Download
| Alert*
oval:org.secpod.oval:def:87161
[2.1.3-4] - Bump version to 2.1.3-4 - Resolves: Bug 1872451 - Fix regression with dscreate template [2.1.3-3] - Bump version to 2.1.3-3 - Resolves: Bug 2118765 [2.1.3-2] - Bump version to 2.1.3-2 - Resolves: Bug 2118765 - SIGSEGV in sync_repl [2.1.3-1] - Bump version to 2.1.3-1 - Resolves: Bug 20618 ... oval:org.secpod.oval:def:2600074 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. oval:org.secpod.oval:def:507101 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: sending crafted message could result in DoS * 389-ds-base: expired password was ... oval:org.secpod.oval:def:5800095 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base . Security Fix: * 389-ds- ... oval:org.secpod.oval:def:507389 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base . Security Fix: * 389-ds- ... oval:org.secpod.oval:def:205963 Security Fix: 389-ds-base: sending crafted message could result in DoS 389-ds-base: expired password was still allowed to access the database For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed ... oval:org.secpod.oval:def:89047625 This update for 389-ds fixes the following issues: - CVE-2022-0918: Fixed a potential denial of service via crafted packet . - CVE-2022-0996: Fixed a mishandling of password expiry . - Resolved LDAP-Support not working with DHCP by adding required schema - Resolved multiple index migration bug oval:org.secpod.oval:def:4500947 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: sending crafted message could result in DoS * 389-ds-base: expired password was ... oval:org.secpod.oval:def:507018 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: sending crafted message could result in DoS * 389-ds-base: expired password was ... oval:org.secpod.oval:def:1700954 A double free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash. A vulnerability was found in the 389 Directory Server that allows an unauthenticated att ... oval:org.secpod.oval:def:2500722 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. oval:org.secpod.oval:def:89046211 This update for 389-ds fixes the following issues: - CVE-2022-0918: Fixed a potential denial of service via crafted packet . - CVE-2022-0996: Fixed a mishandling of password expiry . oval:org.secpod.oval:def:1505835 [1.3.10.2-16] - Bump version to 1.3.10.2-16 - Resolves: Bug 2077395 - CVE-2022-0918 389-ds:1.4/389-ds-base: sending crafted message could result in DoS - Resolves: Bug 2014768 - Log the Auto Member invalid regex rules in the LDAP errors log - Resolves: Bug 2018153 - RFE - Provide an option to abort ... oval:org.secpod.oval:def:89046421 This update for 389-ds fixes the following issues: - CVE-2022-1949: Fixed full access control bypass with simple crafted query . - CVE-2022-0918: Fixed denial of service issue via crafted messages . - CVE-2022-0996: Fixed mishandling of password expiry . - CVE-2021-4091: Fixed double free in psearch ... oval:org.secpod.oval:def:1505897 [1.4.3.28-7] - Bump version to 1.4.3.28-7 - Resolves: Bug 2081008 - CVE-2022-0996 389-ds:1.4/389-ds-base: expired password was still allowed to access the database - Resolves: Bug 2081014 - CVE-2022-0918 389-ds:1.4/389-ds-base: sending crafted message could result in DoS oval:org.secpod.oval:def:89046197 This update for 389-ds fixes the following issues: - CVE-2022-0918: Fixed a potential denial of service via crafted packet . - CVE-2022-0996: Fixed a mishandling of password expiry . |