Headline
RHSA-2022:0628: Red Hat Security Advisory: 389-ds-base security and bug fix update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-4091: 389-ds-base: double-free of the virtual attribute context in persistent search
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-02-22
Updated:
2022-02-22
RHSA-2022:0628 - Security Advisory
- Overview
- Updated Packages
Synopsis
Low: 389-ds-base security and bug fix update
Type/Severity
Security Advisory: Low
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
- 389-ds-base: double-free of the virtual attribute context in persistent search (CVE-2021-4091)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- CSN generator can adjust wrongly the local and remote offsets used to generate a CSN (BZ#2049812)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the 389 server service will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2030307 - CVE-2021-4091 389-ds-base: double-free of the virtual attribute context in persistent search
- BZ - 2049812 - Fix csn generator to limit time skew drift
Red Hat Enterprise Linux Server 7
SRPM
389-ds-base-1.3.10.2-15.el7_9.src.rpm
SHA-256: 00fedfef800d3370e3e07e3eb3353d925800732dc3a64159f9fa27d32e1685d2
x86_64
389-ds-base-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 552911a406eb1e21b7618545a1f48f76d199649832572c39106db52c66b3511a
389-ds-base-debuginfo-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 997f872feebbee66450a32726e5f0b743b4bab5829b5684196965d918f016e0d
389-ds-base-debuginfo-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 997f872feebbee66450a32726e5f0b743b4bab5829b5684196965d918f016e0d
389-ds-base-devel-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 2ad2ecb29507f18824030419fd9db6a86e6b0d3ac3fe45ccf85971214ea2db17
389-ds-base-libs-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: b1fb97a4b85ec188645e72f5b68ca9818b55d8e7d683f74dd02e8229b8c691b3
389-ds-base-snmp-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: e7acdcacd410492e2a2336694787f51651c008f59300ec17dcbb01489f693dd5
Red Hat Enterprise Linux Workstation 7
SRPM
389-ds-base-1.3.10.2-15.el7_9.src.rpm
SHA-256: 00fedfef800d3370e3e07e3eb3353d925800732dc3a64159f9fa27d32e1685d2
x86_64
389-ds-base-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 552911a406eb1e21b7618545a1f48f76d199649832572c39106db52c66b3511a
389-ds-base-debuginfo-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 997f872feebbee66450a32726e5f0b743b4bab5829b5684196965d918f016e0d
389-ds-base-debuginfo-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 997f872feebbee66450a32726e5f0b743b4bab5829b5684196965d918f016e0d
389-ds-base-devel-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 2ad2ecb29507f18824030419fd9db6a86e6b0d3ac3fe45ccf85971214ea2db17
389-ds-base-libs-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: b1fb97a4b85ec188645e72f5b68ca9818b55d8e7d683f74dd02e8229b8c691b3
389-ds-base-snmp-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: e7acdcacd410492e2a2336694787f51651c008f59300ec17dcbb01489f693dd5
Red Hat Enterprise Linux Desktop 7
SRPM
389-ds-base-1.3.10.2-15.el7_9.src.rpm
SHA-256: 00fedfef800d3370e3e07e3eb3353d925800732dc3a64159f9fa27d32e1685d2
x86_64
389-ds-base-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 552911a406eb1e21b7618545a1f48f76d199649832572c39106db52c66b3511a
389-ds-base-debuginfo-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 997f872feebbee66450a32726e5f0b743b4bab5829b5684196965d918f016e0d
389-ds-base-devel-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 2ad2ecb29507f18824030419fd9db6a86e6b0d3ac3fe45ccf85971214ea2db17
