Описание
ELSA-2017-0920: 389-ds-base security and bug fix update (IMPORTANT)
[1.3.5.10-20]
- Bump version to 1.3.5.10-20
- Resolves: bug 1437005 - CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages
[1.3.5.10-19]
- Release 1.3.5.10-19
- Resolves: bug 1429495 - ns-slapd dies under heavy load
- Resolves: bug 1429498 - A filtered nsrole that specifies an empty nsrole in its nsRoleFilter will result in a segfault
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
389-ds-base
1.3.5.10-20.el7_3
389-ds-base-devel
1.3.5.10-20.el7_3
389-ds-base-libs
1.3.5.10-20.el7_3
389-ds-base-snmp
1.3.5.10-20.el7_3
Связанные CVE
Связанные уязвимости
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service.
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service.
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service.
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an ...
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service.