Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
patchinfo.11727
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.11727
<patchinfo incident="11727"> <issue tracker="bnc" id="1099465">VUL-0: CVE-2018-10871: 389-ds: replication and the Retro Changelog plugin store plaintext password by default</issue> <issue tracker="bnc" id="991201">VUL-0: CVE-2016-5416: 389-ds: ACI readable by anonymous user</issue> <issue tracker="bnc" id="1120189">389-ds build fail in the post-check due to modified permissions</issue> <issue tracker="bnc" id="1132385">VUL-0: CVE-2019-3883: 389-ds: DOS via hanging SSL/TLS connections</issue> <issue tracker="bnc" id="1092187">VUL-0: CVE-2018-1089: 389-ds: buffer overflow query filter issue with escape sequences</issue> <issue tracker="bnc" id="1108674">VUL-0: CVE-2018-14638: 389-ds: Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly</issue> <issue tracker="bnc" id="1083689">VUL-0: CVE-2018-1054: 389-ds: Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c</issue> <issue tracker="bnc" id="1144797">389-ds maintenace update: cannot install due to file conflict (S:M:11727:198362)</issue> <issue tracker="bnc" id="1105606">VUL-0: CVE-2018-10935: 389-ds: ldapsearch with server side sort allows users to cause a crash</issue> <issue tracker="bnc" id="1109609">VUL-0: CVE-2018-14648: 389-ds: Mishandled search requests in servers/slapd/search.c:do_search() allows for denial of service</issue> <issue tracker="cve" id="2018-10935"/> <issue tracker="cve" id="2018-10871"/> <issue tracker="cve" id="2019-3883"/> <issue tracker="cve" id="2016-5416"/> <issue tracker="cve" id="2018-14638"/> <issue tracker="cve" id="2018-1054"/> <issue tracker="cve" id="2018-14648"/> <issue tracker="cve" id="2018-1089"/> <packager>firstyear</packager> <rating>important</rating> <category>security</category> <summary>Security update for 389-ds</summary> <description>This update for 389-ds to version 1.4.0.26 fixes the following issues: Security issues fixed: - CVE-2016-5416: Fixed an information disclosure where a anonymous user could read the default ACI (bsc#991201). - CVE-2018-1054: Fixed a denial of service via search filters in SetUnicodeStringFromUTF_8() (bsc#1083689). - CVE-2018-1089: Fixed a buffer overflow via large filter value (bsc#1092187). - CVE-2018-10871: Fixed an information disclosure in certain plugins leading to the disclosure of plaintext password to an privileged attackers (bsc#1099465). - CVE-2018-14638: Fixed a denial of service through a crash in delete_passwdPolicy () (bsc#1108674). - CVE-2018-14648: Fixed a denial of service caused by malformed values in search queries (bsc#1109609). - CVE-2018-10935: Fixed a denial of service related to ldapsearch with server side sort (bsc#1105606). - CVE-2019-3883: Fixed a denial of service caused by hanging LDAP requests over TLS (bsc#1132385). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor