Login
Newsletter
Werbung

Sicherheit: Zahlenüberlauf in 389-ds-base
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in 389-ds-base
ID: FEDORA-2018-84c640b8fa
Distribution: Fedora
Plattformen: Fedora 27
Datum: So, 1. Juli 2018, 10:48
Referenzen: Keine Angabe
Applikationen: 389 Directory Server

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-84c640b8fa
2018-07-01 01:33:28.643506
-------------------------------------------------------------------------------
-

Name : 389-ds-base
Product : Fedora 27
Version : 1.3.8.4
Release : 1.fc27
URL : http://www.port389.org
Summary : 389 Directory Server (base)
Description :
389 Directory Server is an LDAPv3 compliant server. The base package includes
the LDAP server and command line utilities for server administration.

-------------------------------------------------------------------------------
-
Update Information:

Bump version to 1.3.8.4-1
-------------------------------------------------------------------------------
-
ChangeLog:

* Thu Jun 21 2018 Mark Reynolds <mreynolds@redhat.com> - 1.3.8.4-1
- Bump version to 1.3.8.4-1
- Ticket 49751 - passwordMustChange attribute is not honored by a RO consumer
if using "Chain on Update"
- Ticket 49734 - Fix various issues with Disk Monitoring
- Ticket 49788 - Fixing 4-byte UTF-8 character validation
* Mon Jun 11 2018 Mark Reynolds <mreyhnolds@redhat.com> - 1.3.8.3-2
- Bump version to 1.3.8.3-2
- Ticket 49576 - ds-replcheck: fix certificate directory verification
* Mon Jun 11 2018 Mark Reynolds <mreyhnolds@redhat.com> - 1.3.8.3-1
- Bump version to 1.3.8.3
- Ticket 49746 - Additional compiler errors on ARM
- Ticket 49746 - Segfault during replication startup on Arm device
- Ticket 49742 - Fine grained password policy can impact search performance
- Ticket 49768 - Under network intensive load persistent search can erronously
decrease connection refcnt
- Ticket 49765 - compiler warning
- Ticket 49765 - Async operations can hang when the server is running
nunc-stans
- Ticket 49748 - Passthru plugin startTLS option not working
- Ticket 49736 - Hardening of active connection list
- Ticket 48184 - clean up and delete connections at shutdown (3rd)
- Ticket 49726 - DS only accepts RSA and Fortezza cipher families
- Ticket 49722 - Errors log full of " WARN - keys2idl - recieved NULL idl
from index_read_ext_allids, treating as empty set" messages
- Ticket 49576 - Add support of ";deletedattribute" in ds-replcheck
- Ticket 49576 - Update ds-replcheck for new conflict entries
* Thu May 24 2018 Mark Reynolds <mreynolds@redhat.com> - 1.3.8.2-1
- Bump version to 1.3.8.2
- Ticket 48184 - clean up and delete connections at shutdown (2nd try)
- Ticket 49696 - replicated operations should be serialized
- Ticket 49671 - Readonly replicas should not write internal ops to changelog
- Ticket 49665 - Upgrade script doesn't enable CRYPT password storage
plug-in
- Ticket 49665 - Upgrade script doesn't enable PBKDF2 password storage
plug-in
* Tue May 8 2018 Mark Reynolds <mreynolds@redhat.com> - 1.3.8.1-1
- Bump version to 1.3.8.1
- Ticket 49661 - CVE-2018-1089 - Crash from long search filter
- Ticket 49652 - DENY aci's are not handled properly
- Ticket 49649 - Use reentrant crypt_r()
- Ticket 49644 - crash in debug build
- Ticket 49631 - same csn generated twice
- Ticket 48184 - revert previous patch around nunc-stans shutdown crash
- Ticket 49619 - adjustment of csn_generator can fail so next generated csn can
be equal to the most recent one received
- Rebase to 1.3.8
* Tue Mar 6 2018 Mark Reynolds <mreynolds@redhat.com> - 1.3.7.10-1
- Bump version to 1.3.7.10
- Ticket 49545 - final substring extended filter search returns invalid result
