(RHSA-2019:3981) Important: 389-ds-base security and bug fix update

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

• 389-ds-base: Read permission check bypass via the deref plugin (CVE-2019-14824)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• DB Deadlock on modrdn appears to corrupt database and entry cache (BZ#1749289)

• After audit log file is rotated, DS version string is logged after each update (BZ#1754831)

• Extremely slow LDIF import with ldif2db (BZ#1763622)

• ns-slapd crash on concurrent SASL BINDs, connection_call_io_layer_callbacks must hold hold c_mutex (BZ#1763627)

• CleanAllRUV task limit not enforced (BZ#1767622)