Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:0889: Red Hat Security Advisory: 389-ds:1.4 security and bug fix update

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-4091: 389-ds-base: double free of the virtual attribute context in persistent search
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Red Hat Customer Portal

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-03-15

Updated:

2022-03-15

RHSA-2022:0889 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Low: 389-ds:1.4 security and bug fix update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

  • 389-ds-base: double free of the virtual attribute context in persistent search (CVE-2021-4091)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Paged search lookthroughlimit counter doesnt take read ahead into account (BZ#2059893)
  • Based on 1944494 (RFC 4530 entryUUID attribute) - plugin entryuuid failing (BZ#2060106)

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2030307 - CVE-2021-4091 389-ds-base: double free of the virtual attribute context in persistent search
  • BZ - 2059893 - Paged search lookthroughlimit counter doesnt take read ahead into account [rhel-8.5.0.z]
  • BZ - 2060106 - Based on 1944494 (RFC 4530 entryUUID attribute) - plugin entryuuid failing [rhel-8.5.0.z]

Red Hat Enterprise Linux for x86_64 8

SRPM

389-ds-base-1.4.3.23-14.module+el8.5.0+14377+c731dc97.src.rpm

SHA-256: 8563c71003226d4719237b5a0e37045d8b0afd9eca9b49f2f8fec7b3c4ef1d2d

x86_64

389-ds-base-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: c8565ffb1902f2ccf8df830d8a961bdbad43d8100ea56a9b4f45140e1fcdabc1

389-ds-base-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: f098c9beae80968bafb55b54ee41eef5fd858d803d8f5d7e2ea5d1bec92e9f8c

389-ds-base-debugsource-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: a273947556561edea7d16ff3724f35e8c1710488ebde1bf9a73f66461c3c6f30

389-ds-base-devel-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: 98d3798f919f747d31eb4fe98056031ec5945e50f6244a7e0dc97d40b717d515

389-ds-base-legacy-tools-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: dc6a7e979562f45a3ed62fca3f1aaa9305982679d6da839c50dc64cc6ae5e841

389-ds-base-legacy-tools-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: 29bca87aa939b18ae3293364a6ce35e9af7263e0d5533bb74c21c0d7edc5e26b

389-ds-base-libs-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: a0adf20ddeb529b2d5d7146a4dd42b3912bdffa91241b64dee8367eb90489c9c

389-ds-base-libs-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: 49deb3ed86afa72e97e4f6d56d3266e1ffb299597801dd2bb2c8a9b91ed00c9e

389-ds-base-snmp-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: 409e3ed0eb68ae6cd127d20b268192e3eda8eacca3798cbca120757b8be24d07

389-ds-base-snmp-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.x86_64.rpm

SHA-256: d7ee5a0f001611935897ecc2d85cae8b981a9612ae53c7c6e5f9cd1f1f77bf41

python3-lib389-1.4.3.23-14.module+el8.5.0+14377+c731dc97.noarch.rpm

SHA-256: 51bda9b29836ed2c67986d01e1138e25893c6cbb8566d138ccd54925239c8e17

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

389-ds-base-1.4.3.23-14.module+el8.5.0+14377+c731dc97.src.rpm

SHA-256: 8563c71003226d4719237b5a0e37045d8b0afd9eca9b49f2f8fec7b3c4ef1d2d

s390x

python3-lib389-1.4.3.23-14.module+el8.5.0+14377+c731dc97.noarch.rpm

SHA-256: 51bda9b29836ed2c67986d01e1138e25893c6cbb8566d138ccd54925239c8e17

389-ds-base-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: 30da3c5dc14aa3b7bf3503e0d7f3f43b65610c86bc896661bb19a8b125249e6a

389-ds-base-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: d6ca63a2d482f9a5c7cd1f111205ed3cc376c84df8e93087b898dcd3ff41e805

389-ds-base-debugsource-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: 5be9031515f88bf7edfb280d5fed0e9951a880218cec97b900408f764688ba74

389-ds-base-devel-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: 200784ec6cbfedc2ac6e23a7e26a3975b1419031bdef7b22680b5d317619a441

389-ds-base-legacy-tools-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: bb189935a9096740dd4416ae70a91ec8ad8fdcf46fa9ddcc2fe32cec92701f86

389-ds-base-legacy-tools-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: c4666ae7d70d705efcbf98d7241109d88a131b91a2b690618013469e0358c01e

389-ds-base-libs-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: 2687fb80173cb4c69c4d5858e45ed0e895838379e52b3568ddaa50222347cfc3