- Ticket 49161 - memberof fails if group is moved into scope
- ticket 49551 - correctly handle subordinates and tombstone numsubordinates
- Ticket 49296 - Fix race condition in connection code with anonymous limits
- Ticket 49568 - Fix integer overflow on 32bit platforms
- Ticket 49566 - ds-replcheck needs to work with hidden conflict entries
- Ticket 49551 - fix memory leak found by coverity
- Ticket 49551 - correct handling of numsubordinates for cenotaphs and
tombstone delete
- Ticket 49560 - nsslapd-extract-pemfiles should be enabled by default as
openldap is moving to openssl
- Ticket 49557 - Add config option for checking CRL on outbound SSL Connections
* Mon Feb 19 2018 Mark Reynolds <mreynolds@redhat.com> - 1.3.7.9-1.1
- Add cyrus-sasl-plain requirement
* Wed Jan 31 2018 Mark Reynolds <mreynolds@redhat.com> - 1.3.7.9-1
- Bump version to 1.3.7.9
- CVE-2017-15134 - Remote DoS via search filters in slapi_filter_sprintf
- Ticket 49546 - Fix broken snmp MIB file
- Ticket 49541 - Replica ID config validation fix
- Ticket 49370 - Crash when using a global and local pw policies
- Ticket 49540 - Indexing task is reported finished too early regarding the
backend status
- Ticket 49534 - Fix coverity regression
- Ticket 49541 - repl config should not allow rid 65535 for masters
- Ticket 49370 - Add all the password policy defaults to a new local policy
- Ticket 49526 - Improve create_test.py script
- Ticket 49534 - Fix coverity issues and regression
- Ticket 49523 - memberof: schema violation error message is confusing as
memberof will likely repair target entry
- Ticket 49532 - coverity issues - fix compiler warnings & clang issues
- Ticket 49463 - After cleanALLruv, there is a flow of keep alive DEL
- Ticket 48184 - close connections at shutdown cleanly.
- Ticket 49509 - Indexing of internationalized matching rules is failing
- Ticket 49531 - coverity issues - fix memory leaks
- Ticket 49529 - Fix Coverity warnings: invalid deferences
- Ticket 49413 - Changelog trimming ignores disabled replica-agreement
- Ticket 49446 - cleanallruv should ignore cleaned replica Id in processing
changelog if in force mode
- Ticket 49278 - GetEffectiveRights gives false-negative
- Ticket 49524 - Password policy: minimum token length fails when the token
length is equal to attribute length
- Ticket 49493 - heap use after free in csn_as_string
- Ticket 49495 - Fix memory management is vattr.
- Ticket 49471 - heap-buffer-overflow in ss_unescape
- Ticket 49449 - Load sysctl values on rpm upgrade.
- Ticket 49470 - overflow in pblock_get
- Ticket 49474 - sasl allow mechs does not operate correctly
- Ticket 49460 - replica_write_ruv log a failure even when it succeeds
* Mon Nov 20 2017 Mark Reynolds <mreynolds@redhat.com> - 1.3.7.8-1
- Bump version to 1.3.7.8
- Ticket 49298 - fix complier warn
- Ticket 49298 - Correct error codes with config restore.
- Ticket 49435 - Fix NS race condition on loaded test systems
- Ticket 49454 - SSL Client Authentication breaks in FIPS mode
- Ticket 49410 - opened connection can remain no longer poll, like hanging
- Ticket 48118 - fix compiler warning for incorrect return type
- Ticket 49443 - scope one searches in 1.3.7 give incorrect results
- Ticket 48118 - At startup, changelog can be erronously rebuilt after a normal
shutdown
- Ticket 49377 - Incoming BER too large with TLS on plain port
- Ticket 49441 - Import crashes with large indexed binary attributes
* Fri Nov 3 2017 Mark Reynolds <mreynolds@redhat.com> - 1.3.7.7-1
- Bump version to 1.3.7.7
- Ticket 48393 - fix copy and paste error
- Ticket 49439 - cleanallruv is not logging information
