ELSA-2024-3837

ELSA-2024-3837 - 389-ds-base security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-06-12

Description

[2.4.5-8]
- Bump version to 2.4.5-8
- Fix License tag

[2.4.5-7]
- Bump version to 2.4.5-7
- Resolves: RHEL-34819 - redhat-ds:11/389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c
- Resolves: RHEL-34825 - redhat-ds:11/389-ds-base: potential denial of service via specially crafted kerberos AS-REQ requ

Related CVEs

CVE-2024-3657

CVE-2024-2199

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	389-ds-base-2.4.5-8.el9_4.src.rpm	13be68bd2429c3032c331a56d393a486	-	ol9_aarch64_appstream
	389-ds-base-2.4.5-8.el9_4.src.rpm	13be68bd2429c3032c331a56d393a486	-	ol9_aarch64_codeready_builder
	389-ds-base-2.4.5-8.el9_4.aarch64.rpm	e27773bde5889c154194d15a016a1a18	-	ol9_aarch64_appstream
	389-ds-base-devel-2.4.5-8.el9_4.aarch64.rpm	8a569c2df7df4e9e12076bc7981fd120	-	ol9_aarch64_codeready_builder
	389-ds-base-libs-2.4.5-8.el9_4.aarch64.rpm	241a6b4a6cbb8a61807070eff26bed0b	-	ol9_aarch64_appstream
	python3-lib389-2.4.5-8.el9_4.noarch.rpm	5ef69771d74d3a36e38e179c9085ed52	-	ol9_aarch64_appstream
Oracle Linux 9 (x86_64)	389-ds-base-2.4.5-8.el9_4.src.rpm	13be68bd2429c3032c331a56d393a486	-	ol9_x86_64_appstream
	389-ds-base-2.4.5-8.el9_4.src.rpm	13be68bd2429c3032c331a56d393a486	-	ol9_x86_64_codeready_builder
	389-ds-base-2.4.5-8.el9_4.x86_64.rpm	96fa37b513c478bacf121cd8266dd2eb	-	ol9_x86_64_appstream
	389-ds-base-devel-2.4.5-8.el9_4.x86_64.rpm	6fcaaa2d5770e9ff1dbdaf7e35ad58e6	-	ol9_x86_64_codeready_builder
	389-ds-base-libs-2.4.5-8.el9_4.x86_64.rpm	fbb2123fa2a831a2ffaeeb62136707f9	-	ol9_x86_64_appstream
	python3-lib389-2.4.5-8.el9_4.noarch.rpm	5ef69771d74d3a36e38e179c9085ed52	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team