[El-errata] ELSA-2018-0515 Important: Oracle Linux 6 389-ds-base security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Mar 13 16:29:35 PDT 2018


Oracle Linux Security Advisory ELSA-2018-0515

http://linux.oracle.com/errata/ELSA-2018-0515.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
389-ds-base-1.2.11.15-94.el6_9.i686.rpm
389-ds-base-devel-1.2.11.15-94.el6_9.i686.rpm
389-ds-base-libs-1.2.11.15-94.el6_9.i686.rpm

x86_64:
389-ds-base-1.2.11.15-94.el6_9.x86_64.rpm
389-ds-base-devel-1.2.11.15-94.el6_9.i686.rpm
389-ds-base-devel-1.2.11.15-94.el6_9.x86_64.rpm
389-ds-base-libs-1.2.11.15-94.el6_9.i686.rpm
389-ds-base-libs-1.2.11.15-94.el6_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/389-ds-base-1.2.11.15-94.el6_9.src.rpm



Description of changes:

[1.2.11-15-94]
- Release 1.2.11.15-94
- Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base: Authentication 
bypass due to lack of size check in slapi_ct_memcmp function in 
ch_malloc.c (fix cherry-pick error)

[1.2.11-15-93]
- Release 1.2.11.15-93
- Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base: Authentication 
bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c
- Resolves: Bug 1543798 - EMBARGOED CVE-2018-1054 389-ds-base: remote 
Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 
in collate.c

[1.2.11-15-92]
- Release 1.2.11.15-92
- Resolves: Bug 1543798 - EMBARGOED CVE-2018-1054 389-ds-base: remote 
Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 
in collate.c





More information about the El-errata mailing list