Synopsis:          Moderate: 389-ds-base security and bug fix update
Advisory ID:       SLSA-2018:2757-1
Issue Date:        2018-09-25
CVE Numbers:       CVE-2018-10850
                   CVE-2018-10935
                   CVE-2018-14624
                   CVE-2018-14638
--

Security Fix(es):

* 389-ds-base: race condition on reference counter leads to DoS using
persistent search (CVE-2018-10850)

* 389-ds-base: ldapsearch with server side sort allows users to cause a
crash (CVE-2018-10935)

* 389-ds-base: Server crash through modify command with large DN
(CVE-2018-14624)

* 389-ds-base: Crash in delete_passwdPolicy when persistent search
connections are terminated unexpectedly (CVE-2018-14638)

Bug Fix(es):

* Previously, the nucn-stans framework was enabled by default in Directory
Server, but the framework is not stable. As a consequence, deadlocks and
file descriptor leaks could occur. This update changes the default value
of the nsslapd-enable-nunc-stans parameter to "off". As a result,
Directory Server is now stable.

* When a search evaluates the "shadowAccount" entry, Directory Server adds
the shadow attributes to the entry. If the fine-grained password policy is
enabled, the "shadowAccount" entry can contain its own "pwdpolicysubentry"
policy attribute. Previously, to retrieve this attribute, the server
started an internal search for each "shadowAccount" entry, which was
unnecessary because the entry was already known to the server. With this
update, Directory Server only starts internal searches if the entry is not
known. As a result, the performance of searches, such as response time and
throughput, is improved.
--

SL7
  x86_64
    389-ds-base-1.3.7.5-28.el7_5.x86_64.rpm
    389-ds-base-debuginfo-1.3.7.5-28.el7_5.x86_64.rpm
    389-ds-base-devel-1.3.7.5-28.el7_5.x86_64.rpm
    389-ds-base-libs-1.3.7.5-28.el7_5.x86_64.rpm
    389-ds-base-snmp-1.3.7.5-28.el7_5.x86_64.rpm
    389-ds-base-1.3.7.5-28.el7_5.src.rpm

- Scientific Linux Development Team