LINUX-ERRATA Archives

March 2018

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Important: 389-ds-base on SL7.x x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Wed, 7 Mar 2018 22:15:57 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (37 lines) 
Synopsis:          Important: 389-ds-base security and bug fix update

Advisory ID:       SLSA-2018:0414-1

Issue Date:        2018-03-06

CVE Numbers:       CVE-2017-15135

                   CVE-2018-1054

--



Security Fix(es):



* 389-ds-base: remote Denial of Service (DoS) via search filters in

SetUnicodeStringFromUTF_8 in collate.c (CVE-2018-1054)



* 389-ds-base: Authentication bypass due to lack of size check in

slapi_ct_memcmp function in ch_malloc.c (CVE-2017-15135)



Bug Fix(es):



* Previously, if an administrator configured an index for an attribute

with a specific matching rule in the "nsMatchingRule" parameter, Directory

Server did not use the retrieved indexer. As a consequence, Directory

Server did not index the values of this attribute with the specified

matching rules, and searches with extended filters were unindexed. With

this update, Directory Server uses the retrieved indexer that processes

the specified matching rule. As a result, searches using extended filters

with a specified matching rule are now indexed.

--



SL7

  x86_64

    389-ds-base-1.3.6.1-28.el7_4.x86_64.rpm

    389-ds-base-debuginfo-1.3.6.1-28.el7_4.x86_64.rpm

    389-ds-base-devel-1.3.6.1-28.el7_4.x86_64.rpm

    389-ds-base-libs-1.3.6.1-28.el7_4.x86_64.rpm

    389-ds-base-snmp-1.3.6.1-28.el7_4.x86_64.rpm



- Scientific Linux Development Team

ATOM RSS1 RSS2