[El-errata] ELSA-2014-0292 Important: Oracle Linux 6 389-ds-base security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Mar 13 17:48:53 PDT 2014
Oracle Linux Security Advisory ELSA-2014-0292
https://rhn.redhat.com/errata/RHSA-2014-0292.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
389-ds-base-1.2.11.15-32.el6_5.i686.rpm
389-ds-base-devel-1.2.11.15-32.el6_5.i686.rpm
389-ds-base-libs-1.2.11.15-32.el6_5.i686.rpm
x86_64:
389-ds-base-1.2.11.15-32.el6_5.x86_64.rpm
389-ds-base-devel-1.2.11.15-32.el6_5.i686.rpm
389-ds-base-devel-1.2.11.15-32.el6_5.x86_64.rpm
389-ds-base-libs-1.2.11.15-32.el6_5.i686.rpm
389-ds-base-libs-1.2.11.15-32.el6_5.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/389-ds-base-1.2.11.15-32.el6_5.src.rpm
Description of changes:
[1.2.11.15-32]
- Resolves: bug 1074847 - EMBARGOED CVE-2014-0132 389-ds-base: 389-ds:
flaw in parsing authzid can lead to privilege escalation [rhel-6.5.z]
(Ticket 47739 - directory server is insecurely misinterpreting authzid
on a SASL/GSSAPI bind)
More information about the El-errata
mailing list