389-ds:1.4 security fix update
エラータID: AXSA:2024-8541:01
Release date:
Tuesday, July 9, 2024 - 11:19
Subject:
389-ds:1.4 security fix update
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base
packages include the Lightweight Directory Access Protocol (LDAP) server and
command-line utilities for server administration.
Security Fix(es):
389-ds-base: potential denial of service via specially crafted kerberos
AS-REQ request (CVE-2024-3657)
389-ds-base: Malformed userPassword may cause crash at do_modify in
slapd/modify.c (CVE-2024-2199)
CVE(s):
CVE-2024-3657
CVE-2024-2199
Modularity name: "389-ds"
Stream name: "1.4"
Solution:
Update packages.
CVEs:
CVE-2024-2199
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
CVE-2024-3657
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
Additional Info:
N/A
Download:
SRPMS
- 389-ds-base-1.4.3.39-7.module+el8+1785+545b9cee.src.rpm
MD5: a60601d7dc5aa25ca851dd00d9707564
SHA-256: 69f5b7042a4f897930ce2e1822b63cf348cbe71d144e0b4fc7b465ef67d0d86b
Size: 45.72 MB
Asianux Server 8 for x86_64
- 389-ds-base-1.4.3.39-7.module+el8+1785+545b9cee.x86_64.rpm
MD5: 074cddccd8b3a572a0da00b6ea4018bf
SHA-256: cb31d902e49737a0279ecbe2c3bc601300083a56530180a99a60821f0aa09a8d
Size: 2.94 MB - 389-ds-base-debugsource-1.4.3.39-7.module+el8+1785+545b9cee.x86_64.rpm
MD5: 12c55ced1cee0498376a934e580840f5
SHA-256: 823b6b45ec29691e25e3f2ef5eddfc961187f4a83b997eef84db4893a95ee58d
Size: 2.76 MB - 389-ds-base-devel-1.4.3.39-7.module+el8+1785+545b9cee.x86_64.rpm
MD5: 7811857232c7d7bbb46b6653e2779cf7
SHA-256: b2dcef8d0e35882396166cd00750bed7aa801f304ef2cb1f99a31c9183339c0c
Size: 126.28 kB - 389-ds-base-legacy-tools-1.4.3.39-7.module+el8+1785+545b9cee.x86_64.rpm
MD5: 407c6b0485bd0d0d8289f8a5fcabb31e
SHA-256: 44f5fa56b045ac8139e61546384624ad48858cc1818737b29a588c51337b75cf
Size: 278.18 kB - 389-ds-base-libs-1.4.3.39-7.module+el8+1785+545b9cee.x86_64.rpm
MD5: ae66d84e6a720dba7b82275a98e19cb5
SHA-256: f285a3d0021a2ef2098f3e97476f42d9a36c405a3fc2038a63ec98a51ffd6794
Size: 1.47 MB - 389-ds-base-snmp-1.4.3.39-7.module+el8+1785+545b9cee.x86_64.rpm
MD5: 66aa55c93247e75d8439c5219fce5f75
SHA-256: 0b1192d17141501a52b9d643415424b71b6569e4cede86597fa96d72fb74387b
Size: 39.24 kB - python3-lib389-1.4.3.39-7.module+el8+1785+545b9cee.noarch.rpm
MD5: ba2cf57b87e399cc714a5724ac600df8
SHA-256: 976be03fbc79ac5224b313d7781ae2f3fb80bf34466bdb4861a40b1cb5d3e33e
Size: 0.95 MB
日本語