Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:36585 - Security Advisory
Issued:
2026-07-08
Updated:
2026-07-08

RHSA-2026:36585 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: 389-ds-base security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for 389-ds-base is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

  • 389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND (CVE-2026-11610)
  • 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow (CVE-2026-11774)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x

Fixes

  • BZ - 2484414 - CVE-2026-11610 389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND
  • BZ - 2484916 - CVE-2026-11774 389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow

CVEs

  • CVE-2026-11610
  • CVE-2026-11774

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
389-ds-base-2.2.4-19.el9_2.src.rpm SHA-256: 489f989dbc682904125191fd83967756140e476151365f65dd022a836d015bc7
x86_64
389-ds-base-2.2.4-19.el9_2.x86_64.rpm SHA-256: 75861eb3e7554402a892386d0c3d58d48af6a20c663d37fa1259a66a0d4bc203
389-ds-base-debuginfo-2.2.4-19.el9_2.x86_64.rpm SHA-256: 7ebc9ba01dec8de2d8887f7a3a4dcc4ff2e98b94e7572f290d9f1fa62677f2a8
389-ds-base-debugsource-2.2.4-19.el9_2.x86_64.rpm SHA-256: 0728fe3d308676626926a7ff6915f230278a2040f0ffccfcebf875055de2bead
389-ds-base-libs-2.2.4-19.el9_2.x86_64.rpm SHA-256: 9728b458a19fc850dfbd3bf5c94c36547f3a0f10eac88fc34d68236c4d78ea11
389-ds-base-libs-debuginfo-2.2.4-19.el9_2.x86_64.rpm SHA-256: e522b2d9dc495d4dc0452823cdbbd3eebd0a0136f43d07dac74e4d2edbae2851
389-ds-base-snmp-debuginfo-2.2.4-19.el9_2.x86_64.rpm SHA-256: 3bcc1b6cf515d5d44a43d5cc764149b11f36d5f1602482f3d9fd19ef782b58ed
python3-lib389-2.2.4-19.el9_2.noarch.rpm SHA-256: 7f00c4c140cf9db277ccb127705e84692334a9de883682b20a13b4d7bd5d89b1

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
389-ds-base-2.2.4-19.el9_2.src.rpm SHA-256: 489f989dbc682904125191fd83967756140e476151365f65dd022a836d015bc7
ppc64le
389-ds-base-2.2.4-19.el9_2.ppc64le.rpm SHA-256: 0216ac0df76f2e42a39be1a98aa5bb5faf56e6e417392c0b63e7233e1f3e0b9a
389-ds-base-debuginfo-2.2.4-19.el9_2.ppc64le.rpm SHA-256: c4c979ccf2839a04425cd0bfbd1dd811f580ce392d2bfc64af158c0d78faacdf
389-ds-base-debugsource-2.2.4-19.el9_2.ppc64le.rpm SHA-256: 1d09d34f9145cc8650440fadd9af629e1e5989565e3adf2a67cd23e3ec39f804
389-ds-base-libs-2.2.4-19.el9_2.ppc64le.rpm SHA-256: 269c0af567f2947dcca394efd188d785faa345920456eebadeafa6fbf0441624
389-ds-base-libs-debuginfo-2.2.4-19.el9_2.ppc64le.rpm SHA-256: e7378fbc4dce6330440a26b29dcec06d1b9ab40abadd49cda340a565626cd0b3
389-ds-base-snmp-debuginfo-2.2.4-19.el9_2.ppc64le.rpm SHA-256: 971c0b388fc776579695eb8b97aaf32c139284ab1a6ea32e81a02575ff75ae14
python3-lib389-2.2.4-19.el9_2.noarch.rpm SHA-256: 7f00c4c140cf9db277ccb127705e84692334a9de883682b20a13b4d7bd5d89b1

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
389-ds-base-2.2.4-19.el9_2.src.rpm SHA-256: 489f989dbc682904125191fd83967756140e476151365f65dd022a836d015bc7
x86_64
389-ds-base-2.2.4-19.el9_2.x86_64.rpm SHA-256: 75861eb3e7554402a892386d0c3d58d48af6a20c663d37fa1259a66a0d4bc203
389-ds-base-debuginfo-2.2.4-19.el9_2.x86_64.rpm SHA-256: 7ebc9ba01dec8de2d8887f7a3a4dcc4ff2e98b94e7572f290d9f1fa62677f2a8
389-ds-base-debugsource-2.2.4-19.el9_2.x86_64.rpm SHA-256: 0728fe3d308676626926a7ff6915f230278a2040f0ffccfcebf875055de2bead
389-ds-base-libs-2.2.4-19.el9_2.x86_64.rpm SHA-256: 9728b458a19fc850dfbd3bf5c94c36547f3a0f10eac88fc34d68236c4d78ea11
389-ds-base-libs-debuginfo-2.2.4-19.el9_2.x86_64.rpm SHA-256: e522b2d9dc495d4dc0452823cdbbd3eebd0a0136f43d07dac74e4d2edbae2851
389-ds-base-snmp-debuginfo-2.2.4-19.el9_2.x86_64.rpm SHA-256: 3bcc1b6cf515d5d44a43d5cc764149b11f36d5f1602482f3d9fd19ef782b58ed
python3-lib389-2.2.4-19.el9_2.noarch.rpm SHA-256: 7f00c4c140cf9db277ccb127705e84692334a9de883682b20a13b4d7bd5d89b1