389-ds-base-libs-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: b1fb97a4b85ec188645e72f5b68ca9818b55d8e7d683f74dd02e8229b8c691b3
389-ds-base-snmp-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: e7acdcacd410492e2a2336694787f51651c008f59300ec17dcbb01489f693dd5
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
389-ds-base-1.3.10.2-15.el7_9.src.rpm
SHA-256: 00fedfef800d3370e3e07e3eb3353d925800732dc3a64159f9fa27d32e1685d2
s390x
389-ds-base-1.3.10.2-15.el7_9.s390x.rpm
SHA-256: 81f7f02c119be06ca83ce2a86ed67c96bbb80ff37e8f403e061c6bba4b61ed1d
389-ds-base-debuginfo-1.3.10.2-15.el7_9.s390x.rpm
SHA-256: ec2e63ab43f7089640be3566d7c13250d87bf29b40664cdaa329c6c39d03891a
389-ds-base-devel-1.3.10.2-15.el7_9.s390x.rpm
SHA-256: fecf02a7bf013792dba424efe23ac192fd9a3f4cfd66aea641152ed565ce1e6e
389-ds-base-libs-1.3.10.2-15.el7_9.s390x.rpm
SHA-256: 81aa231ee48c61df897d0688cb5bb367204c37dd486a8d034fdf53585682ba78
389-ds-base-snmp-1.3.10.2-15.el7_9.s390x.rpm
SHA-256: adb944c93195b8a0c5d94a2239534004bc3eca20806b9951140c2b723ab155d2
Red Hat Enterprise Linux for Power, big endian 7
SRPM
389-ds-base-1.3.10.2-15.el7_9.src.rpm
SHA-256: 00fedfef800d3370e3e07e3eb3353d925800732dc3a64159f9fa27d32e1685d2
ppc64
389-ds-base-1.3.10.2-15.el7_9.ppc64.rpm
SHA-256: 4cef908946f09afdd338b012be4974fdb9850e0b59ad725385bccbdcce8bff68
389-ds-base-debuginfo-1.3.10.2-15.el7_9.ppc64.rpm
SHA-256: 8e995be17b57ff0f322d34351e42a09ab4d9ffa3cd85ec858e8d3c1f3f46cc5f
389-ds-base-devel-1.3.10.2-15.el7_9.ppc64.rpm
SHA-256: 44b35b050c9b748b81f1d3bcc2b91b15d48b8ba8fc114e39c2fca2fa666faeb2
389-ds-base-libs-1.3.10.2-15.el7_9.ppc64.rpm
SHA-256: 6b9f4e739ffff8eb5a57aa043771ed58317e0bc7331099424a60700e99967d37
389-ds-base-snmp-1.3.10.2-15.el7_9.ppc64.rpm
SHA-256: 7257ba69e1559f6aa6f8f90a9d03c43515901b95406f59e439d01ab044e4c8e7
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
389-ds-base-1.3.10.2-15.el7_9.src.rpm
SHA-256: 00fedfef800d3370e3e07e3eb3353d925800732dc3a64159f9fa27d32e1685d2
x86_64
389-ds-base-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 552911a406eb1e21b7618545a1f48f76d199649832572c39106db52c66b3511a
389-ds-base-debuginfo-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 997f872feebbee66450a32726e5f0b743b4bab5829b5684196965d918f016e0d
389-ds-base-devel-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: 2ad2ecb29507f18824030419fd9db6a86e6b0d3ac3fe45ccf85971214ea2db17
389-ds-base-libs-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: b1fb97a4b85ec188645e72f5b68ca9818b55d8e7d683f74dd02e8229b8c691b3
389-ds-base-snmp-1.3.10.2-15.el7_9.x86_64.rpm
SHA-256: e7acdcacd410492e2a2336694787f51651c008f59300ec17dcbb01489f693dd5
Red Hat Enterprise Linux for Power, little endian 7
SRPM
389-ds-base-1.3.10.2-15.el7_9.src.rpm
SHA-256: 00fedfef800d3370e3e07e3eb3353d925800732dc3a64159f9fa27d32e1685d2
ppc64le
389-ds-base-1.3.10.2-15.el7_9.ppc64le.rpm
SHA-256: 83651e98b3cbc1d03fdb238ee3c56d5d59a0899201546a9240def9eedc430ae7
389-ds-base-debuginfo-1.3.10.2-15.el7_9.ppc64le.rpm
SHA-256: cb082eff9e02b62935d1274a56e9dcecb270377ca6bfc77895d62cc3e99e86ec
389-ds-base-debuginfo-1.3.10.2-15.el7_9.ppc64le.rpm
SHA-256: cb082eff9e02b62935d1274a56e9dcecb270377ca6bfc77895d62cc3e99e86ec
389-ds-base-devel-1.3.10.2-15.el7_9.ppc64le.rpm
SHA-256: fe4c80e66a0c7d9b10ce8c97a0152b31490b22e64169907ded32ea0ec557cdbd
389-ds-base-libs-1.3.10.2-15.el7_9.ppc64le.rpm
SHA-256: a8707a7b08698803eec4402aa1ef3991f37ee3f0687cf3e59d6fff3ea969ec63
389-ds-base-snmp-1.3.10.2-15.el7_9.ppc64le.rpm
SHA-256: 711e0df72d9dbd8641d50e4e34c6b51a4539c54458ef89bf3c9ecd1622133b8e
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.