- Ticket 48393 - Improve replication config validation
- Ticket 49436 - double free in COS in some conditions
- Ticket 48007 - CI test to test changelog trimming interval
- Ticket 49424 - Resolve csiphash alignment issues
- Ticket 49401 - Fix compiler incompatible-pointer-types warnings
- Ticket 49401 - improve valueset sorted performance on delete
- Ticket 48894 - harden valueset_array_to_sorted_quick valueset access
- Ticket 48681 - Use of uninitialized value in string ne at /usr/bin/logconv.pl
- Ticket 49374 - server fails to start because maxdisksize is recognized
incorrectly
- Ticket 49408 - Server allows to set any nsds5replicaid in the existing
replica entry
- Ticket 49407 - status-dirsrv shows ellipsed lines
- Ticket 48681 - Use of uninitialized value in string ne at /usr/bin/logconv.pl
line 2565, <$LOGFH> line 4
- Ticket 49386 - Memberof should be ignore MODRDN when the pre/post entry are
identical
- Ticket 48006 - Missing warning for invalid replica backoff configuration
- Ticket 49378 - server init fails
- Ticket 49064 - testcase hardening
- Ticket 49064 - RFE allow to enable MemberOf plugin in dedicated consumer
- Ticket 49402 - Adding a database entry with the same database name that was
deleted hangs server at shutdown
- Ticket 49394 - slapi_pblock_get may leave unchanged the provided variable
- Ticket 48235 - remove memberof lock (cherry-pick error)
- Ticket 48235 - Remove memberOf global lock
- Ticket 49363 - Merge lib389, all lib389 history in single patch
* Mon Oct 9 2017 Mark Reynolds <mreynolds@redhat.com> - 1.3.7.6-1
- Bump verson to 1.3.7.6
- Ticket 49038 - remove legacy replication - change cleanup script precedence
- Ticket 49392 - memavailable not available
- Ticket 49320 - Activating already active role returns error 16
- Ticket 49389 - unable to retrieve specific cosAttribute when subtree password
policy is configured
- Ticket 49092 - Add CI test for schema-reload
- Ticket 49388 - repl-monitor - matches null string many times in regex
- Ticket 49385 - Fix coverity warnings
- Ticket 49305 - Need to wrap atomic calls
- Ticket 49180 - errors log filled with attrlist_replace - attr_replace
* Fri Sep 22 2017 Mark Reynolds <mreynolds@redhat.com> - 1.3.7.5-1
- Bump version to 1.3.7.5
- Ticket 49327 - Add CI test for password expiration controls
- Ticket #48085 - CI tests - replication ruvstore
- Ticket 49381 - Refactor numerous suite docstrings
- Ticket #48085 - CI tests - replication cl5
- Ticket 49379 - Allowed sasl mapping requires restart
- Ticket 49327 - password expired control not sent during grace logins
- Ticket 49380 - Add CI test
- Ticket 83 - Fix create_test.py imports
- Ticket 49381 - Add docstrings to ds_logs, gssapi_repl, betxn
- Ticket 49380 - Crash when adding invalid replication agreement
- Ticket 48081 - CI test - password
- Ticket 49295 - Fix CI tests
- Ticket 49295 - Fix CI test for account policy
- Ticket 49295 - Fix CI tests
- Ticket 49373 - remove unused header file
* Wed Sep 6 2017 Mark Reynolds <mreynolds@redhat.com> - 1.3.7.4-1
- Bump version to 1.3.7.4
- Ticket 49371 - Cleanup update script
- Ticket 48831 - Autotune dncache with entry cache.
- Ticket 49312 - pwdhash -D used default hash algo
- Ticket 49043 - make replication conflicts transparent to clients
- Ticket 49371 - Fix rpm build
- Ticket 49371 - Template dse.ldif did not contain all needed plugins
- Ticket 49295 - Fix CI Tests
- Ticket 49050 - make objectclass ldapsubentry effective immediately
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-84c640b8fa' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AHQQXRTRAB3CIAHG6AG2NS34KMIF4YNL/
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung