- Issued:
- 2018-11-06
- Updated:
- 2018-11-06
RHSA-2018:3507 - Security Advisory
Synopsis
Moderate: 389-ds-base security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
- 389-ds-base: Mishandled search requests in servers/slapd/search.c:do_search() allows for denial of service (CVE-2018-14648)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Previously, the *Pass-through* plug-in in Directory Server did not support encrypted connections if the encryption was started using the *STARTTLS* command. The problem has been fixed, and the *Pass-through* plug-in now supports connections that use the *STARTTLS* command. (BZ#1635138)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the 389 server service will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5 s390x
- Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5 ppc64
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5 ppc64le
- Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64
Fixes
- BZ - 1630668 - CVE-2018-14648 389-ds-base: Mishandled search requests in servers/slapd/search.c:do_search() allows for denial of service
- BZ - 1635138 - passthrough plugin configured to do starttls does not work. [rhel-7.5.z]
CVEs
Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5
SRPM | |
---|---|
389-ds-base-1.3.7.5-29.el7_5.src.rpm | SHA-256: 77e6e6d98d4599524dba13d440a6bd09b58d56f8f5d1552875f7c14acfdfe243 |
x86_64 | |
389-ds-base-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: 57471a48f9d5a66b0f1ee2941274e8f41fc8913504da0695df29d7c71dfcc0ec |
389-ds-base-debuginfo-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: d616967db9b3ce3f54511125f33f2d1394cd4bb9e5e1ac6f5ee74c089d1c3ef2 |
389-ds-base-debuginfo-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: d616967db9b3ce3f54511125f33f2d1394cd4bb9e5e1ac6f5ee74c089d1c3ef2 |
389-ds-base-devel-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: 3678878327d338e1b91fa3c389f211dd5c43fa672a0c1c7c64ea812cbd6fe8ce |
389-ds-base-libs-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: 3564e965a253278ed1faa0170e310dce2aa2b6603e9f54fdc6dfc2215c32c31e |
389-ds-base-snmp-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: 534a517f367bc57387d8cd07a376e9c664338719768e6bd57cdee1cc0ee6dd2d |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5
SRPM | |
---|---|
389-ds-base-1.3.7.5-29.el7_5.src.rpm | SHA-256: 77e6e6d98d4599524dba13d440a6bd09b58d56f8f5d1552875f7c14acfdfe243 |
s390x | |
389-ds-base-1.3.7.5-29.el7_5.s390x.rpm | SHA-256: 0910433c206845b9401f594d35b3cd86f9aa44d97eec8fe55f8f4de1c2446320 |
389-ds-base-debuginfo-1.3.7.5-29.el7_5.s390x.rpm | SHA-256: 900db7925484e586e0d4848567ec4988a076053dd1aaf67866395f7e75c5a2af |
389-ds-base-devel-1.3.7.5-29.el7_5.s390x.rpm | SHA-256: d491c2561460772287f07d97a74b69310976b02d58e49b463a61213c4be5e38b |
389-ds-base-libs-1.3.7.5-29.el7_5.s390x.rpm | SHA-256: d3d965c961eaedf5bce741cbc120eccdb8c58bb33fe8e05b08a141b372c639f7 |
389-ds-base-snmp-1.3.7.5-29.el7_5.s390x.rpm | SHA-256: b1defbd16e3bf7dddd6fb92ccca3f84ffad58c398bb3ad39dbc0ec7ecd96edac |
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5
SRPM | |
---|---|
389-ds-base-1.3.7.5-29.el7_5.src.rpm | SHA-256: 77e6e6d98d4599524dba13d440a6bd09b58d56f8f5d1552875f7c14acfdfe243 |
ppc64 | |
389-ds-base-1.3.7.5-29.el7_5.ppc64.rpm | SHA-256: 3783fad9ef2aa5cf0d64d0919bdedd3feb5f269f0b3f8660ee4f848137c178f4 |
389-ds-base-debuginfo-1.3.7.5-29.el7_5.ppc64.rpm | SHA-256: 12051e58b8ec43daf8b3e3be38d3bc9f20ba77632e5f1ce1a4caf7b22ffb1001 |
389-ds-base-devel-1.3.7.5-29.el7_5.ppc64.rpm | SHA-256: eaefa275829d51768b557f1ce8b11b048801d205c2b590df1e7b8d7b6d1508ec |
389-ds-base-libs-1.3.7.5-29.el7_5.ppc64.rpm | SHA-256: 95f99bc3e32ed9b560473f439e5ff619484e84faaa2c32d02cdeb4b114d06bf6 |
389-ds-base-snmp-1.3.7.5-29.el7_5.ppc64.rpm | SHA-256: 4a96a736cd488eaa3124743e7a6866180737e991e0a911d2a73ded8939e15f47 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5
SRPM | |
---|---|
389-ds-base-1.3.7.5-29.el7_5.src.rpm | SHA-256: 77e6e6d98d4599524dba13d440a6bd09b58d56f8f5d1552875f7c14acfdfe243 |
ppc64le | |
389-ds-base-1.3.7.5-29.el7_5.ppc64le.rpm | SHA-256: 0e83edf0649d8505d5c51965e55a64ef8d39ad5312158bb99ab397b535ea019a |
389-ds-base-debuginfo-1.3.7.5-29.el7_5.ppc64le.rpm | SHA-256: 5710994f6a87e3c3a0d17b6e8a78098c0e7d76198b116f9b89ef44d234a6988a |
389-ds-base-debuginfo-1.3.7.5-29.el7_5.ppc64le.rpm | SHA-256: 5710994f6a87e3c3a0d17b6e8a78098c0e7d76198b116f9b89ef44d234a6988a |
389-ds-base-devel-1.3.7.5-29.el7_5.ppc64le.rpm | SHA-256: 5089759f970ea31b994de2e596785e0b2247c2c4cb979c2d62cef772e38ac622 |
389-ds-base-libs-1.3.7.5-29.el7_5.ppc64le.rpm | SHA-256: e318e0e9f5946a034b74597ae38d1aa4569365ba7c3cb9e6bf1ffde4245276cc |
389-ds-base-snmp-1.3.7.5-29.el7_5.ppc64le.rpm | SHA-256: 7c7ece4f3c35430bfb3f6b2940043d40dc788c07fe5734931af82ac03d4e4fbb |
Red Hat Enterprise Linux EUS Compute Node 7.5
SRPM | |
---|---|
389-ds-base-1.3.7.5-29.el7_5.src.rpm | SHA-256: 77e6e6d98d4599524dba13d440a6bd09b58d56f8f5d1552875f7c14acfdfe243 |
x86_64 | |
389-ds-base-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: 57471a48f9d5a66b0f1ee2941274e8f41fc8913504da0695df29d7c71dfcc0ec |
389-ds-base-debuginfo-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: d616967db9b3ce3f54511125f33f2d1394cd4bb9e5e1ac6f5ee74c089d1c3ef2 |
389-ds-base-devel-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: 3678878327d338e1b91fa3c389f211dd5c43fa672a0c1c7c64ea812cbd6fe8ce |
389-ds-base-libs-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: 3564e965a253278ed1faa0170e310dce2aa2b6603e9f54fdc6dfc2215c32c31e |
389-ds-base-snmp-1.3.7.5-29.el7_5.x86_64.rpm | SHA-256: 534a517f367bc57387d8cd07a376e9c664338719768e6bd57cdee1cc0ee6dd2d |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.