[El-errata] ELSA-2018-0515 Important: Oracle Linux 6 389-ds-base security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Mar 13 16:29:35 PDT 2018
Oracle Linux Security Advisory ELSA-2018-0515
http://linux.oracle.com/errata/ELSA-2018-0515.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
389-ds-base-1.2.11.15-94.el6_9.i686.rpm
389-ds-base-devel-1.2.11.15-94.el6_9.i686.rpm
389-ds-base-libs-1.2.11.15-94.el6_9.i686.rpm
x86_64:
389-ds-base-1.2.11.15-94.el6_9.x86_64.rpm
389-ds-base-devel-1.2.11.15-94.el6_9.i686.rpm
389-ds-base-devel-1.2.11.15-94.el6_9.x86_64.rpm
389-ds-base-libs-1.2.11.15-94.el6_9.i686.rpm
389-ds-base-libs-1.2.11.15-94.el6_9.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/389-ds-base-1.2.11.15-94.el6_9.src.rpm
Description of changes:
[1.2.11-15-94]
- Release 1.2.11.15-94
- Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base: Authentication
bypass due to lack of size check in slapi_ct_memcmp function in
ch_malloc.c (fix cherry-pick error)
[1.2.11-15-93]
- Release 1.2.11.15-93
- Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base: Authentication
bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c
- Resolves: Bug 1543798 - EMBARGOED CVE-2018-1054 389-ds-base: remote
Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8
in collate.c
[1.2.11-15-92]
- Release 1.2.11.15-92
- Resolves: Bug 1543798 - EMBARGOED CVE-2018-1054 389-ds-base: remote
Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8
in collate.c
More information about the El-errata
mailing list