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
389-ds-base-2.2.4-19.el9_2.src.rpm SHA-256: 489f989dbc682904125191fd83967756140e476151365f65dd022a836d015bc7
aarch64
389-ds-base-2.2.4-19.el9_2.aarch64.rpm SHA-256: 519c11cb9eb0ab62cb99ab2a5b79f524fa85582d613a68ca9dca8c4c1c089127
389-ds-base-debuginfo-2.2.4-19.el9_2.aarch64.rpm SHA-256: 9e8660bc05cb422c17cebbe1e935735f8cbae985548eeabec40fa9d4821e6d02
389-ds-base-debugsource-2.2.4-19.el9_2.aarch64.rpm SHA-256: 15baffcc4a42bc0406857a9cedd11b0dc04754c054242ec08b23faa605ff4747
389-ds-base-libs-2.2.4-19.el9_2.aarch64.rpm SHA-256: 4d0d2d1af103d2a1ee389efc2f15ac826126904092d71ddd0a7d6381b64b6544
389-ds-base-libs-debuginfo-2.2.4-19.el9_2.aarch64.rpm SHA-256: 11ea783bcda1879b4dc8b826858df983fe048e50356758a11eb59f9f2df54c35
389-ds-base-snmp-debuginfo-2.2.4-19.el9_2.aarch64.rpm SHA-256: ffff45c15ba4cc5fb0407c64c9495aec81cda375b0fc2ee9be29e30480f76576
python3-lib389-2.2.4-19.el9_2.noarch.rpm SHA-256: 7f00c4c140cf9db277ccb127705e84692334a9de883682b20a13b4d7bd5d89b1

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
389-ds-base-2.2.4-19.el9_2.src.rpm SHA-256: 489f989dbc682904125191fd83967756140e476151365f65dd022a836d015bc7
s390x
389-ds-base-2.2.4-19.el9_2.s390x.rpm SHA-256: 3c69c047694464d2a623930cef672b7fa82e0914fa314b079c61400dd4335516
389-ds-base-debuginfo-2.2.4-19.el9_2.s390x.rpm SHA-256: 76530df1639087f537b846774c06453c6d76e398add7c8719075b02693b6b6d9
389-ds-base-debugsource-2.2.4-19.el9_2.s390x.rpm SHA-256: 83dfe9c83fe9069a69b6017a8a859ecabb643917f851f62ebd4c60b1978ab333
389-ds-base-libs-2.2.4-19.el9_2.s390x.rpm SHA-256: fadee4cb1a67d1177cdd343bfb74bc69e83de29dfc4adad3661015d95e88efff
389-ds-base-libs-debuginfo-2.2.4-19.el9_2.s390x.rpm SHA-256: 4183649a7bed6206ff1c1c826bba05880e64c03f21e4a8cafa15cf7b74dbf43d
389-ds-base-snmp-debuginfo-2.2.4-19.el9_2.s390x.rpm SHA-256: ab1674106449961d3e1b94dac7c27717f3f5b2b021b79e06cd6579a2fc2e7b70
python3-lib389-2.2.4-19.el9_2.noarch.rpm SHA-256: 7f00c4c140cf9db277ccb127705e84692334a9de883682b20a13b4d7bd5d89b1

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2

SRPM
389-ds-base-2.2.4-19.el9_2.src.rpm SHA-256: 489f989dbc682904125191fd83967756140e476151365f65dd022a836d015bc7
x86_64
389-ds-base-2.2.4-19.el9_2.x86_64.rpm SHA-256: 75861eb3e7554402a892386d0c3d58d48af6a20c663d37fa1259a66a0d4bc203
389-ds-base-debuginfo-2.2.4-19.el9_2.x86_64.rpm SHA-256: 7ebc9ba01dec8de2d8887f7a3a4dcc4ff2e98b94e7572f290d9f1fa62677f2a8
389-ds-base-debugsource-2.2.4-19.el9_2.x86_64.rpm SHA-256: 0728fe3d308676626926a7ff6915f230278a2040f0ffccfcebf875055de2bead
389-ds-base-libs-2.2.4-19.el9_2.x86_64.rpm SHA-256: 9728b458a19fc850dfbd3bf5c94c36547f3a0f10eac88fc34d68236c4d78ea11
389-ds-base-libs-debuginfo-2.2.4-19.el9_2.x86_64.rpm SHA-256: e522b2d9dc495d4dc0452823cdbbd3eebd0a0136f43d07dac74e4d2edbae2851
389-ds-base-snmp-debuginfo-2.2.4-19.el9_2.x86_64.rpm SHA-256: 3bcc1b6cf515d5d44a43d5cc764149b11f36d5f1602482f3d9fd19ef782b58ed
python3-lib389-2.2.4-19.el9_2.noarch.rpm SHA-256: 7f00c4c140cf9db277ccb127705e84692334a9de883682b20a13b4d7bd5d89b1

