Red Hat Product Errata RHSA-2017:0893 - Security Advisory

Дата создания:: 2017-04-11
Обновлено:: 2017-04-11

RHSA-2017:0893 - Security Advisory

Обзор
Обновленные пакеты

Краткий обзор

Important: 389-ds-base security and bug fix update

Тип/Серьезность

Security Advisory: Important

Тема

An update for 389-ds-base is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Описание

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. (CVE-2017-2668)

Red Hat would like to thank Joachim Jabs (F24) for reporting this issue.

Bug Fix(es):

Previously, the "deref" plug-in failed to dereference attributes that use distinguished name (DN) syntax, such as "uniqueMember". With this patch, the "deref" plug-in can dereference such attributes and additionally "Name and Optional UID" syntax. As a result, the "deref" plug-in now supports any syntax. (BZ#1435365)

Решение

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the 389 server service will be restarted automatically.

Включенные продукты

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Workstation 6 i386
Red Hat Enterprise Linux Desktop 6 x86_64
Red Hat Enterprise Linux Desktop 6 i386
Red Hat Enterprise Linux for Scientific Computing 6 x86_64

Исправления

BZ - 1435365 - Unable to dereference unqiemember attribute because it is dn [#UID] not dn syntax
BZ - 1436575 - CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages

CVE

CVE-2017-2668

Ссылки

https://access.redhat.com/security/updates/classification/#important

Примечание: Могут быть доступны новые версии этих пакетов. Нажмите на имя пакета, чтобы получить дополнительные сведения.

Red Hat Enterprise Linux Server 6

SRPM
389-ds-base-1.2.11.15-91.el6_9.src.rpm	SHA-256: 3167af0d4eb76f03f03f034b66d0a41fe0a5b9c71ecbac500f5bb761e9bf2652
x86_64
389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 7647d7978be9793f1685020ef7d73217c884737486734083ff521ac400adb31f
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 5105cc8df848c6fa91b0c550f1d7510cd1f2185784d62229c485c593f3b83142
389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 5105cc8df848c6fa91b0c550f1d7510cd1f2185784d62229c485c593f3b83142
389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 25c7ac520dffc29168c47ca523a5aedb59071d5928b74bf542362d3a6bbee21c
389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 3b0eebf22eb1951a188296c16709bcc21d2d5a0039427f2dbdc1ff5e02056bd0
389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm	SHA-256: e827607545b6bcc86c84f42c43f43fe679b15c5a7f4208363e3fb9347ef9fc54
389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 8e3f1c45196495b95ec5c3dc9416ce02a6fb1221e35ef71c382ff3eda7abca73
i386
389-ds-base-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 248fb28c2e6f59fd375fb01958da022424fb4c88efdf6f07eb2018c75f48645a
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 25c7ac520dffc29168c47ca523a5aedb59071d5928b74bf542362d3a6bbee21c
389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm	SHA-256: e827607545b6bcc86c84f42c43f43fe679b15c5a7f4208363e3fb9347ef9fc54

Red Hat Enterprise Linux Workstation 6

SRPM
389-ds-base-1.2.11.15-91.el6_9.src.rpm	SHA-256: 3167af0d4eb76f03f03f034b66d0a41fe0a5b9c71ecbac500f5bb761e9bf2652
x86_64
389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 7647d7978be9793f1685020ef7d73217c884737486734083ff521ac400adb31f
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 5105cc8df848c6fa91b0c550f1d7510cd1f2185784d62229c485c593f3b83142
389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 5105cc8df848c6fa91b0c550f1d7510cd1f2185784d62229c485c593f3b83142
389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 25c7ac520dffc29168c47ca523a5aedb59071d5928b74bf542362d3a6bbee21c
389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 3b0eebf22eb1951a188296c16709bcc21d2d5a0039427f2dbdc1ff5e02056bd0
389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm	SHA-256: e827607545b6bcc86c84f42c43f43fe679b15c5a7f4208363e3fb9347ef9fc54
389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 8e3f1c45196495b95ec5c3dc9416ce02a6fb1221e35ef71c382ff3eda7abca73
i386
389-ds-base-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 248fb28c2e6f59fd375fb01958da022424fb4c88efdf6f07eb2018c75f48645a
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 25c7ac520dffc29168c47ca523a5aedb59071d5928b74bf542362d3a6bbee21c
389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm	SHA-256: e827607545b6bcc86c84f42c43f43fe679b15c5a7f4208363e3fb9347ef9fc54

Red Hat Enterprise Linux Desktop 6

SRPM
389-ds-base-1.2.11.15-91.el6_9.src.rpm	SHA-256: 3167af0d4eb76f03f03f034b66d0a41fe0a5b9c71ecbac500f5bb761e9bf2652
x86_64
389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 7647d7978be9793f1685020ef7d73217c884737486734083ff521ac400adb31f
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 5105cc8df848c6fa91b0c550f1d7510cd1f2185784d62229c485c593f3b83142
389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 25c7ac520dffc29168c47ca523a5aedb59071d5928b74bf542362d3a6bbee21c
389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 3b0eebf22eb1951a188296c16709bcc21d2d5a0039427f2dbdc1ff5e02056bd0
389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm	SHA-256: e827607545b6bcc86c84f42c43f43fe679b15c5a7f4208363e3fb9347ef9fc54
389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 8e3f1c45196495b95ec5c3dc9416ce02a6fb1221e35ef71c382ff3eda7abca73
i386
389-ds-base-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 248fb28c2e6f59fd375fb01958da022424fb4c88efdf6f07eb2018c75f48645a
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 25c7ac520dffc29168c47ca523a5aedb59071d5928b74bf542362d3a6bbee21c
389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm	SHA-256: e827607545b6bcc86c84f42c43f43fe679b15c5a7f4208363e3fb9347ef9fc54

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
389-ds-base-1.2.11.15-91.el6_9.src.rpm	SHA-256: 3167af0d4eb76f03f03f034b66d0a41fe0a5b9c71ecbac500f5bb761e9bf2652
x86_64
389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 7647d7978be9793f1685020ef7d73217c884737486734083ff521ac400adb31f
389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm	SHA-256: aca8184b9c7d7a7d71baff358cea71c098a3b8fb1455bae6617cf543904f8ebc
389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 5105cc8df848c6fa91b0c550f1d7510cd1f2185784d62229c485c593f3b83142
389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm	SHA-256: 25c7ac520dffc29168c47ca523a5aedb59071d5928b74bf542362d3a6bbee21c
389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 3b0eebf22eb1951a188296c16709bcc21d2d5a0039427f2dbdc1ff5e02056bd0
389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm	SHA-256: e827607545b6bcc86c84f42c43f43fe679b15c5a7f4208363e3fb9347ef9fc54
389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm	SHA-256: 8e3f1c45196495b95ec5c3dc9416ce02a6fb1221e35ef71c382ff3eda7abca73

Контактное лицо Red Hat по безопасности: secalert@redhat.com. Дополнительные контактные данные здесь: https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Support

Services

Knowledge

Ecosystem

Red Hat Customer Portal Labs

Additional Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Discussions

Blogs

Customer Events

Stories