(RHSA-2024:4210) Important: redhat-ds:11 security update

2024-07-0200:08:14

access.redhat.com

red hat directory server

ldapv3

security update

denial of service

cve-2024-2199

cve-2024-3657

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

JSON

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.

Security Fix(es):

ns-slapd crashing in ldap_mods_free() (CVE-2024-2199) (BZ#2267976)
Potential denial of service via specially crafted kerberos
AS-REQ request (CVE-2024-3657) (BZ#2274401)

OSVersionArchitecturePackageVersionFilename
RedHatanyx86_64389-ds-base-snmp-debuginfo< 1.4.3.39-4.module+el8dsrv+21965+9ff26197389-ds-base-snmp-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHatanynoarchpython3-lib389< 1.4.3.39-4.module+el8dsrv+21965+9ff26197python3-lib389-1.4.3.39-4.module+el8dsrv+21965+9ff26197.noarch.rpm
RedHatanyx86_64389-ds-base-snmp< 1.4.3.39-4.module+el8dsrv+21965+9ff26197389-ds-base-snmp-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHatanyx86_64389-ds-base< 1.4.3.39-4.module+el8dsrv+21965+9ff26197389-ds-base-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHatanyx86_64389-ds-base-devel< 1.4.3.39-4.module+el8dsrv+21965+9ff26197389-ds-base-devel-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHatanyx86_64389-ds-base-debuginfo< 1.4.3.39-4.module+el8dsrv+21965+9ff26197389-ds-base-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHatanyx86_64389-ds-base-debugsource< 1.4.3.39-4.module+el8dsrv+21965+9ff26197389-ds-base-debugsource-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHatanyx86_64389-ds-base-legacy-tools< 1.4.3.39-4.module+el8dsrv+21965+9ff26197389-ds-base-legacy-tools-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHatanynoarchcockpit-389-ds< 1.4.3.39-4.module+el8dsrv+21965+9ff26197cockpit-389-ds-1.4.3.39-4.module+el8dsrv+21965+9ff26197.noarch.rpm
RedHatanyx86_64389-ds-base-legacy-tools-debuginfo< 1.4.3.39-4.module+el8dsrv+21965+9ff26197389-ds-base-legacy-tools-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	x86_64	389-ds-base-snmp-debuginfo	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	389-ds-base-snmp-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHat	any	noarch	python3-lib389	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	python3-lib389-1.4.3.39-4.module+el8dsrv+21965+9ff26197.noarch.rpm
RedHat	any	x86_64	389-ds-base-snmp	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	389-ds-base-snmp-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHat	any	x86_64	389-ds-base	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	389-ds-base-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHat	any	x86_64	389-ds-base-devel	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	389-ds-base-devel-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHat	any	x86_64	389-ds-base-debuginfo	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	389-ds-base-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHat	any	x86_64	389-ds-base-debugsource	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	389-ds-base-debugsource-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHat	any	x86_64	389-ds-base-legacy-tools	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	389-ds-base-legacy-tools-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm
RedHat	any	noarch	cockpit-389-ds	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	cockpit-389-ds-1.4.3.39-4.module+el8dsrv+21965+9ff26197.noarch.rpm
RedHat	any	x86_64	389-ds-base-legacy-tools-debuginfo	< 1.4.3.39-4.module+el8dsrv+21965+9ff26197	389-ds-base-legacy-tools-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm