Issued:: 2024-09-11
Updated:: 2024-09-11

RHSA-2024:6569 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: 389-ds:1.4 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

BZ - 2292104 - CVE-2024-5953 389-ds-base: Malformed userPassword hash may cause Denial of Service

CVEs

CVE-2024-5953

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
389-ds-base-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.src.rpm	SHA-256: 4797653e5e53ea2b912508c3061b11de452a770795fb9fff04fd344829826366
x86_64
python3-lib389-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.noarch.rpm	SHA-256: 8ef8446efdbcf546ff0859fa7a1ddc972118dbb215199a9346c5078c7391abb1
389-ds-base-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: 717400674e7a6a74e35af41f8743360e9d1199c36d49b3febeed84a644d31b69
389-ds-base-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: 52fa78d722b21b20f6ade3668a06684ed22ae2c8671a895f9137e7f4cc6d9a95
389-ds-base-debugsource-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: 3273d96c372f1cc982bf08388a10057bf3706f9812cc1943f2e73504c676a51d
389-ds-base-devel-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: 4c4f36d5bebd4b3c224491be0c9ccb2eef47d1a69a3106edd63bbea955f4d1c5
389-ds-base-legacy-tools-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: 28bd8986ece4a74aaeb1a9f5ea2910228eefdbd86e6a5ec68b7623bbadcf0578
389-ds-base-legacy-tools-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: 1df5c9c63ced46a17e2fb8c6e69b0623a4cdaa67d8ffd8942d4a788c52cf52cf
389-ds-base-libs-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: c5c2831db284f9242bc9ad559784a8c97ab388f9660869b1765b02837d73c13f
389-ds-base-libs-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: 71051158a1c0bb39d4c4c3cfd99187fada7764db71811f17b72a511004d9f72f
389-ds-base-snmp-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: 10432ef62341550085072a7600e7e855b8f2be4562841e924a9e1be15af4e35b
389-ds-base-snmp-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.x86_64.rpm	SHA-256: faa8ed1717b91e0f3dd8f39c886324010182b700cc144a5cc957c8b7f610e029

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
389-ds-base-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.src.rpm	SHA-256: 4797653e5e53ea2b912508c3061b11de452a770795fb9fff04fd344829826366
s390x
python3-lib389-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.noarch.rpm	SHA-256: 8ef8446efdbcf546ff0859fa7a1ddc972118dbb215199a9346c5078c7391abb1
389-ds-base-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: 141cc421733bf1a4827159fbfe826f7c403b1673b5ead17bb7be2488b43a0b90
389-ds-base-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: 6f96525f33a3378ee7af39932fcf5cda54a60a38ceaa386dc2ea1253aa2c5ad1
389-ds-base-debugsource-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: 8d0fa9a1e9958e343acd79fdd97396893c7888817717e83ba627b33ac5db7afc
389-ds-base-devel-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: 3e7d51a99343b96f05711463b83db685962d52047f0638fc3fc908d984ae4eb4
389-ds-base-legacy-tools-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: a2ebeaad59a48468bfcb8fc4d4328557a3ade7785e584823deb9c9857e7eaeaa
389-ds-base-legacy-tools-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: df820332828018797f71591f76fd2cb2a0f2e84ad03246ed4cdb167f649dc1f0
389-ds-base-libs-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: 390549844e9b212bac8cd5f6d6396520c6da5240cd9f6b729956622f0606a4ed
389-ds-base-libs-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: 9c566089f2cd0a6f68077062606a0879d520611938ed9a6653dd43c9a19927ab
389-ds-base-snmp-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: 08be217ddb4ffe7d77fb786ee4ca5dfb70b6c6ad1adc0700194ca3e538b472dc
389-ds-base-snmp-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.s390x.rpm	SHA-256: e6f88fd3f88c73c8cf08f5d1e6012d3619b49fbda92b16e726ffdc663eb2821a

Red Hat Enterprise Linux for Power, little endian 8

SRPM
389-ds-base-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.src.rpm	SHA-256: 4797653e5e53ea2b912508c3061b11de452a770795fb9fff04fd344829826366
ppc64le
389-ds-base-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: 57c8597834d3c9d169d3ba597afe00af3a466762e8ca27c648d8c5c292196b52
389-ds-base-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: f66db19c705a12fe39436d08f4d15676d5f50c85d614c742c646ad2ccd95c9cb
389-ds-base-debugsource-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: 92c625eb31433722306bcfa6abae7c4a02034a64f4a064563088eec0085fbfeb
389-ds-base-devel-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: c002867d8484d4bfeba39ba52a263961b01a24bf26097bf03f8d97b4384dee5e
389-ds-base-legacy-tools-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: c58caba1b27bcbcd44d36b4418a40911f31b9ba14947097d88f9676ce2d4131f
389-ds-base-legacy-tools-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: d30fbb0ed73fc40e1c01323284a7d04cee648b7d217642305bc5fc27b4d6a1f0
389-ds-base-libs-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: 3f9ecb90ad16b951ee6c7a950f8a3372ff887bf371c476f545e8b6110f897a39
389-ds-base-libs-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: 5eaa3cc4160791b25f436dbbf7719a0393dda5a5601e59da02acb072ef8c0c99
389-ds-base-snmp-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: 7d4eb65182a974bf0f749cecf9bd55d0eeb33e6c5e54c507e262cd2e71adc5f3
389-ds-base-snmp-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.ppc64le.rpm	SHA-256: 70e4484337c4deac05e59e065a9caaddcb22b9db739e8b193bd9ea53b973e790
python3-lib389-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.noarch.rpm	SHA-256: 8ef8446efdbcf546ff0859fa7a1ddc972118dbb215199a9346c5078c7391abb1

Red Hat Enterprise Linux for ARM 64 8

SRPM
389-ds-base-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.src.rpm	SHA-256: 4797653e5e53ea2b912508c3061b11de452a770795fb9fff04fd344829826366
aarch64
python3-lib389-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.noarch.rpm	SHA-256: 8ef8446efdbcf546ff0859fa7a1ddc972118dbb215199a9346c5078c7391abb1
389-ds-base-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: f7b477a1d3ee2c2d9de465e72c691ff4b4bf3428a45160d947cf32bc486c6606
389-ds-base-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: 01392a5496239e6dfc6a508e856a58a8fec70fb000953eae3a37b66bdb6eff0f
389-ds-base-debugsource-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: 28ac6d56860f980d7ab467cd0b293cdbcd5dff6d8754b9ca2293837c090a7374
389-ds-base-devel-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: 3894d25a7ae15da875c9080ac975899031be51cb9f2ab1e1f65484e9a1b3771f
389-ds-base-legacy-tools-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: 32ae23e94ed3ed72645f6ee020fdafcd91346f2a6de70b8db654e719b47b9a88
389-ds-base-legacy-tools-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: 26310af35a0ec613b7b9fd8a80006cb1fd585eb75f2856a456fc627f79acc769
389-ds-base-libs-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: 83c83c6e34bb15687671c0d24548f8be2b0927535c835a3c61b18cab830eaa79
389-ds-base-libs-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: a5ef127b25061864507cce7b06911461630c75222d0efc4c1aa775601fe458ec
389-ds-base-snmp-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: 603c441d98778f08e7113484a5665c8a447c82746ff63e781f393e2472cdddc6
389-ds-base-snmp-debuginfo-1.4.3.39-8.module+el8.10.0+22275+e4fc04d4.aarch64.rpm	SHA-256: 723de7873c08e14b2a7679b0d1762f350213b2d792c58a5c621555138056bef5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation