(RHSA-2019:3981) Important: 389-ds-base security and bug fix update

2019-11-26T15:39:22
ID RHSA-2019:3981
Type redhat
Reporter RedHat
Modified 2019-11-26T18:06:41

Description

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

  • 389-ds-base: Read permission check bypass via the deref plugin (CVE-2019-14824)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • DB Deadlock on modrdn appears to corrupt database and entry cache (BZ#1749289)

  • After audit log file is rotated, DS version string is logged after each update (BZ#1754831)

  • Extremely slow LDIF import with ldif2db (BZ#1763622)

  • ns-slapd crash on concurrent SASL BINDs, connection_call_io_layer_callbacks must hold hold c_mutex (BZ#1763627)

  • CleanAllRUV task limit not enforced (BZ#1767622)