You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa 389-ds-base

Sigurnosni nedostatak programskog paketa 389-ds-base

——————————————————————————–
Fedora Update Notification
FEDORA-2015-15128
2015-10-08 18:22:46.306242
——————————————————————————–

Name : 389-ds-base
Product : Fedora 21
Version : 1.3.3.13
Release : 1.fc21
URL : http://port389.org/
Summary : 389 Directory Server (base)
Description :
389 Directory Server is an LDAPv3 compliant server. The base package includes
the LDAP server and command line utilities for server administration.

——————————————————————————–
Update Information:

389-ds-base-1.3.3.13-1.fc21 – release 1.3.3.13 – Ticket 48265 – Complex
filter in a search request doen’t work as expected. (regression) – Ticket 47981
– COS cache doesn’t properly mark vattr cache as invalid when there are multiple
suffixes – Ticket 48252 – db2index creates index entry from deleted records –
Ticket 48228 – wrong password check if passwordInHistory is decreased. – Ticket
48252 – db2index creates index entry from deleted records – Ticket 48254 – CLI
db2index fails with usage errors – Ticket 47831 – remove debug logging from
retro cl – Ticket 48245 – Man pages and help for remove-ds.pl doesn’t display
“-a” option – Ticket 47931 – Fix coverity issues – Ticket 47931 – memberOf &
retrocl deadlocks – Ticket 48228 – wrong password check if passwordInHistory is
decreased. – Ticket 48215 – update dbverify usage in main.c – Ticket 48215 –
update dbverify usage – Ticket 48215 – verify_db.pl doesn’t verify DB specified
by -a option – Ticket 47810 – memberOf plugin not properly rejecting updates –
Ticket 48231 – logconv autobind handling regression caused by 47446 – Ticket
48232 – winsync lastlogon attribute not syncing between DS and AD. – Ticket
48206 – Crash during retro changelog trimming – Ticket 48224 – redux 2 –
logconv.pl should handle *.tar.xz, *.txz, *.xz log files – Ticket 48226 – In
MMR, double free coould occur under some special condition – Ticket 48224 –
redux – logconv.pl should handle *.tar.xz, *.txz, *.xz log files – Ticket 48224
– redux – logconv.pl should handle *.tar.xz, *.txz, *.xz log files – Ticket
48224 – logconv.pl should handle *.tar.xz, *.txz, *.xz log files – Ticket 48192
– Individual abandoned simple paged results request has no chance to be cleaned
up – Ticket 48212 – Dynamic nsMatchingRule changes had no effect on the attrinfo
thus following reindexing, as well. – Ticket 48195 – Slow replication when
deleting large quantities of multi-valued attributes – Ticket 48175 – Avoid
using regex in ACL if possible
——————————————————————————–
References:

[ 1 ] Bug #1232896 – CVE-2015-3230 389-ds-base: nsSSL3Ciphers preference not enforced server side (regression) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1232896
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update 389-ds-base’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Ranjivosti programskog paketa ntp

Otkriveno je nekoliko ranjivosti u programskom paketu ntp za Fedoru. Ranjivosti su posljedica nepravilne obrade posebno oblikovanog konfiguracijskog paketa, preoblikovanih...

Close