Alibaba Cloud Linux 2.1903 Security Advisory: ALINUX2-SA-2024:0026
Issued: 2024-08-07
Updated: 2024-08-07
Summary
389-ds-base security update
Severity
Important
Description
Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities:
CVE-2024-2199:
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
CVE-2024-3657:
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
References
Updated Packages
- aarch64
- 389-ds-base-1.3.11.1-5.0.1.1.al7.aarch64.rpm → (download)
- 389-ds-base-debuginfo-1.3.11.1-5.0.1.1.al7.aarch64.rpm → (download)
- 389-ds-base-devel-1.3.11.1-5.0.1.1.al7.aarch64.rpm → (download)
- 389-ds-base-libs-1.3.11.1-5.0.1.1.al7.aarch64.rpm → (download)
- 389-ds-base-snmp-1.3.11.1-5.0.1.1.al7.aarch64.rpm → (download)
- src
- 389-ds-base-1.3.11.1-5.0.1.1.al7.src.rpm → (download)
- x86_64
- 389-ds-base-1.3.11.1-5.0.1.1.al7.x86_64.rpm → (download)
- 389-ds-base-debuginfo-1.3.11.1-5.0.1.1.al7.x86_64.rpm → (download)
- 389-ds-base-devel-1.3.11.1-5.0.1.1.al7.x86_64.rpm → (download)
- 389-ds-base-libs-1.3.11.1-5.0.1.1.al7.x86_64.rpm → (download)
- 389-ds-base-snmp-1.3.11.1-5.0.1.1.al7.x86_64.rpm → (download)
- noarch
- python-lib389-1.3.11.1-5.0.1.1.al7.noarch.rpm → (download)