Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHBA-2015:1094 - Bug Fix Advisory
Issued:
2015-06-12
Updated:
2015-06-15

RHBA-2015:1094 - Bug Fix Advisory

  • Overview
  • Updated Packages

Synopsis

Red Hat Directory Server bug fix and enhancement update

Type/Severity

Bug Fix Advisory

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated Red Hat Directory Server packages that fix several bugs and add various enhancements are now available for Red Hat Directory Server 10.

Description

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration, the Administration Server HTTP agent package, and the GUI console packages.

This update fixes the following bugs:

  • Previously, the Directory Server used the SSLv3 protocol. Due to a vulnerability in the design of Secure Sockets Layer (SSL) version 3.0 known as the Poodlebleed bug, SSLv3 is not considered secure, and the Transport Layer Security (TLS) protocol 1.1 or newer should be used. With this update, the SSLv3 protocol is disabled by default, and support for TLS 1.1 or newer has been added to the Admin Server, AdminUtil, and the Directory Server Console. (BZ#1173240, 1184175)
  • Prior to this update, importing a certification authority (CA) certificate via the Console when a CA certificate with the same name already existed in the certificate database caused the security common gateway interface (CGI) to terminate unexpectedly. A patch has been applied, and CGI no longer crashes in this scenario. (BZ#903979)
  • Due to a bug in the underlying code, clicking the “Manage Certificates” button in the Console after installing a certificate led to unexpected termination of the Admin Server. A patch has been applied, and the Admin Server no longer crashes in this situation. (BZ#979419)
  • Formerly, the Directory Server Console did not correctly disable SSL. Consequently, the Directory Server could not be started from the Console after adding and removing certificates for SSL. To fix this bug, a patch has been applied, and the Directory Server can now be restarted as expected. (BZ#1134688)
  • Previously, reconfiguring the Admin Server overwrote the security files. Consequently, the SSL was broken. This has now been fixed. It is recommended to back up the security files when reconfiguring and restore them at the end of reconfiguration. (BZ#1173252)
  • Prior to this update, the configuration tab was not functional when the FIPS mode was enabled. Information about the FIPS mode has been added to the Admin Server security CGI to fix this bug, and FIPS mode is now supported. (BZ#1173244)
  • A bug in accessing the hardware security module (HSM) in the Admin Server security CGI has been fixed, and it is now possible to configure nCipher HSMs using the redhat-idm-console command. (BZ#1173242)
  • Previously, when editing Application Centric Infrastructures (ACIs) from the Console, the edited ACIs were deleted if one of them was invalid. A patch has been applied to fix this bug, and the deletion no longer occurs. (BZ#1183789)
  • A patch has been applied to enable the Console to support passwords containing 8-bit characters. (BZ#1173277)
  • Formerly, an incorrect error message was displayed when attempting to change the NSS security database password from the Console. This has been amended, and changing the password now works as expected. (BZ#965129)
  • Prior to this update, using the "nsslapd-allow-anonymous-access: rootdse" command caused the first administrator login to fail. A patch has been applied, and the login no longer fails when anonymous bind access is restricted. (BZ#1116439)
  • The register-ds-admin.pl utility now supports registration to remote Directory Servers. (BZ#1173249)

In addition, this update adds the following enhancements:

  • The Certificate Revocation List (CRL) / Compromised Key List (CKL) import dialog now specifies the required file format, which is Privacy Enhanced Mail (PEM), and informs that the file must exist in the server security directory. (BZ#966958)
  • The RSA key size values are now 2048, 3072, and 4096. The default value, previously 1024, is now 2048. The new signing algorithm values are SHA-1 (default), SHA-256, SHA-384, and SHA-512. (BZ#844764)

Users of Red Hat Directory Server are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

To update all RPMs for your architecture, run the following command where [filenames] is a list of the RPMs you wish to upgrade:

rpm -Fvh [filenames]

Only the RPMs which are currently installed will be updated. RPMs that are
not installed, but are included in the list, will not be updated. Note that you can use wildcards (*.rpm) if your current directory contains only the desired RPMs.

This update is available also via the Red Hat Network. Using the Red Hat Network is a convenient way to apply updates. To use it, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will upgrade the appropriate
RPMs on your system.

