Описание
ELSA-2021-1983: idm:DL1 security update (IMPORTANT)
slapi-nis [0.56.6-2]
- CVE 2021-3480: idm:DL1/slapi-nis: NULL dereference (DoS) with specially crafted Binding DN
- Resolves: rhbz#1944713
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module idm:DL1 is enabled
bind-dyndb-ldap
11.6-2.module+el8.4.0+20088+3d202164
custodia
0.6.0-3.module+el8.3.0+7868+2151076c
ipa-client
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-epn
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-samba
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-healthcheck
0.7-3.module+el8.4.0+20088+3d202164
ipa-healthcheck-core
0.7-3.module+el8.4.0+20088+3d202164
ipa-python-compat
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-selinux
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-dns
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-trust-ad
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
opendnssec
2.1.7-1.module+el8.4.0+20088+3d202164
python3-custodia
0.6.0-3.module+el8.3.0+7868+2151076c
python3-ipaclient
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipalib
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipaserver
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipatests
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-jwcrypto
0.5.0-1.module+el8.3.0+7868+2151076c
python3-kdcproxy
0.4-5.module+el8.3.0+7868+2151076c
python3-pyusb
1.0.0-9.module+el8.3.0+7868+2151076c
python3-qrcode
5.1-12.module+el8.3.0+7868+2151076c
python3-qrcode-core
5.1-12.module+el8.3.0+7868+2151076c
python3-yubico
1.3.2-9.module+el8.3.0+7868+2151076c
slapi-nis
0.56.6-2.module+el8.4.0+20174+ae9fc984
softhsm
2.6.0-5.module+el8.4.0+20161+5ecb5b37
softhsm-devel
2.6.0-5.module+el8.4.0+20161+5ecb5b37
Oracle Linux x86_64
Module idm:DL1 is enabled
bind-dyndb-ldap
11.6-2.module+el8.4.0+20088+3d202164
custodia
0.6.0-3.module+el8.3.0+7868+2151076c
ipa-client
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-epn
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-samba
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-healthcheck
0.7-3.module+el8.4.0+20088+3d202164
ipa-healthcheck-core
0.7-3.module+el8.4.0+20088+3d202164
ipa-python-compat
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-selinux
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-dns
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-trust-ad
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
opendnssec
2.1.7-1.module+el8.4.0+20088+3d202164
python3-custodia
0.6.0-3.module+el8.3.0+7868+2151076c
python3-ipaclient
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipalib
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipaserver
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipatests
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-jwcrypto
0.5.0-1.module+el8.3.0+7868+2151076c
python3-kdcproxy
0.4-5.module+el8.3.0+7868+2151076c
python3-pyusb
1.0.0-9.module+el8.3.0+7868+2151076c
python3-qrcode
5.1-12.module+el8.3.0+7868+2151076c
python3-qrcode-core
5.1-12.module+el8.3.0+7868+2151076c
python3-yubico
1.3.2-9.module+el8.3.0+7868+2151076c
slapi-nis
0.56.6-2.module+el8.4.0+20174+ae9fc984
softhsm
2.6.0-5.module+el8.4.0+20161+5ecb5b37
softhsm-devel
2.6.0-5.module+el8.4.0+20161+5ecb5b37
Связанные CVE
Связанные уязвимости
A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.
A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.
A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.
A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointe ...
