Issued:: 2024-07-02
Updated:: 2024-07-02

RHSA-2024:4210 - Security Advisory

Overview
Updated Packages

Synopsis

Important: redhat-ds:11 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.9 for RHEL 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.

Security Fix(es):

ns-slapd crashing in ldap_mods_free() (CVE-2024-2199) (BZ#2267976)
Potential denial of service via specially crafted kerberos

AS-REQ request (CVE-2024-3657) (BZ#2274401)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

Affected Products

Red Hat Directory Server 11.9 x86_64

Fixes

BZ - 2267976 - CVE-2024-2199 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c
BZ - 2274401 - CVE-2024-3657 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Directory Server 11.9

SRPM
389-ds-base-1.4.3.39-4.module+el8dsrv+21965+9ff26197.src.rpm	SHA-256: 350947253849031f6da5669be9f927fc315e73518f6c07c6edae6e0628601437
x86_64
389-ds-base-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: 2849cd31ed2212f67f9ebba2c0c05a632e4cc5dfb8e28e9d0c955c131abb43e0
389-ds-base-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: 36ae0adaaa9628e92533d8a2405a064a1dce0af18c97fff2c5d582a0b8a67f7f
389-ds-base-debugsource-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: 1f1cefdc508d7f4144fc213c49d900b5a9b304ae0831947c2271a3276d46fd82
389-ds-base-devel-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: c58ecf962e305eeea95a32dc27a4f6103a60cbfb37e00a0d2cabfee41c051ae0
389-ds-base-legacy-tools-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: 9e3fc7dbcccadabba81d5a035ffbe86ada355cb62add782075854af805a74955
389-ds-base-legacy-tools-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: b184d1455ad102e077e53335b1863e138451fda285f205371cd35dfd9dee2844
389-ds-base-libs-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: 95541cd8edd50371f244b3627b3781f46717503e933e95ccd1827bae2f3b3968
389-ds-base-libs-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: 647cf01524b7f16501896df790a6a63848b9c02bd1b89f036c2257fa6501534f
389-ds-base-snmp-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: 726ef23a045c78bfeeb30a2e111a339c1e43abeaa5f81072acb2030a9ffaba2b
389-ds-base-snmp-debuginfo-1.4.3.39-4.module+el8dsrv+21965+9ff26197.x86_64.rpm	SHA-256: 301fe26990dfc92df7b97b2453a7c1d50e4f88bbee681ff641a9aa1c61078958
cockpit-389-ds-1.4.3.39-4.module+el8dsrv+21965+9ff26197.noarch.rpm	SHA-256: d343570e15d948ec0824985788a90ac9a934d15a9d9dca93da45a3a14dde84b5
python3-lib389-1.4.3.39-4.module+el8dsrv+21965+9ff26197.noarch.rpm	SHA-256: 22d896d3ced4ad5b227136d358202a7bbf21cee8c5caef60519574e70c30a655

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation