Alibaba Cloud Linux 2.1903 Security Advisory: ALINUX2-SA-2021:0036
Issued: 2021-06-09
Updated: 2021-06-09
Summary
389-ds-base security and bug fix update
Severity
Moderate
Description
Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities:
CVE-2020-35518:
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.
References
Updated Packages
- aarch64
- 389-ds-base-1.3.10.2-12.1.al7.aarch64.rpm → (download)
- 389-ds-base-debuginfo-1.3.10.2-12.1.al7.aarch64.rpm → (download)
- 389-ds-base-devel-1.3.10.2-12.1.al7.aarch64.rpm → (download)
- 389-ds-base-libs-1.3.10.2-12.1.al7.aarch64.rpm → (download)
- 389-ds-base-snmp-1.3.10.2-12.1.al7.aarch64.rpm → (download)
- i686
- 389-ds-base-1.3.10.2-12.1.al7.i686.rpm → (download)
- 389-ds-base-debuginfo-1.3.10.2-12.1.al7.i686.rpm → (download)
- 389-ds-base-devel-1.3.10.2-12.1.al7.i686.rpm → (download)
- 389-ds-base-libs-1.3.10.2-12.1.al7.i686.rpm → (download)
- 389-ds-base-snmp-1.3.10.2-12.1.al7.i686.rpm → (download)
- src
- 389-ds-base-1.3.10.2-12.1.al7.src.rpm → (download)
- x86_64
- 389-ds-base-1.3.10.2-12.1.al7.x86_64.rpm → (download)
- 389-ds-base-debuginfo-1.3.10.2-12.1.al7.x86_64.rpm → (download)
- 389-ds-base-devel-1.3.10.2-12.1.al7.x86_64.rpm → (download)
- 389-ds-base-libs-1.3.10.2-12.1.al7.x86_64.rpm → (download)
- 389-ds-base-snmp-1.3.10.2-12.1.al7.x86_64.rpm → (download)