ELSA-2025-7395
- ULN >
- Oracle Linux Errata repository >
- ELSA-2025-7395
ELSA-2025-7395 - 389-ds-base security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2025-05-21 |
Description
[2.6.1-8]
- Resolves: RHEL-83876 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service [rhel-9.6]
[2.6.1-7]
- Bump version to 2.6.1-7
[2.6.1-6]
- Resolves: RHEL-86065 - Backport lib389 fixes required for WebUI [rhel-9.6.z]
- Resolves: RHEL-80713 - Increased memory consumption caused by NDN cache [rhel-9.6.z]
[2.6.1-5]
- Resolves: RHEL-82271 - ipa-restore is failing with 'Failed to start Directory Service'
[2.6.1-4]
- Resolves: RHEL-78722 - Failed to set sslversionmax to TLS1.3 in FIPS mode with dsconf security set --tls-protocol-max TLS1.3
[2.6.1-3]
- Resolves: RHEL-18333 Can't rename users member of automember rule
- Resolves: RHEL-61341 After an initial failure, subsequent online backups will not work.
- Resolves: RHEL-63887 nsslapd-mdb-max-dbs autotuning doesn't work properly
- Resolves: RHEL-63891 dbscan crashes when showing statistics for MDB
- Resolves: RHEL-63998 dsconf should check for number of available named databases
- Resolves: RHEL-78344 During import of entries without nsUniqueId, a supplier generates duplicate nsUniqueId (LMDB only) [rhel-9]
[2.6.1-2]
- Resolves: RHEL-76748: ns-slapd crashes with data directory >= 2 days old
[2.6.1-1]
- Update to 2.6.1
- Resolves: RHEL-5151 - [RFE] defer memberof nested updates
- Resolves: RHEL-54148 - leaked_storage: Variable 'childelems' going out of scope leaks the storage it points to.
- Resolves: RHEL-60135 - deadlock during cleanAllRuv
- Resolves: RHEL-61341 - After an initial failure, subsequent online backups will not work.
- Resolves: RHEL-61349 - Remove deprecated setting for HR time stamps in logs
- Resolves: RHEL-62875 - Passwords are not being updated to use the configured storage scheme ( nsslapd-enable-upgrade-hash is enabled ).
- Resolves: RHEL-64438 - VLV errors with RSNv3 and pruning enabled [rhel-9]
- Resolves: RHEL-64854 - cleanallruv consums CPU and is slow
- Resolves: RHEL-65506 - AddressSanitizer: double-free
- Resolves: RHEL-65512 - AddressSanitizer: heap-use-after-free in import_abort_all
- Resolves: RHEL-65561 - LeakSanitizer: detected memory leaks in dbmdb_public_db_op
- Resolves: RHEL-65662 - Replication issue between masters using cert based authentication
- Resolves: RHEL-65664 - LDAP unprotected search query during certificate based authentication
- Resolves: RHEL-65665 - Ambiguous warning about SELinux in dscreate for non-root user
- Resolves: RHEL-65741 - LeakSanitizer: memory leak in ldbm_entryrdn.c
- Resolves: RHEL-65776 - Wrong set of entries returned for some search filters [rhel-9]
- Resolves: RHEL-67004 - 'dsconf config replace' should handle multivalued attributes.
- Resolves: RHEL-67005 - Online backup hangs sporadically.
- Resolves: RHEL-67008 - Some replication status data are reset upon a restart.
- Resolves: RHEL-67020 - 389DirectoryServer Process Stops When Setting up Sorted VLV Index
- Resolves: RHEL-67024 - Some nsslapd-haproxy-trusted-ip values are discarded upon a restart.
- Resolves: RHEL-69806 - ipahealthcheck.ds.replication displays WARNING '1 conflict entries found under the replication suffix'
- Resolves: RHEL-69826 - 'Duplicated DN detected' errors when creating indexes or importing entries. [rhel-9]
- Resolves: RHEL-70127 - Crash in attrlist_find() when the Account Policy plugin is enabled. [rhel-9]
- Resolves: RHEL-70252 - Freelist ordering causes high wtime
- Resolves: RHEL-71218 - Sub suffix causes 'id2entry - Could not open id2entry err 0' error when the Directory Server starts [rhel-9]
- Resolves: RHEL-74153 - backup/restore broken [rhel-9]
- Resolves: RHEL-74158 - If an entry RDN is identical to the suffix, then Entryrdn gets broken during a reindex [rhel-9]
- Resolves: RHEL-74163 - Crash during bind when acct policy plugin does not have 'alwaysrecordlogin' set [rhel-9]
- Resolves: RHEL-74168 - On replica consumer, account policy plugin fails to manage the last login history [rhel-9]
- Resolves: RHEL-74174 - Replication broken after backup restore with freeipa configuration [rhel-9]
- Resolves: RHEL-74353 - nsslapd-haproxy-trusted-ip is not in schema [rhel-9]
- Resolves: RHEL-76019 - IPA LDAP error code T3 when no exceeded time limit from a paged search result [rhel-9]
[2.6.0-2]
- Fix License tag
[2.6.0-1]
- Update to 2.6.0
- Resolves: RHEL-67195 - Rebase 389-ds-base to 2.6.0
Related CVEs
| CVE-2025-2487 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | 389-ds-base-2.6.1-8.el9_6.src.rpm | 5a92f41df919ce02759310eb99aa09938db7cc2367450dbee4331962825dd5c0 | - | ol9_aarch64_appstream |
| 389-ds-base-2.6.1-8.el9_6.src.rpm | 5a92f41df919ce02759310eb99aa09938db7cc2367450dbee4331962825dd5c0 | - | ol9_aarch64_codeready_builder | |
| 389-ds-base-2.6.1-8.el9_6.aarch64.rpm | 6980f3524488bde4e05a023cb9c0fc6534282dd3d324381cf95b88354a0d449c | - | ol9_aarch64_appstream | |
| 389-ds-base-devel-2.6.1-8.el9_6.aarch64.rpm | fabd66be782e7ea4646b6a0d5012c22c3dba59d4a0a3631fb246b7928fa61667 | - | ol9_aarch64_codeready_builder | |
| 389-ds-base-libs-2.6.1-8.el9_6.aarch64.rpm | b0e75ec5ac6f11bf9537998584df70cfe4443c3dbe34bc28300d35efd20e6337 | - | ol9_aarch64_appstream | |
| 389-ds-base-snmp-2.6.1-8.el9_6.aarch64.rpm | cd0543c208720bbf72fe7ea209a2e788c204fc995e83ba388c7a52fb151e75fb | - | ol9_aarch64_appstream | |
| python3-lib389-2.6.1-8.el9_6.noarch.rpm | d37cf394c2bbe7462b49651a0cbe38945974121ee9bdf6725b0b464cd276f988 | - | ol9_aarch64_appstream | |
| Oracle Linux 9 (x86_64) | 389-ds-base-2.6.1-8.el9_6.src.rpm | 5a92f41df919ce02759310eb99aa09938db7cc2367450dbee4331962825dd5c0 | - | ol9_x86_64_appstream |
| 389-ds-base-2.6.1-8.el9_6.src.rpm | 5a92f41df919ce02759310eb99aa09938db7cc2367450dbee4331962825dd5c0 | - | ol9_x86_64_codeready_builder | |
| 389-ds-base-2.6.1-8.el9_6.x86_64.rpm | bfea5e051606b75baecf938a8905203fcc7e214fee930df7825da2982e1a6071 | - | ol9_x86_64_appstream | |
| 389-ds-base-devel-2.6.1-8.el9_6.x86_64.rpm | ba0346610e8d62dfe748219016e67a4c8a903f7c8d77902e047ed2d601a1baf1 | - | ol9_x86_64_codeready_builder | |
| 389-ds-base-libs-2.6.1-8.el9_6.x86_64.rpm | c1af93de5db08cfd11a2773527146d0a553a8d19fab3ef3902f728587ec1b3cc | - | ol9_x86_64_appstream | |
| 389-ds-base-snmp-2.6.1-8.el9_6.x86_64.rpm | d4c9458a01764d3dd6d70e66428f3f078ac965901634052601e951c9c507abcd | - | ol9_x86_64_appstream | |
| python3-lib389-2.6.1-8.el9_6.noarch.rpm | d37cf394c2bbe7462b49651a0cbe38945974121ee9bdf6725b0b464cd276f988 | - | ol9_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
