Описание
Security update for 389-ds
This update for 389-ds fixes the following issues:
- CVE-2024-1062: Fixed possible denial of service when audit logging is enabled (bsc#1219836).
Список пакетов
Container suse/389-ds:latest
389-ds-2.2.8~git65.347aae6-150500.3.17.1
lib389-2.2.8~git65.347aae6-150500.3.17.1
libsvrcore0-2.2.8~git65.347aae6-150500.3.17.1
SUSE Linux Enterprise Module for Server Applications 15 SP5
389-ds-2.2.8~git65.347aae6-150500.3.17.1
389-ds-devel-2.2.8~git65.347aae6-150500.3.17.1
lib389-2.2.8~git65.347aae6-150500.3.17.1
libsvrcore0-2.2.8~git65.347aae6-150500.3.17.1
openSUSE Leap 15.5
389-ds-2.2.8~git65.347aae6-150500.3.17.1
389-ds-devel-2.2.8~git65.347aae6-150500.3.17.1
389-ds-snmp-2.2.8~git65.347aae6-150500.3.17.1
lib389-2.2.8~git65.347aae6-150500.3.17.1
libsvrcore0-2.2.8~git65.347aae6-150500.3.17.1
Ссылки
- Link for SUSE-SU-2024:0908-1
- E-Mail link for SUSE-SU-2024:0908-1
- SUSE Security Ratings
- SUSE Bug 1219836
- SUSE CVE CVE-2024-1062 page
Описание
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
Затронутые продукты
Container suse/389-ds:latest:389-ds-2.2.8~git65.347aae6-150500.3.17.1
Container suse/389-ds:latest:lib389-2.2.8~git65.347aae6-150500.3.17.1
Container suse/389-ds:latest:libsvrcore0-2.2.8~git65.347aae6-150500.3.17.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:389-ds-2.2.8~git65.347aae6-150500.3.17.1
Ссылки
- CVE-2024-1062
- SUSE Bug 1219836