Synopsis: Important: 389-ds-base security update Advisory ID: SLSA-2013:1752-1 Issue Date: 2013-11-21 CVE Numbers: CVE-2013-4485 -- It was discovered that the 389 Directory Server did not properly handle certain Get Effective Rights (GER) search queries when the attribute list, which is a part of the query, included several names using the '@' character. An attacker able to submit search queries to the 389 Directory Server could cause it to crash. (CVE-2013-4485) After installing this update, the 389 server service will be restarted automatically. -- SL6 x86_64 389-ds-base-1.2.11.15-30.el6_5.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm 389-ds-base-debuginfo-1.2.11.15-30.el6_5.x86_64.rpm 389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm 389-ds-base-devel-1.2.11.15-30.el6_5.x86_64.rpm 389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm 389-ds-base-libs-1.2.11.15-30.el6_5.x86_64.rpm i386 389-ds-base-1.2.11.15-30.el6_5.i686.rpm 389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm 389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm 389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm The following RPMs were added for dependency resolution: x86_64 openssl-1.0.1e-15.el6.i686.rpm openssl-1.0.1e-15.el6.x86_64.rpm openssl-devel-1.0.1e-15.el6.i686.rpm openssl-devel-1.0.1e-15.el6.x86_64.rpm openssl-perl-1.0.1e-15.el6.x86_64.rpm openssl-static-1.0.1e-15.el6.x86_64.rpm p11-kit-0.18.5-2.el6.i686.rpm p11-kit-0.18.5-2.el6.x86_64.rpm p11-kit-devel-0.18.5-2.el6.i686.rpm p11-kit-devel-0.18.5-2.el6.x86_64.rpm p11-kit-trust-0.18.5-2.el6.i686.rpm p11-kit-trust-0.18.5-2.el6.x86_64.rpm i386 openssl-1.0.1e-15.el6.i686.rpm openssl-devel-1.0.1e-15.el6.i686.rpm openssl-perl-1.0.1e-15.el6.i686.rpm openssl-static-1.0.1e-15.el6.i686.rpm p11-kit-0.18.5-2.el6.i686.rpm p11-kit-devel-0.18.5-2.el6.i686.rpm p11-kit-trust-0.18.5-2.el6.i686.rpm - Scientific Linux Development Team