drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in 389-ds-base
Name: |
Preisgabe von Informationen in 389-ds-base |
|
ID: |
FEDORA-2013-4578 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 18 |
|
Datum: |
Mi, 3. April 2013, 08:21 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1897 |
|
Applikationen: |
389 Directory Server |
|
Originalnachricht |
Name : 389-ds-base Product : Fedora 18 Version : 1.3.0.5 Release : 1.fc18 URL : http://port389.org/ Summary : 389 Directory Server (base) Description : 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration.
------------------------------------------------------------------------------- - Update Information:
This release fixes 7 critical bugs including one security bug. ------------------------------------------------------------------------------- - ChangeLog:
* Thu Mar 28 2013 Noriko Hosoi <nhosoi@redhat.com> - 1.3.0.5-1 - bump version to 1.3.0.5 - Ticket 47308 - unintended information exposure when anonymous access is set to rootdse - Ticket 628 - crash in aci evaluation - Ticket 627 - ns-slapd crashes sporadically with segmentation fault in libslapd.so - Ticket 634 - Deadlock in DNA plug-in Ticket #576 - DNA: use event queue for config update only at the start up - Ticket 632 - 389-ds-base cannot handle Kerberos tickets with PAC - Ticket 623 - cleanAllRUV task fails to cleanup config upon completion * Mon Mar 11 2013 Mark Reynolds <mreynolds@redhat.com> - 1.3.0.4-1 e53d691 bump version to 1.3.0.4 Bug 912964 - CVE-2013-0312 389-ds: unauthenticated denial of service vulnerability in handling of LDAPv3 control data Ticket 570 - DS returns error 20 when replacing values of a multi-valued attribute (only when replication is enabled) Ticket 490 - Slow role performance when using a lot of roles Ticket 590 - ns-slapd segfaults while trying to delete a tombstone entry * Wed Feb 13 2013 Noriko Hosoi <nhosoi@redhat.com> - 1.3.0.3-1 - bump version to 1.3.0.3 - Ticket #584 - Existence of an entry is not checked when its password is to be deleted - Ticket 562 - Crash when deleting suffix * Wed Jan 16 2013 Noriko Hosoi <nhosoi@redhat.com> - 1.3.0.2-1 - bump version to 1.3.0.2 - Ticket #542 - Cannot dynamically set nsslapd-maxbersize * Wed Jan 16 2013 Noriko Hosoi <nhosoi@redhat.com> - 1.3.0.1-1 - bump version to 1.3.0.1 - Ticket 556 - Don't overwrite certmap.conf during upgrade * Tue Jan 8 2013 Noriko Hosoi <nhosoi@redhat.com> - 1.3.0.0-1 - bump version to 1.3.0.0 * Tue Jan 8 2013 Noriko Hosoi <nhosoi@redhat.com> - 1.3.0-0.3.rc3 - bump version to 1.3.0.rc3 - Ticket 549 - DNA plugin no longer reports additional info when range is depleted - Ticket 541 - need to set plugin as off in ldif template - Ticket 541 - RootDN Access Control plugin is missing after upgrade * Fri Dec 14 2012 Noriko Hosoi <nhosoi@redhat.com> - 1.3.0-0.2.rc2 - bump version to 1.3.0.rc2 - Trac Ticket #497 - Escaped character cannot be used in the substring search filter - Ticket 509 - lock-free access to be->be_suffixlock - Trac Ticket #522 - betxn: upgrade is not implemented yet * Tue Dec 11 2012 Noriko Hosoi <nhosoi@redhat.com> - 1.3.0-0.1.rc1 - bump version to 1.3.0.rc1 - Ticket #322 - Create DOAP description for the 389 Directory Server project - Trac Ticket #499 - Handling URP results is not corrrect - Ticket 509 - lock-free access to be->be_suffixlock - Ticket 456 - improve entry cache sizing - Trac Ticket #531 - loading an entry from the database should use str2entry_f - Trac Ticket #536 - Clean up compiler warnings for 1.3 - Trac Ticket #531 - loading an entry from the database should use str2entry_fast - Ticket 509 - lock-free access to be->be_suffixlock - Ticket 527 - ns-slapd segfaults if it cannot rename the logs - Ticket 395 - RFE: 389-ds shouldn't advertise in the rootDSE that we can handle a sasl mech if we really can't - Ticket 216 - disable replication agreements - Ticket 518 - dse.ldif is 0 length after server kill or machine kill - Ticket 393 - Change in winSyncInterval does not take immediate effect - Ticket 20 - Allow automember to work on entries that have already been added - Coverity Fixes - Ticket 349 - nsViewFilter syntax issue in 389DS 1.2.5 - Ticket 337 - improve CLEANRUV functionality - Fix for ticket 504 - Ticket 394 - modify-delete userpassword - minor fixes for bdb 4.2/4.3 and mozldap - Trac Ticket #276 - Multiple threads simultaneously working on connection's private buffer causes ns-slapd to abort - Fix for ticket 465: cn=monitor showing stats for other db instances - Ticket 507 - use mutex for FrontendConfig lock instead of rwlock - Fix for ticket 510 Avoid creating an attribute just to determine the syntax for a type, look up the syntax directly by type - Coverity defect: Resource leak 13110 - Ticket 517 - crash in DNA if no dnaMagicRegen is specified - Trac Ticket #520 - RedHat Directory Server crashes (segfaults) when moving ldap entry - Trac Ticket #519 - Search with a complex filter including range search is slow - Trac Ticket #500 - Newly created users with organizationalPerson objectClass fails to sync from AD to DS with missing attribute error - Trac Ticket #311 - IP lookup failing with multiple DNS entries - Trac Ticket #447 - Possible to add invalid attribute to nsslapd-allowed-to-delete-attrs - Trac Ticket #443 - Deleting attribute present in nsslapd-allowed-to-delete-attrs returns Operations error - Ticket #503 - Improve AD version in winsync log message - Trac Ticket #190 - Un-resolvable server in replication agreement produces unclear error message - Coverity fixes - Trac Ticket #391 - Slapd crashes when deleting backends while operations are still in progress - Trac Ticket #448 - Possible to set invalid macros in Macro ACIs - Trac Ticket #498 - Cannot abaondon simple paged result search - Coverity defects - Trac Ticket #494 - slapd entered to infinite loop during new index addition - Fixing compiler warnings in the posix-winsync plugin - Coverity defects - Ticket 147 - Internal Password Policy usage very inefficient - Ticket 495 - internalModifiersname not updated by DNA plugin - Revert "Ticket 495 - internalModifiersname not updated by DNA plugin" - Ticket 495 - internalModifiersname not updated by DNA plugin - Ticket 468 - if pam_passthru is enabled, need to AC_CHECK_HEADERS([security/pam_appl.h]) - Ticket 486 - nsslapd-enablePlugin should not be multivalued - Ticket 488 - Doc: DS error log messages with typo - Trac Ticket #451 - Allow db2ldif to be quiet - Ticket #491 - multimaster_extop_cleanruv returns wrong error codes - Ticket #481 - expand nested posix groups - Trac Ticket #455 - Insufficient rights to unhashed#user#password when user deletes his password - Ticket #446 - anonymous limits are being applied to directory manager ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #928105 - CVE-2013-1897 389-ds: unintended information exposure when rootdse is enabled https://bugzilla.redhat.com/show_bug.cgi?id=928105 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update 389-ds-base' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|