(RHSA-2021:1243) Moderate: redhat-ds:11 security and bug fix update

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.

Security Fix(es):

• 389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518) (BZ#1905565)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• The UI become unresponsive when an error occured (BZ#1751082)

• The python-lib389 class Accounts displayed an error during delete operations (BZ#1859215)

• The server version number has been added to the UI (BZ#1859288)

• Searches by an unauthorized client can no longer determine if an entry exists or not by the result code (BZ#1925537)

• Changes made on the Server Tuning page in the web console are now correctly reflected (BZ#1927051)

• Adding new schema using dsconf no longer displayes a “values has to be a tuple” error (BZ#1937036)

Users of Red Hat Directory Server 11 are advised to install these updated packages.