Synopsis: Low: 389-ds-base security, bug fix, and enhancement update Issue Date: 2012-06-20 CVE Numbers: CVE-2012-0833 The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. A flaw was found in the way the 389 Directory Server daemon (ns-slapd) handled access control instructions (ACIs) using certificate groups. If an LDAP user that had a certificate group defined attempted to bind to the directory server, it would cause ns-slapd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2012-0833) These updated 389-ds-base packages also include numerous bug fixes and enhancements. Users are advised to upgrade to these updated 389-ds-base packages, which resolve these issues and add these enhancements. After installing this update, the 389 server service will be restarted automatically. SL6: i386 389-ds-base-1.2.10.2-15.el6.i686.rpm 389-ds-base-debuginfo-1.2.10.2-15.el6.i686.rpm 389-ds-base-devel-1.2.10.2-15.el6.i686.rpm 389-ds-base-libs-1.2.10.2-15.el6.i686.rpm x86_64 389-ds-base-1.2.10.2-15.el6.x86_64.rpm 389-ds-base-debuginfo-1.2.10.2-15.el6.i686.rpm 389-ds-base-debuginfo-1.2.10.2-15.el6.x86_64.rpm 389-ds-base-devel-1.2.10.2-15.el6.i686.rpm 389-ds-base-devel-1.2.10.2-15.el6.x86_64.rpm 389-ds-base-libs-1.2.10.2-15.el6.i686.rpm 389-ds-base-libs-1.2.10.2-15.el6.x86_64.rpm - Scientific Linux Development Team