[El-errata] ELSA-2024-5192 Moderate: Oracle Linux 9 389-ds-base security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Aug 13 12:31:50 UTC 2024


Oracle Linux Security Advisory ELSA-2024-5192

http://linux.oracle.com/errata/ELSA-2024-5192.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
389-ds-base-2.4.5-9.el9_4.x86_64.rpm
389-ds-base-libs-2.4.5-9.el9_4.x86_64.rpm
python3-lib389-2.4.5-9.el9_4.noarch.rpm
389-ds-base-devel-2.4.5-9.el9_4.x86_64.rpm

aarch64:
389-ds-base-2.4.5-9.el9_4.aarch64.rpm
389-ds-base-libs-2.4.5-9.el9_4.aarch64.rpm
python3-lib389-2.4.5-9.el9_4.noarch.rpm
389-ds-base-devel-2.4.5-9.el9_4.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//389-ds-base-2.4.5-9.el9_4.src.rpm

Related CVEs:

CVE-2024-5953
CVE-2024-6237




Description of changes:

[2.4.5-9]
- Bump version to 2.4.5-9
- Resolves: RHEL-44323 - unauthenticated user can trigger a DoS by sending a specific extended search request
- Resolves: RHEL-40945 - Malformed userPassword hash may cause Denial of Service
- Resolves: RHEL-49457 - perf search result investigation for many large static groups and members 
- Resolves: RHEL-49459 - subsuffix are not returned in one level scoped search




More information about the El-errata mailing list