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2

SRPM
389-ds-base-2.2.4-19.el9_2.src.rpm SHA-256: 489f989dbc682904125191fd83967756140e476151365f65dd022a836d015bc7
aarch64
389-ds-base-2.2.4-19.el9_2.aarch64.rpm SHA-256: 519c11cb9eb0ab62cb99ab2a5b79f524fa85582d613a68ca9dca8c4c1c089127
389-ds-base-debuginfo-2.2.4-19.el9_2.aarch64.rpm SHA-256: 9e8660bc05cb422c17cebbe1e935735f8cbae985548eeabec40fa9d4821e6d02
389-ds-base-debugsource-2.2.4-19.el9_2.aarch64.rpm SHA-256: 15baffcc4a42bc0406857a9cedd11b0dc04754c054242ec08b23faa605ff4747
389-ds-base-libs-2.2.4-19.el9_2.aarch64.rpm SHA-256: 4d0d2d1af103d2a1ee389efc2f15ac826126904092d71ddd0a7d6381b64b6544
389-ds-base-libs-debuginfo-2.2.4-19.el9_2.aarch64.rpm SHA-256: 11ea783bcda1879b4dc8b826858df983fe048e50356758a11eb59f9f2df54c35
389-ds-base-snmp-debuginfo-2.2.4-19.el9_2.aarch64.rpm SHA-256: ffff45c15ba4cc5fb0407c64c9495aec81cda375b0fc2ee9be29e30480f76576
python3-lib389-2.2.4-19.el9_2.noarch.rpm SHA-256: 7f00c4c140cf9db277ccb127705e84692334a9de883682b20a13b4d7bd5d89b1

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2

SRPM
389-ds-base-2.2.4-19.el9_2.src.rpm SHA-256: 489f989dbc682904125191fd83967756140e476151365f65dd022a836d015bc7
ppc64le
389-ds-base-2.2.4-19.el9_2.ppc64le.rpm SHA-256: 0216ac0df76f2e42a39be1a98aa5bb5faf56e6e417392c0b63e7233e1f3e0b9a
389-ds-base-debuginfo-2.2.4-19.el9_2.ppc64le.rpm SHA-256: c4c979ccf2839a04425cd0bfbd1dd811f580ce392d2bfc64af158c0d78faacdf
389-ds-base-debugsource-2.2.4-19.el9_2.ppc64le.rpm SHA-256: 1d09d34f9145cc8650440fadd9af629e1e5989565e3adf2a67cd23e3ec39f804
389-ds-base-libs-2.2.4-19.el9_2.ppc64le.rpm SHA-256: 269c0af567f2947dcca394efd188d785faa345920456eebadeafa6fbf0441624
389-ds-base-libs-debuginfo-2.2.4-19.el9_2.ppc64le.rpm SHA-256: e7378fbc4dce6330440a26b29dcec06d1b9ab40abadd49cda340a565626cd0b3
389-ds-base-snmp-debuginfo-2.2.4-19.el9_2.ppc64le.rpm SHA-256: 971c0b388fc776579695eb8b97aaf32c139284ab1a6ea32e81a02575ff75ae14
python3-lib389-2.2.4-19.el9_2.noarch.rpm SHA-256: 7f00c4c140cf9db277ccb127705e84692334a9de883682b20a13b4d7bd5d89b1

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2

SRPM
389-ds-base-2.2.4-19.el9_2.src.rpm SHA-256: 489f989dbc682904125191fd83967756140e476151365f65dd022a836d015bc7
s390x
389-ds-base-2.2.4-19.el9_2.s390x.rpm SHA-256: 3c69c047694464d2a623930cef672b7fa82e0914fa314b079c61400dd4335516
389-ds-base-debuginfo-2.2.4-19.el9_2.s390x.rpm SHA-256: 76530df1639087f537b846774c06453c6d76e398add7c8719075b02693b6b6d9
389-ds-base-debugsource-2.2.4-19.el9_2.s390x.rpm SHA-256: 83dfe9c83fe9069a69b6017a8a859ecabb643917f851f62ebd4c60b1978ab333
389-ds-base-libs-2.2.4-19.el9_2.s390x.rpm SHA-256: fadee4cb1a67d1177cdd343bfb74bc69e83de29dfc4adad3661015d95e88efff
389-ds-base-libs-debuginfo-2.2.4-19.el9_2.s390x.rpm SHA-256: 4183649a7bed6206ff1c1c826bba05880e64c03f21e4a8cafa15cf7b74dbf43d
389-ds-base-snmp-debuginfo-2.2.4-19.el9_2.s390x.rpm SHA-256: ab1674106449961d3e1b94dac7c27717f3f5b2b021b79e06cd6579a2fc2e7b70
python3-lib389-2.2.4-19.el9_2.noarch.rpm SHA-256: 7f00c4c140cf9db277ccb127705e84692334a9de883682b20a13b4d7bd5d89b1

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility