ELSA-2026-26459
- ULN >
- Oracle Linux Errata repository >
- ELSA-2026-26459
ELSA-2026-26459 - 389-ds:1.4 security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2026-06-18 |
Description
[1.4.3.39-24]
- Bump version to 1.4.3.39-24
- Resolves: RHEL-170278 - Memory leaks in syncrepl plugin during persistent search operations [rhel-8.10.z]
- Resolves: RHEL-163375 - WARN - keys2idl - received NULL idl from index_read_ext_allids
- Resolves: RHEL-159306 - ns-slapd crash in libdb possible memory corruption [rhel-8.10.z]
- Resolves: RHEL-170284 - access log - suspicious wtime optime negative and large values in internal op [rhel-8.10.z]
- Resolves: RHEL-170507 - ns-slapd fails to shutdown when deferred memberof update is in progress [rhel-8.10.z]
- Resolves: RHEL-170509 - Crash in trim_changelog() during the Retro Changelog trimming [rhel-8.10.z]
- Resolves: RHEL-170514 - Possible memory leak when using the Retro Changelog plugin [rhel-8.10.z]
- Resolves: RHEL-170512 - Crash in replica_config_add when manually configuring a replica with an incorrect nsds5ReplicaRoot [rhel-8.10.z]
- Resolves: RHEL-174523 - [RFE] Add OS-level thread names to all server threads [rhel-8.10.z]
- Resolves: RHEL-170483 - test_vlv_recreation_reindex fails on LMDB [rhel-8.10.z]
- Resolves: RHEL-178076 - CVE-2026-9064 389-ds:1.4/389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS) [rhel-8.10.z]
[1.4.3.39-23]
- Resolves: RHEL-137074 - CVE-2025-14905 389-ds:1.4/389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow [rhel-8.10.z]
- Resolves: RHEL-152098 - Scalability issue of replication online initialization with large database [rhel-8.10.z]
[1.4.3.39-22]
- Resolves: RHEL-148485 - Upgrading IDM to latest version: 389-ds-base and ipa-server breaks replication [rhel-8.10.z]
[1.4.3.39-21]
- Resolves: RHEL-141419 - (&(cn:dn:=groups)) no longer returns results [rhel-8.10.z]
- Resolves: RHEL-140272 - ipa-healthcheck is complaining about missing or
incorrectly configured system indexes. [rhel-8.10.z]
[1.4.3.39-20]
- Resolves: RHEL-140086 - Upgrading IDM to latest version: 389-ds-base and ipa-server breaks replication [rhel-8.10.z]
[1.4.3.39-19]
- Resolves: RHEL-117759 - Replication online reinitialization of a large database gets stalled. [rhel-8.10.z]
[1.4.3.39-18]
- Reverts: RHEL-123241 - Attribute uniqueness is not enforced upon modrdn operation [rhel-8.10.z]
[1.4.3.39-17]
- Resolves: RHEL-80491 - Can't rename users member of automember rule [rhel-8.10.z]
- Resolves: RHEL-87191 - Some replication status data are reset upon a restart. [rhel-8.10.z]
- Resolves: RHEL-89785 - Extend log of operations statistics in access log
- Resolves: RHEL-111226 - Error showing local password policy on web UI [rhel-8.10.z]
- Resolves: RHEL-113976 - AddressSanitizer: memory leak in memberof_add_memberof_attr [rhel-8.10.z]
- Resolves: RHEL-117457 - subtree search statistics for index lookup does not report ancestorid/entryrdn lookups
- Resolves: RHEL-117752 - Crash if repl keep alive entry can not be created [rhel-8.10.z]
- Resolves: RHEL-117759 - Replication online reinitialization of a large database gets stalled. [rhel-8.10.z]
- Resolves: RHEL-117765 - Statistics about index lookup report a wrong duration [rhel-8.10.z]
- Resolves: RHEL-123228 - Improve the way to detect asynchronous operations in the access logs [rhel-8.10.z]
- Resolves: RHEL-123241 - Attribute uniqueness is not enforced upon modrdn operation [rhel-8.10.z]
- Resolves: RHEL-123254 - Typo in errors log after a Memberof fixup task. [rhel-8.10.z]
- Resolves: RHEL-123269 - LDAP high CPU usage while handling indexes with IDL scan limit at INT_MAX [rhel-8.10.z]
- Resolves: RHEL-123276 - The new ipahealthcheck test ipahealthcheck.ds.backends.BackendsCheck raises CRITICAL issue [rhel-8.10.z]
