Issued:: 2022-05-11
Updated:: 2022-05-11

RHSA-2022:2210 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: redhat-ds:11 security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat Directory Server 11.5 is now available.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.

Security Fix(es):

389-ds-base: sending crafted message could result in DoS (CVE-2022-0918)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Directory Server 11 x86_64

Fixes

BZ - 1751006 - Server Configuration Settings does not check newly updated non existing paths
BZ - 2046341 - dsconf dump-changelog issues.
BZ - 2055815 - CVE-2022-0918 389-ds-base: sending crafted message could result in DoS

CVEs

CVE-2022-0918

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Directory Server 11

SRPM
389-ds-base-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.src.rpm	SHA-256: e2aceed649ddd5f4c64c17fe16b99a11dd19fe34f27767543cbf6fbdb5edb581
x86_64
389-ds-base-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: 168f400220bbad1fb4140df286624865867038cac5501230475015bd2417f1b9
389-ds-base-debuginfo-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: ee5098d464dc64709dbdde97d9498f0f686f622e82a1470388525f6f3632900b
389-ds-base-debugsource-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: be109b4ce53a5b6ccb07afed6c273a03a6838fe2c7271ef324401f77c5af29a0
389-ds-base-devel-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: 85dffa4a20e66d51a7391c49e03459521fdf5a83d3f43d608278320b8aeffd97
389-ds-base-legacy-tools-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: 6e88364bbf76a2f9eff6db99a764cdd0993dc0f2d7a7134a687f032212841a21
389-ds-base-legacy-tools-debuginfo-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: 097c752414a6f29a99b9b3446d3af2e08740ec45103343e0f28356f1221fe971
389-ds-base-libs-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: 8c2cf3fe91c034fc4392d9b27e4ac5272acf84575454e241db1a2b334cd75a09
389-ds-base-libs-debuginfo-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: 462c2f72fdc6ac48530645080e26d92c34d67395cfd386a6185f1d3fc73c5558
389-ds-base-snmp-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: 40737eef6207a9ebfdcd99a486a6fa71ce77eadbfedf8e83cac60bd41512c595
389-ds-base-snmp-debuginfo-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.x86_64.rpm	SHA-256: 59b90710bc2e7ae5a468a75b37e5966c659ef71aace3876053555b654232281c
cockpit-389-ds-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.noarch.rpm	SHA-256: 57b72540e45e44a97e6bc2fbbcb54a88119a3357b0f21504cc9694cdfc36cef8
python3-lib389-1.4.3.29-3.module+el8dsrv+14615+a86efbbf.noarch.rpm	SHA-256: 3db8b07aeb2eae6b0c8ad449e78d137926cdfc32ba6b196db2b3b47b39561e4a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation