389-ds:1.4 security and bug fix update

エラータID: AXSA:2021-1657:01

Release date: 
Sunday, April 11, 2021 - 00:33
Subject: 
389-ds:1.4 security and bug fix update
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

* 389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* dscreate would not always set the correct hostname for the self-signed certificate database
* Indexing a heavily nested database could fail and it would corrupt the database

CVE-2020-35518
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.

Modularity name: 389-ds
Stream name: 1.4

Solution: 

Update packages.

CVEs: 
CVE-2020-35518
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.
Additional Info: 

N/A

Download: 

SRPMS
  1. 389-ds-base-1.4.3.8-7.module+el8+1230+6242b2da.src.rpm
    MD5: 0a8dcbc9407b03a237d19c00f504da42
    SHA-256: b3793d2b5a7c85685174897a43ac410f6bdded7cd033acbd48ecdde9e6ac3e8e
    Size: 6.35 MB

Asianux Server 8 for x86_64
  1. 389-ds-base-1.4.3.8-7.module+el8+1230+6242b2da.x86_64.rpm
    MD5: 112a9168a074887aee6f2472d270e914
    SHA-256: f7c4cd65c63226c761b0f235103c98a9763ec10119d9b10fa0100b02f14cba1c
    Size: 1.78 MB
  2. 389-ds-base-debugsource-1.4.3.8-7.module+el8+1230+6242b2da.x86_64.rpm
    MD5: 9ec4eef104090518a25300e625053cbe
    SHA-256: 1ddbae82104572e4a6fb015a27405a548e3eae29f530769dd6812c474449bb58
    Size: 2.51 MB
  3. 389-ds-base-devel-1.4.3.8-7.module+el8+1230+6242b2da.x86_64.rpm
    MD5: 666ecde00bc335946bb3f5df93f437da
    SHA-256: 49f7c06728644fc08c7e743744f1d1c988f3e34928118563a7f40951858abed2
    Size: 139.45 kB
  4. 389-ds-base-legacy-tools-1.4.3.8-7.module+el8+1230+6242b2da.x86_64.rpm
    MD5: a4cc11b55f5e18a0280dd5cb5213487a
    SHA-256: 5ed0d2fd622deedb2f05b311018fac2ddc7e21fecc179b9023908758155eb322
    Size: 289.26 kB
  5. 389-ds-base-libs-1.4.3.8-7.module+el8+1230+6242b2da.x86_64.rpm
    MD5: 7fa376fdcbe64ca52b58d88bf0c29c0e
    SHA-256: c624f52e5f9a9f8a1487edade5406f1bb0909599ceec37e9fc94f85019a955dd
    Size: 852.90 kB
  6. 389-ds-base-snmp-1.4.3.8-7.module+el8+1230+6242b2da.x86_64.rpm
    MD5: 87571901870afe46833ed1143b5aa665
    SHA-256: a9fbeae8bdddddd09dfc28a15aa9b0ad99fbf2663cd73e1cb5e3548ba09c5bf9
    Size: 50.41 kB
  7. python3-lib389-1.4.3.8-7.module+el8+1230+6242b2da.noarch.rpm
    MD5: 7ca20a9c838efcc85d66938b3c718254
    SHA-256: e6604a3ae7ec1f7b39b35f496c8900dad26cd31da270c3f43e2a92b4bd764a85
    Size: 888.71 kB