Affected Products

  • Red Hat Directory Server 10 x86_64

Fixes

  • BZ - 694681 - register-ds-admin.pl--map value of ServerAdminID for key as_uid did not map to value...
  • BZ - 846448 - admin-serv logs filling with "admserv_host_ip_check: ap_get_remote_host could not resolve <ip address>"
  • BZ - 1201586 - Directory Server Admin Console: plaintext password logged in debug mode
  • BZ - 1203411 - Add "+all" and "-TLS_RSA_WITH_AES_128_GCM_SHA256" to Console Cipher Preference for TLS
  • BZ - 1208694 - [Console only] drop support for legacy replication
  • BZ - 1217015 - remove-ds-admin.pl removes files in the rpm
  • BZ - 1219220 - idm-console-framework: remove versioned jars from %{_javadir}
  • BZ - 1222019 - Missing text in context menu items
  • BZ - 1223845 - register-ds-admin.pl script prints clear text password in the terminal
  • BZ - 1225042 - Adding an OU from console is throwing missing attribute aliasedObjectName error
  • BZ - 1225800 - Link is incorrect for Documentation Home in Help

CVEs

(none)

References

  • http://www.redhat.com/security/updates/classification/#normal
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Directory Server 10

SRPM
389-admin-1.1.42-1.el7dsrv.src.rpm SHA-256: b91b05d7942014bd3ba6be33f291bf8b55cef27a1133a75ff49121b050bd1e93
389-admin-console-1.1.10-1.el7dsrv.src.rpm SHA-256: 924df1a0f82817de2f8d32d8555e5eb516a751398a9940c806d03f6e35b18a0d
389-adminutil-1.1.22-1.el7dsrv.src.rpm SHA-256: a967899d95f425dd5b73eceb61e42aaeddd2d4d1c17e768d49b37d87b2f3f463
389-console-1.1.8-1.el7dsrv.src.rpm SHA-256: faf689a02d287e402965d2d0f8c5d136f128414868f60b85d8218306c0c512df
389-ds-console-1.2.12-1.el7dsrv.src.rpm SHA-256: e7e06fcce80aba0934e8e8b18326b7e78f27c0404d11cd233625ff98ce6842a1
idm-console-framework-1.1.14-1.el7dsrv.src.rpm SHA-256: 5cbcb3ebfebf842bb8a1f66aed5ed36758fdd846ddc5f41084047ea9b4e34636
redhat-admin-console-10.0.0-1.el7dsrv.src.rpm SHA-256: 17d443f3efd6b287e958f4aaaba48d7a8f5f8fd9117927dc5de1edc4bfad53ae
redhat-ds-10.0.0-1.el7dsrv.src.rpm SHA-256: 228c82e2df632b9ef5ada8fc9641d8931bd0371d5505b2719bb5f9c5347b8c9c
redhat-ds-admin-10.0.0-1.el7dsrv.src.rpm SHA-256: dbda06d1bba0827a6d2800dcec79535230b62567c0ab23b9b2827fe74a6328bd
redhat-ds-base-10.0.0-1.el7dsrv.src.rpm SHA-256: 70009d998a26f66a3e1c085772eaa77aee712882af00db7ac06f626f0ec194b8
redhat-ds-console-10.0.0-3.el7dsrv.src.rpm SHA-256: 255f6eb2f62ede343a8952869b874b26e77dacd9a9072afb8ede5b929049722e
redhat-idm-console-10.0.0-3.el7dsrv.src.rpm SHA-256: a3eb8efb82e2c91671a3435e34b1d11435341e247e9c6163ea830dd00c8d9ef3
x86_64
389-admin-1.1.42-1.el7dsrv.x86_64.rpm SHA-256: 2a838c5c12c1f60e4c7faba12dc4f8d7e8240680905222eb063b66d076d39299