- Resolves: RHEL-123363 - When deferred memberof update is enabled after the server crashed it should not launch memberof fixup task by default [rhel-8.10.z]
- Resolves: RHEL-123365 - IPA health check up script shows time skew is over 24 hours [rhel-8.10.z]
- Resolves: RHEL-123920 - Changelog trimming - add number of scanned entries to the log [rhel-8.10.z]
- Resolves: RHEL-126512 - Created user password hash available to see in audit log [rhel-8.10.z]
- Resolves: RHEL-129578 - Fix paged result search locking [rhel-8.10.z]
- Resolves: RHEL-130900 - On RHDS 12.6 The user password policy for a user was created, but the pwdpolicysubentry attribute for this user incorrectly points to the People OU password policy instead of the specific user policy. [rhel-8.10.z]
[1.4.3.39-15]
- Resolves: RHEL-109028 - Allow Uniqueness plugin to search uniqueness attributes using custom matching rules [rhel-8.10.z]
[1.4.3.39-14]
- Reverts: RHEL-80704 - Increased memory consumption caused by NDN cache [rhel-8.10.z]
- Resolves: RHEL-95442 - ns-slapd[xxxx]: segfault at 10d7d0d0 ip 00007ff734050cdb sp 00007ff6de9f1430 error 6 in libslapd.so.0.1.0[7ff733ec0000+1b3000] [rhel-8.10.z]
Related CVEs
| CVE-2026-9064 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | 389-ds-base-1.4.3.39-24.module+el8.10.0+90914+745232ac.src.rpm | 14e8d8f3c509dee26886e26e470ed72a688d29217ac6f226f091b07e51dc55dc | - | ol8_aarch64_appstream |
| 389-ds-base-1.4.3.39-24.module+el8.10.0+90914+745232ac.aarch64.rpm | 8f9f58cb244ff221bf5337a62dc124289391592a149fe01427b3d983f864c4f1 | - | ol8_aarch64_appstream | |
| 389-ds-base-devel-1.4.3.39-24.module+el8.10.0+90914+745232ac.aarch64.rpm | 1eb96c3ffd354caff2c35f2bae9fe987043c8eb0639112a825eedc6f4418c10a | - | ol8_aarch64_appstream | |
| 389-ds-base-legacy-tools-1.4.3.39-24.module+el8.10.0+90914+745232ac.aarch64.rpm | 51f18508dd7cf3ca08b09c5fd56c0f82c24b001ba26d5f32f64360606043bf6f | - | ol8_aarch64_appstream | |
| 389-ds-base-libs-1.4.3.39-24.module+el8.10.0+90914+745232ac.aarch64.rpm | 3d8a3d6767462ac3f3e980a4674deb506704c48d04c856f57899a35d68ccf481 | - | ol8_aarch64_appstream | |
| 389-ds-base-snmp-1.4.3.39-24.module+el8.10.0+90914+745232ac.aarch64.rpm | db2382cb70dab30ba63cadfc0a439aa83074ebe5932243c1fff0f8798e31cd09 | - | ol8_aarch64_appstream | |
| python3-lib389-1.4.3.39-24.module+el8.10.0+90914+745232ac.noarch.rpm | 9de24bc6e3dd4e7258fe65469aee39ddb9a26fa1070f9e6b1c00f6112d38ecc4 | - | ol8_aarch64_appstream | |
| Oracle Linux 8 (x86_64) | 389-ds-base-1.4.3.39-24.module+el8.10.0+90914+745232ac.src.rpm | 14e8d8f3c509dee26886e26e470ed72a688d29217ac6f226f091b07e51dc55dc | - | ol8_x86_64_appstream |
| 389-ds-base-1.4.3.39-24.module+el8.10.0+90914+745232ac.x86_64.rpm | b2f71bc8eeb2f07a2f2ac058efc563e144ad96236fb8a310505864402e410cbf | - | ol8_x86_64_appstream | |
| 389-ds-base-devel-1.4.3.39-24.module+el8.10.0+90914+745232ac.x86_64.rpm | 9fb192c18767556984bbae9ce7692cd03808ccd3b37d1a6b9cc88af48cb02805 | - | ol8_x86_64_appstream | |
| 389-ds-base-legacy-tools-1.4.3.39-24.module+el8.10.0+90914+745232ac.x86_64.rpm | 47d0e2e0f9297908ba84061a46370deffedda88b6721dd4d016dd1d9108c4cc8 | - | ol8_x86_64_appstream | |
| 389-ds-base-libs-1.4.3.39-24.module+el8.10.0+90914+745232ac.x86_64.rpm | 4baaf73772b1c358cbfa4e63260beca02437d624837535be1392bc04dbbb3796 | - | ol8_x86_64_appstream | |
| 389-ds-base-snmp-1.4.3.39-24.module+el8.10.0+90914+745232ac.x86_64.rpm | aa38919e1f7de0cc81d7e31bfe9cbdcb8adf96b55ccaa516af035952786f9de7 | - | ol8_x86_64_appstream | |
| python3-lib389-1.4.3.39-24.module+el8.10.0+90914+745232ac.noarch.rpm | 9de24bc6e3dd4e7258fe65469aee39ddb9a26fa1070f9e6b1c00f6112d38ecc4 | - | ol8_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
