[El-errata] ELSA-2016-2765 Moderate: Oracle Linux 6 389-ds-base security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Nov 15 15:43:00 PST 2016


Oracle Linux Security Advisory ELSA-2016-2765

http://linux.oracle.com/errata/ELSA-2016-2765.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
389-ds-base-1.2.11.15-84.el6_8.i686.rpm
389-ds-base-devel-1.2.11.15-84.el6_8.i686.rpm
389-ds-base-libs-1.2.11.15-84.el6_8.i686.rpm

x86_64:
389-ds-base-1.2.11.15-84.el6_8.x86_64.rpm
389-ds-base-devel-1.2.11.15-84.el6_8.i686.rpm
389-ds-base-devel-1.2.11.15-84.el6_8.x86_64.rpm
389-ds-base-libs-1.2.11.15-84.el6_8.i686.rpm
389-ds-base-libs-1.2.11.15-84.el6_8.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/389-ds-base-1.2.11.15-84.el6_8.src.rpm



Description of changes:

[1.2.11.15-84]
- Release 1.2.11.15-84
- Resolves: #1376676 - Backport AES storage scheme plugin (DS 47462)

[1.2.11.15-83]
- Release 1.2.11.15-83
- Resolves: #1376676 - Backport AES storage scheme plugin (DS 47462)

[1.2.11.15-82]
- Release 1.2.11.15-82
- Resolves: #1376676 - Backport AES storage scheme plugin (DS 47462)

[1.2.11.15-81]
- Release 1.2.11.15-81
- Resolves: #Bug 1381153 - Crash in import_wait_for_space_in_fifo(). (DS 
48960)

[1.2.11.15-80]
- Release 1.2.11.15-80
- Resolves: #1379599 - ns-slapd general protection ip:7f570c56afd5 
sp:7f56dc7edce0 error:0 in libc-2.12.so (DS 48944)

[1.2.11.15-79]
- Release 1.2.11.15-79
- Resolves: #1358559 - CVE-2016-4992 389-ds-base: Information disclosure 
via repeated use of LDAP ADD operation
- Resolves: #1376676 - Backport AES storage scheme plugin (DS 47462, 
48862, 48243, 48777)
- Resolves: #1354331 - Replication changelog can incorrectly skip over 
updates
- Resolves: #1374588 - EASY FIX : dereferencing a NULL sr_candidates 
pointer in ldbm_back_next_search_entry_ext resulted a segfault (DS 47858)

[1.2.11.15-78]
- Release 1.2.11.15-78
- Resolves: #1354331 -  Replication changelog can incorrectly skip over 
updates (DS 48954)
- Resolves: #1361421 - CVE-2016-5416 389-ds-base: ACI readable by 
anonymous user (DS 48354)
- Resolves: #1360974 - CVE-2016-5405 389-ds-base: Password verification 
vulnerable to timing attack

[1.2.11.15-77]
- Release 1.2.11.15-77
- Resolves: #1358390 - replication delay when server is configured with 
multiple replication agreements. (DS 48636)
                        fixing a backport error

[1.2.11.15-76]
- Release 1.2.11.15-76
- Resolves: #1354331 - Replication changelog can incorrectly skip over 
updates (DS 48766)
- Resolves: #1358390 - replication delay when server is configured with 
multiple replication agreements. (DS 48636)






More information about the El-errata mailing list