ELSA-2016-0204

Опубликовано: 16 фев. 2016

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2016-0204: 389-ds-base security and bug fix update (IMPORTANT)

[1.3.4.0-26]

release 1.3.4.0-26
Resolves: bug 1299346 - deadlock on connection mutex (DS 48341)

[1.3.4.0-25]

release 1.3.4.0-25
Resolves: bug 1299757 - CVE-2016-0741 389-ds-base: Worker threads do not detect abnormally closed connections causing DoS

[1.3.4.0-24]

release 1.3.4.0-24
Resolves: bug 1298105 - 389-ds hanging after a few minutes of operation (DS 48406)

[1.3.4.0-23]

release 1.3.4.0-23
Resolves: bug 1295684 - many attrlist_replace errors in connection with cleanallruv (DS 48283)

[1.3.4.0-22]

release 1.3.4.0-22
Resolves: bug 1290725 - SimplePagedResults -- in the search error case, simple paged results slot was not released. (DS 48375)
Resolves: bug 1290726 - The 'eq' index does not get updated properly when deleting and re-adding attributes in the same modify operation (DS 48370)

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

389-ds-base

1.3.4.0-26.el7_2

389-ds-base-devel

1.3.4.0-26.el7_2

389-ds-base-libs

1.3.4.0-26.el7_2

Связанные CVE

CVE-2016-0741

Ссылки на источники

Связанные уязвимости

CVE-2016-0741

CVSS3: 7.5

ubuntu

больше 9 лет назад

slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.