Alibaba Cloud Linux 2.1903 Security Advisory: ALINUX2-SA-2021:0029

Issued: 2021-05-20
Updated: 2021-05-20

Summary

slapi-nis security and bug fix update

Severity

Important

Description

Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities:

CVE-2021-3480:
A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.

References

CVE-2021-3480SCORE:7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Updated Packages

aarch64
- slapi-nis-0.56.5-4.1.al7.aarch64.rpm → (download)
- slapi-nis-debuginfo-0.56.5-4.1.al7.aarch64.rpm → (download)
i686
- slapi-nis-0.56.5-4.1.al7.i686.rpm → (download)
- slapi-nis-debuginfo-0.56.5-4.1.al7.i686.rpm → (download)
src
- slapi-nis-0.56.5-4.1.al7.src.rpm → (download)
x86_64
- slapi-nis-0.56.5-4.1.al7.x86_64.rpm → (download)
- slapi-nis-debuginfo-0.56.5-4.1.al7.x86_64.rpm → (download)