389 security update

CentOS Errata and Security Advisory CESA-2019:3981

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

• 389-ds-base: Read permission check bypass via the deref plugin (CVE-2019-14824)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• DB Deadlock on modrdn appears to corrupt database and entry cache (BZ#1749289)

• After audit log file is rotated, DS version string is logged after each update (BZ#1754831)

• Extremely slow LDIF import with ldif2db (BZ#1763622)

• ns-slapd crash on concurrent SASL BINDs, connection_call_io_layer_callbacks must hold hold c_mutex (BZ#1763627)

• CleanAllRUV task limit not enforced (BZ#1767622)

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2019-December/085690.html

Affected packages:
389-ds-base
389-ds-base-devel
389-ds-base-libs
389-ds-base-snmp

Upstream details at:
https://access.redhat.com/errata/RHSA-2019:3981