389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * A plugin can create an index. Even if the index can be used immediately the index remains offline until further reindex * In some rare case, a replication connection may be treated as a regular connection and ACIs evaluated even if they should not. * A regular connection can be erroneously flagged replication connection