389-ds-base-libs-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: 9fab6985428d4c541c1dbaacba3e03b4119ab179423dad5d5875c59933c36c9b

389-ds-base-snmp-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: 20b5e52e58f506038ea352715a629a8e4cc23daf880b31df6450fd7494e41aa8

389-ds-base-snmp-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.s390x.rpm

SHA-256: 8b2b2fd3f0e381035b1badb64282fe2a17f356694433237c3a55c650dc2b83ca

Red Hat Enterprise Linux for Power, little endian 8

SRPM

389-ds-base-1.4.3.23-14.module+el8.5.0+14377+c731dc97.src.rpm

SHA-256: 8563c71003226d4719237b5a0e37045d8b0afd9eca9b49f2f8fec7b3c4ef1d2d

ppc64le

python3-lib389-1.4.3.23-14.module+el8.5.0+14377+c731dc97.noarch.rpm

SHA-256: 51bda9b29836ed2c67986d01e1138e25893c6cbb8566d138ccd54925239c8e17

389-ds-base-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: 8f37e7a6a81f309e7423c98c2f8b4e8aa112feb116595d277f16db9ea3c527cf

389-ds-base-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: 53cddd16f81febe3f8a65910db966c36f637aae19cba97660dc675d02a8c3293

389-ds-base-debugsource-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: 2bb65252c3ea1df4d906af3048f5681fe53df1e39193abdd077a07daa93b7eb5

389-ds-base-devel-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: e1381d0bcb05fd7b79c754febb0431cbd9ee8b317841f10e26ffd1b1331f7f81

389-ds-base-legacy-tools-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: 2e0e2d3f90527bee3b1890acb827053db5b20d3c4f066c29cbe2e6c3817812a5

389-ds-base-legacy-tools-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: 581efaf4331f0fa66339fcab61a8e8aaf9fd474e1d99b2d97b693d2b0c0ba29c

389-ds-base-libs-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: 30a3ee84d2723a6a42b75800eb09158f8686c400c46d1018de3c3721837a8164

389-ds-base-libs-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: 34e171352817382d76a3f03c3e8b0f4f084cfcbbe2e4beb6f86ba5bbe9426b73

389-ds-base-snmp-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: fd7ea82585d458b2687521c47cf5e16e8b4097d8356e0bc6a28e4c6264a7d867

389-ds-base-snmp-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.ppc64le.rpm

SHA-256: 1ae53f0bb77f200e6bb1582cbf6db0fc52c2d5341edcade5d3d3c8140825e6b9

Red Hat Enterprise Linux for ARM 64 8

SRPM

389-ds-base-1.4.3.23-14.module+el8.5.0+14377+c731dc97.src.rpm

SHA-256: 8563c71003226d4719237b5a0e37045d8b0afd9eca9b49f2f8fec7b3c4ef1d2d

aarch64

python3-lib389-1.4.3.23-14.module+el8.5.0+14377+c731dc97.noarch.rpm

SHA-256: 51bda9b29836ed2c67986d01e1138e25893c6cbb8566d138ccd54925239c8e17

389-ds-base-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: 1ebfe69e091be95678200dce037f4775864e9b5675b71930750c15034e71b951

389-ds-base-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: bcc1ead8007b63c9313acee46febec9a0526268fa93c72ad1e206516e490c4e3

389-ds-base-debugsource-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: 8f7f32903860221811b92e034a0c55e006c8b3bebdccdeb3d97973830c6f71e1

389-ds-base-devel-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: 61ec04ef29b83342e217b4d95c1e9978295839c3df80950919daa15417ae5864

389-ds-base-legacy-tools-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: 14776828b9cf6a5624a286a89374041b13d5c70dfeaa3b5c559eac5fdf95b16f

389-ds-base-legacy-tools-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: 18e69a7172d170ae5c4570b272b51bc63e5f44ebeeb806f2cdef73433f60ea8b

389-ds-base-libs-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: c9f972c11824e1df183f802830b19b1c9fb43ae440366c1898940a232e183d01

389-ds-base-libs-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: a8b32d6730b12a6666740f21cfa2419b0e4b6e643e2d76541552ce2888939018

389-ds-base-snmp-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: 7e96ef4532001ce550ab99565d5e476bc27b7a45ac8029659d26bd8bb83846e3

389-ds-base-snmp-debuginfo-1.4.3.23-14.module+el8.5.0+14377+c731dc97.aarch64.rpm

SHA-256: 4256c5301bcf52f72d63b462f6d7a7750fd2a7d6b2d098c2fe448bc2fde52ed8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data