Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:0952: Red Hat Security Advisory: redhat-ds:11.3 security and bug fix update

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.3 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-3514: 389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()
  • CVE-2021-4091: 389-ds-base: double free of the virtual attribute context in persistent search
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Red Hat Customer Portal

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-03-16

Updated:

2022-03-16

RHSA-2022:0952 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: redhat-ds:11.3 security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.3 for RHEL 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of
packages includes the Lightweight Directory Access Protocol (LDAP) server, as
well as command-line utilities and Web UI packages for server administration.

Security Fix(es):

  • 389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() (CVE-2021-3514)
  • 389-ds-base: double-free of the virtual attribute context in persistent search (CVE-2021-4091)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • ACIs are being evaluated against the Replication Manager account in a replication context. (BZ#2022086)
  • A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind rule (BZ#2022090)
  • DB corruption “_entryrdn_insert_key - Same DN (dn: nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,<SUFFIX>) is already in the entryrdn file” (BZ#2022686)
  • CLI needs option to set nsslapd-state (BZ#2040794)

Users of Red Hat Directory Server 11 are advised to install these updated
packages.

Affected Products

  • Red Hat Directory Server 11 x86_64

Fixes

  • BZ - 1952907 - CVE-2021-3514 389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()
  • BZ - 2022086 - ACIs are being evaluated against the Replication Manager account in a replication context.
  • BZ - 2022090 - A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind rule
  • BZ - 2022686 - DB corruption “_entryrdn_insert_key - Same DN (dn: nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,<SUFFIX>) is already in the entryrdn file”
  • BZ - 2030307 - CVE-2021-4091 389-ds-base: double free of the virtual attribute context in persistent search
  • BZ - 2040794 - CLI needs option to set nsslapd-state

Red Hat Directory Server 11

SRPM

389-ds-base-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.src.rpm

SHA-256: 347840ee665a1aa41bd1d29813b20b39962584f6f9a19ff2f15adcd55c6484f5

x86_64

389-ds-base-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: b11efa446bae66d0c6f5c18ddfeb35c1d1eabe30ed7289eb9a17fa35043daccc

389-ds-base-debuginfo-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: de7dd099e541003f67770cda5820f91132b393152d2bbb7cbd7518185f0b5de5

389-ds-base-debugsource-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: 28ebbdb4218035c6fd4509f205054b5b3c089a43ed895d6574a22fa36751531f

389-ds-base-devel-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: 0841ddcc3786021b9c059d8f1e849311ff8d796c17c0eb4b0a697060eed33b4f

389-ds-base-legacy-tools-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: ae17470acbea743db6c3919a664dc3d41e5357d1559dc22bb03bd58e186a9761

389-ds-base-legacy-tools-debuginfo-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: c8fbedab3b91f9091b19f8c8dedf40306a6aa4d7dd24ee2a865051acfd525841

389-ds-base-libs-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: f07498785d129e8a76edc36295d7e259881cb9746b8fddf9202e37445ed40836

389-ds-base-libs-debuginfo-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: d053273aa91801f8759b30b7b2f823de6d7e0178a7b8e85f08baa748af19d599

389-ds-base-snmp-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: c50fafb2b055325632e574a03cc4a2efec0e8f0eeff1614fb7c46ffae39d11ac

389-ds-base-snmp-debuginfo-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.x86_64.rpm

SHA-256: 56627b4b27c0b960955cc5709f8e5abba1a69c3a3d37c441224d4a567f2bdc13

cockpit-389-ds-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.noarch.rpm

SHA-256: a08a0546e991c1a77a356736e5610bee2da2f1f262bde2f6f0b755a653b4329f

python3-lib389-1.4.3.22-4.module+el8dsrv+13893+84b6c18c.noarch.rpm

SHA-256: c49779a358195cece3773d81886441fafb4bfeb62d13fe70a0a04ecc31d8df44

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data