389-admin-console-1.1.10-1.el7dsrv.noarch.rpm SHA-256: 6b6b628bd00e1431db307660b66a98326edbf3e67199b9638f1521111755f8e6
389-admin-console-doc-1.1.10-1.el7dsrv.noarch.rpm SHA-256: 2078992ff62c700a10625b2e618431106c350ea10c24b71ff66bbb8770055a6f
389-admin-debuginfo-1.1.42-1.el7dsrv.x86_64.rpm SHA-256: 159c8a6187fe8e470e5f18e58ec1daaf1705a3e57fa509d2e119de4daf995087
389-adminutil-1.1.22-1.el7dsrv.x86_64.rpm SHA-256: 2e8f857959c0837f1d2f3bbb53c9dd7edc28f8492e7a5cf64cca4f9d8cff0486
389-adminutil-debuginfo-1.1.22-1.el7dsrv.x86_64.rpm SHA-256: 98262534dd6002ce6069097f1d12548f9b34705860e21d3c525b6ce360402923
389-adminutil-devel-1.1.22-1.el7dsrv.x86_64.rpm SHA-256: e0e55d0eff087b4ce33a4d70ffe2f5c38a3805f9dc2586f7f00bf11672dd690b
389-console-1.1.8-1.el7dsrv.noarch.rpm SHA-256: ab5f6d5c9f198c0e1b21a07c4bcc78cef2a1f1ee85eb18e3c12cb37bffe1cffc
389-ds-console-1.2.12-1.el7dsrv.noarch.rpm SHA-256: 055ecbd26e5d31a8d4ca227b124773f4967be643043491481b2dd9ec972fa6fc
389-ds-console-doc-1.2.12-1.el7dsrv.noarch.rpm SHA-256: fadb5720e07dcad147bd931385a031e8490e8e3323827f57729fead23b95a994
idm-console-framework-1.1.14-1.el7dsrv.noarch.rpm SHA-256: 22f7c2b5526230dbfc38306bcd5450bb6378f6c99136bcd6ecb899bfd5130fdd
redhat-admin-console-10.0.0-1.el7dsrv.noarch.rpm SHA-256: c8e774cf85d6f626d467598efde3db789198d4cfb1a73253a1a62dbd93a7a360
redhat-admin-console-doc-10.0.0-1.el7dsrv.noarch.rpm SHA-256: 2ffe80dbc0cc13ddf6e5a5cb05f8d2effbfce3c9125f0a7f9c0c894fe4ea71cf
redhat-ds-10.0.0-1.el7dsrv.x86_64.rpm SHA-256: 94848eb943acc092cf6830738402e5ba2f65ea40218725c5c3ea5a6635f2e613
redhat-ds-admin-10.0.0-1.el7dsrv.x86_64.rpm SHA-256: 3a16179b05a0e83b34af360f552eec45d1c1cf07b8ff99a683d0de86dd1b0b60
redhat-ds-admin-debuginfo-10.0.0-1.el7dsrv.x86_64.rpm SHA-256: 67467d3702e418fcc2312ed5833707a35f07bfba231ae942f6fd496bb62c2c96
redhat-ds-base-10.0.0-1.el7dsrv.x86_64.rpm SHA-256: 5ff9201c32e0411633562574659e668ee7a357fa2d5598168dc18146a9bb7fc5
redhat-ds-base-debuginfo-10.0.0-1.el7dsrv.x86_64.rpm SHA-256: 8b98d439200ec620e36b962e0420cbd06cb364362886e9600277ac95474a3484
redhat-ds-base-devel-10.0.0-1.el7dsrv.x86_64.rpm SHA-256: 2a86a1c3f7ba49e0075ff219e01d6a50a099a4127e34c41df24bc9e79e0314e4
redhat-ds-console-10.0.0-3.el7dsrv.noarch.rpm SHA-256: b1ccbb51f8a779183597f8722ff6c2acd2c9816c222dcb6f12bd19d326593c0d
redhat-ds-console-doc-10.0.0-3.el7dsrv.noarch.rpm SHA-256: 4c031d7e35318629503f8239e34a107be81702536484dbce4acc7849755615d8
redhat-idm-console-10.0.0-3.el7dsrv.x86_64.rpm SHA-256: 1fd0b63b2b9a7772ea040ae2282cd3b545005453ef6f07179f89280f62e2db88
redhat-idm-console-debuginfo-10.0.0-3.el7dsrv.x86_64.rpm SHA-256: 9c0412a37c760769019001c7d0ea4269f85d49f2b4e83f2d9449ee622d3b632e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility