389 security update

2019-12-03T20:35:05
ID CESA-2019:3981
Type centos
Reporter CentOS Project
Modified 2019-12-03T20:35:05

Description

CentOS Errata and Security Advisory CESA-2019:3981

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

  • 389-ds-base: Read permission check bypass via the deref plugin (CVE-2019-14824)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • DB Deadlock on modrdn appears to corrupt database and entry cache (BZ#1749289)

  • After audit log file is rotated, DS version string is logged after each update (BZ#1754831)

  • Extremely slow LDIF import with ldif2db (BZ#1763622)

  • ns-slapd crash on concurrent SASL BINDs, connection_call_io_layer_callbacks must hold hold c_mutex (BZ#1763627)

  • CleanAllRUV task limit not enforced (BZ#1767622)

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2019-December/035566.html

Affected packages: 389-ds-base 389-ds-base-devel 389-ds-base-libs 389-ds-base-snmp

Upstream details at: