[El-errata] ELSA-2026-3189 Moderate: Oracle Linux 9 389-ds-base security update

Wed Feb 25 05:20:07 UTC 2026

Oracle Linux Security Advisory ELSA-2026-3189

http://linux.oracle.com/errata/ELSA-2026-3189.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
389-ds-base-2.7.0-10.el9_7.x86_64.rpm
389-ds-base-devel-2.7.0-10.el9_7.x86_64.rpm
389-ds-base-libs-2.7.0-10.el9_7.x86_64.rpm
389-ds-base-snmp-2.7.0-10.el9_7.x86_64.rpm
python3-lib389-2.7.0-10.el9_7.noarch.rpm

aarch64:
389-ds-base-2.7.0-10.el9_7.aarch64.rpm
389-ds-base-devel-2.7.0-10.el9_7.aarch64.rpm
389-ds-base-libs-2.7.0-10.el9_7.aarch64.rpm
389-ds-base-snmp-2.7.0-10.el9_7.aarch64.rpm
python3-lib389-2.7.0-10.el9_7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/389-ds-base-2.7.0-10.el9_7.src.rpm

Related CVEs:

CVE-2025-14905

Description of changes:

[2.7.0-10]
- Resolves: RHEL-123243 - Attribute uniqueness is not enforced upon modrdn operation [rhel-9.7.z]
- Resolves: RHEL-123765 - 389-ds-base OpenScanHub Leaks Detected [rhel-9.7.z]
- Resolves: RHEL-137083 - CVE-2025-14905 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow [rhel-9.7.z]
- Resolves: RHEL-140088 - Upgrading IDM  to latest version: 389-ds-base and ipa-server breaks replication  [rhel-9.7.z]
- Resolves: RHEL-150906 - Remove memberof_del_dn_from_groups from MemberOf plugin [rhel-9.7.z]

[2.7.0-9]
- Resolves: RHEL-116425 - RetroCL plugin generates invalid LDIF [rhel-9.7.z]
- Resolves: RHEL-123243 - Attribute uniqueness is not enforced upon modrdn operation [rhel-9.7.z]
- Resolves: RHEL-123765 - 389-ds-base OpenScanHub Leaks Detected [rhel-9.7.z]
- Resolves: RHEL-123896 - [WebUI] Replication tab crashes after enabling replication as a consumer [rhel-9.7.z]
- Resolves: RHEL-129558 - Online initialization of consumers fails with error -23 [rhel-9.7.z]
- Resolves: RHEL-140088 - Upgrading IDM  to latest version: 389-ds-base and ipa-server breaks replication  [rhel-9.7.z]
- Resolves: RHEL-142979 - Scalability issue of replication online initialization with large database [rhel-9.7.z]
- Resolves: RHEL-146898 - memory corruption in alias entry plugin [rhel-9.7.z]
- Resolves: RHEL-147211 - Access logs are not getting deleted as configured. [rhel-9.7.z]

[2.7.0-8]
- Resolves: RHEL-111228 - Error showing local password policy on web UI [rhel-9.7.z]
- Resolves: RHEL-117049 - Replication online reinitialization of a large database gets stalled. [rhel-9.7.z]
- Resolves: RHEL-117770 - When the server restarts after a crash, the RFE assumes memberof should be recomputed. It triggers a memberof fixup task, dirsrv became unresponsive. [rhel-9.7.z]
- Resolves: RHEL-123230 - Improve the way to detect asynchronous operations in the access logs [rhel-9.7.z]
- Resolves: RHEL-123243 - Attribute uniqueness is not enforced upon modrdn operation [rhel-9.7.z]
- Resolves: RHEL-123257 - Typo in errors log after a Memberof fixup task. [rhel-9.7.z]
- Resolves: RHEL-123278 - The new ipahealthcheck test ipahealthcheck.ds.backends.BackendsCheck raises CRITICAL issue [rhel-9.7.z]
- Resolves: RHEL-123367 - IPA health check up script shows time skew is over 24 hours [rhel-9.7.z]
- Resolves: RHEL-123765 - 389-ds-base OpenScanHub Leaks Detected [rhel-9.7.z]
- Resolves: RHEL-123852 - Units for changing MDB max size are not consistent across different tools [rhel-9.7.z]
- Resolves: RHEL-123892 - Improve output dsctl dbverify when backend does not exist [rhel-9.7.z]
- Resolves: RHEL-123896 - [WebUI] Replication tab crashes after enabling replication as a consumer [rhel-9.7.z]
- Resolves: RHEL-123922 - Changelog trimming - add number of scanned entries to the log [rhel-9.7.z]
- Resolves: RHEL-126551 - RHDS 12.6 doesn't handle 'ldapsearch' filter with space char in DN name correctly [rhel-9.7.z]
- Resolves: RHEL-129558 - Online initialization of consumers fails with error -23 [rhel-9.7.z]
- Resolves: RHEL-129579 - Fix paged result search locking [rhel-9.7.z]
- Resolves: RHEL-138480 - Memory leak observed in ns-slapd with 389-ds-base-2.6.1-12 [rhel-9.7.z]
- Resolves: RHEL-140088 - Upgrading IDM  to latest version: 389-ds-base and ipa-server breaks replication  [rhel-9.7.z]
- Resolves: RHEL-140274 - ipa-healthcheck is complaining about missing or incorrectly configured system indexes. [rhel-9.7.z]