Описание
ELSA-2021-2595: 389-ds:1.4 security and bug fix update (MODERATE)
[1.4.3.16-16]
- Bump version to 1.4.3.16-16
- Resolves: Bug 1972738 - Changelog cache can upload updates from a wrong starting point (CSN)
- Resolves: Bug 1972721 - Large updates can reset the CLcache to the beginning of the changelog
[1.4.3.16-15]
- Bump version to 1.4.3.16-15
- Resolves: Bug 1970791 - A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind rule
[1.4.3.16-14]
- Bump version to 1.4.3.16-14
- Resolves: Bug 1968588 - ACIs are being evaluated against the Replication Manager account in a replication context
- Resolves: Bug 1960720 - sync_repl NULL pointer dereference in sync_create_state_control()
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module 389-ds:1.4 is enabled
389-ds-base
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
389-ds-base-devel
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
389-ds-base-legacy-tools
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
389-ds-base-libs
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
389-ds-base-snmp
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
python3-lib389
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
Oracle Linux x86_64
Module 389-ds:1.4 is enabled
389-ds-base
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
389-ds-base-devel
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
389-ds-base-legacy-tools
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
389-ds-base-libs
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
389-ds-base-snmp
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
python3-lib389
1.4.3.16-16.module+el8.4.0+20199+8c6d81ae
Связанные CVE
Связанные уязвимости
When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.
When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.
When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.
When using a sync_repl client in 389-ds-base, an authenticated attacke ...
