(RHSA-2021:1258) Moderate: 389-ds:1.4 security and bug fix update

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

• 389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Replication now resolves entry conflicts during a modrdn operation (BZ#1946631)

• Searches by an unauthorized client can no longer determine if an entry exists or not by the result code (BZ#1946634)

Users of Red Hat Directory Server 11 are advised to install these updated packages.