Release date: 
Wednesday, October 13, 2021 - 04:18
Affected Channels: 
Asianux Server 7 for x86_64

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

* 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed (CVE-2021-3652)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* A plugin can create an index. Even if the index can be used immediately (for

searches) the index remains offline until further reindex

* In some rare case, a replication connection may be treated as a regular connection and ACIs evaluated even if they should not.
* A regular connection can be erroneously flagged replication connection

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.


Update packages.

Additional Info: 



  1. 389-ds-base-
    MD5: 1efac602a4831b9fb0e23d24ba563a10
    SHA-256: d2641ab0b45f57df702813ddf2a7473a51783bc4bd7487c7d324afa476208c4b
    Size: 3.71 MB

Asianux Server 7 for x86_64
  1. 389-ds-base-
    MD5: b256e9e8888bb90dc8fd7cd2b28a0829
    SHA-256: f59bbf4889e7ebea83cd7c73efcc6bbffe2e677271b6689962e80773d8cb727c
    Size: 1.74 MB
  2. 389-ds-base-libs-
    MD5: 1723fa735dab3f3e230c389138b56f8e
    SHA-256: f0fd6e286f2e69b5c2f7641e7390b206e57247c544450223d83f93a42508f99d
    Size: 714.29 kB
Copyright© 2007-2015 Asianux. All rights reserved.