Synopsis: Important: 389-ds-base security update Advisory ID: SLSA-2018:0515-1 Issue Date: 2018-03-13 CVE Numbers: CVE-2017-15135 CVE-2018-1054 -- Security Fix(es): * 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c (CVE-2018-1054) * 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c (CVE-2017-15135) -- SL6 x86_64 389-ds-base-1.2.11.15-94.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-94.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-94.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-94.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-94.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-94.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-94.el6_9.x86_64.rpm i386 389-ds-base-1.2.11.15-94.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-94.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-94.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-94.el6_9.i686.rpm - Scientific Linux Development Team