Synopsis:          Important: 389-ds-base security update
Advisory ID:       SLSA-2014:1031-1
Issue Date:        2014-08-07
CVE Numbers:       CVE-2014-3562
--

It was found that when replication was enabled for each attribute in 389
Directory Server, which is the default configuration, the server returned
replicated metadata when the directory was searched while debugging was
enabled. A remote attacker could use this flaw to disclose potentially
sensitive information. (CVE-2014-3562)

After installing this update, the 389 server service will be restarted
automatically.
--

SL6
  x86_64
    389-ds-base-1.2.11.15-34.el6_5.x86_64.rpm
    389-ds-base-debuginfo-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-debuginfo-1.2.11.15-34.el6_5.x86_64.rpm
    389-ds-base-devel-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-devel-1.2.11.15-34.el6_5.x86_64.rpm
    389-ds-base-libs-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-libs-1.2.11.15-34.el6_5.x86_64.rpm
  i386
    389-ds-base-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-debuginfo-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-devel-1.2.11.15-34.el6_5.i686.rpm
    389-ds-base-libs-1.2.11.15-34.el6_5.i686.rpm

- Scientific Linux Development Team