Skip to navigation

Security Advisory Important: 389-ds-base security update

Advisory: RHSA-2013:1182-1
Type: Security Advisory
Severity: Important
Issued on: 2013-08-28
Last updated on: 2013-08-28
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.4)
Red Hat Enterprise Linux Server EUS (v. 6.4.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-4283

Details

Updated 389-ds-base packages that fix one security issue are now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The 389 Directory Server is an LDAPv3 compliant server. The base packages
include the Lightweight Directory Access Protocol (LDAP) server and
command-line utilities for server administration.

It was discovered that the 389 Directory Server did not properly handle the
receipt of certain MOD operations with a bogus Distinguished Name (DN). A
remote, unauthenticated attacker could use this flaw to cause the 389
Directory Server to crash. (CVE-2013-4283)

All 389-ds-base users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. After installing
this update, the 389 server service will be restarted automatically.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
389-ds-base-1.2.11.15-22.el6_4.src.rpm
File outdated by:  RHSA-2014:0292
    MD5: a04f8758042144eb562a59a8f57971da
SHA-256: b14004a26931d6b56a03d12f7103842c188a62cafb5296940bc4de9a88f5f35f
 
IA-32:
389-ds-base-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: f41b6a1cec3820f2722b5d5856f91407
SHA-256: 864bbcebfe74dd9170255a87b6175ee6789e315e5f8571bb912282b0dbd657a3
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
 
x86_64:
389-ds-base-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: 905962143145b3b963dc432fbd8093f9
SHA-256: f3e9643ed5582b140996031d3f35ee0fb1aad0ad325988911f84b5d15e05a801
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-debuginfo-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: e3995c68348bb09e92e126011e79216a
SHA-256: faa2414b54344e9a11f79e9b79d44c8af6ccdc86375a70b8cf56147e751138bd
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-devel-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: 7d8da8e8b3d78aab3ea0914e693e5d11
SHA-256: fdd0bda8ded521557821e5fcdcf516e88ef40a02ea62413a65b847df6287ca8d
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
389-ds-base-libs-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: f35752a80e15344bd216dd49c52fc85e
SHA-256: 19f6045734d64e4aed4369900b28c41907942041a4006080937094a97ef24b3c
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
389-ds-base-1.2.11.15-22.el6_4.src.rpm
File outdated by:  RHSA-2014:0292
    MD5: a04f8758042144eb562a59a8f57971da
SHA-256: b14004a26931d6b56a03d12f7103842c188a62cafb5296940bc4de9a88f5f35f
 
x86_64:
389-ds-base-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: 905962143145b3b963dc432fbd8093f9
SHA-256: f3e9643ed5582b140996031d3f35ee0fb1aad0ad325988911f84b5d15e05a801
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-debuginfo-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: e3995c68348bb09e92e126011e79216a
SHA-256: faa2414b54344e9a11f79e9b79d44c8af6ccdc86375a70b8cf56147e751138bd
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-devel-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: 7d8da8e8b3d78aab3ea0914e693e5d11
SHA-256: fdd0bda8ded521557821e5fcdcf516e88ef40a02ea62413a65b847df6287ca8d
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
389-ds-base-libs-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: f35752a80e15344bd216dd49c52fc85e
SHA-256: 19f6045734d64e4aed4369900b28c41907942041a4006080937094a97ef24b3c
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
389-ds-base-1.2.11.15-22.el6_4.src.rpm
File outdated by:  RHSA-2014:0292
    MD5: a04f8758042144eb562a59a8f57971da
SHA-256: b14004a26931d6b56a03d12f7103842c188a62cafb5296940bc4de9a88f5f35f
 
IA-32:
389-ds-base-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: f41b6a1cec3820f2722b5d5856f91407
SHA-256: 864bbcebfe74dd9170255a87b6175ee6789e315e5f8571bb912282b0dbd657a3
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
 
x86_64:
389-ds-base-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: 905962143145b3b963dc432fbd8093f9
SHA-256: f3e9643ed5582b140996031d3f35ee0fb1aad0ad325988911f84b5d15e05a801
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-debuginfo-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: e3995c68348bb09e92e126011e79216a
SHA-256: faa2414b54344e9a11f79e9b79d44c8af6ccdc86375a70b8cf56147e751138bd
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-devel-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: 7d8da8e8b3d78aab3ea0914e693e5d11
SHA-256: fdd0bda8ded521557821e5fcdcf516e88ef40a02ea62413a65b847df6287ca8d
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
389-ds-base-libs-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: f35752a80e15344bd216dd49c52fc85e
SHA-256: 19f6045734d64e4aed4369900b28c41907942041a4006080937094a97ef24b3c
 
Red Hat Enterprise Linux Server AUS (v. 6.4)

SRPMS:
389-ds-base-1.2.11.15-22.el6_4.src.rpm
File outdated by:  RHSA-2014:0292
    MD5: a04f8758042144eb562a59a8f57971da
SHA-256: b14004a26931d6b56a03d12f7103842c188a62cafb5296940bc4de9a88f5f35f
 
x86_64:
389-ds-base-1.2.11.15-22.el6_4.x86_64.rpm     MD5: 905962143145b3b963dc432fbd8093f9
SHA-256: f3e9643ed5582b140996031d3f35ee0fb1aad0ad325988911f84b5d15e05a801
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm     MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-debuginfo-1.2.11.15-22.el6_4.x86_64.rpm     MD5: e3995c68348bb09e92e126011e79216a
SHA-256: faa2414b54344e9a11f79e9b79d44c8af6ccdc86375a70b8cf56147e751138bd
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm     MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-devel-1.2.11.15-22.el6_4.x86_64.rpm     MD5: 7d8da8e8b3d78aab3ea0914e693e5d11
SHA-256: fdd0bda8ded521557821e5fcdcf516e88ef40a02ea62413a65b847df6287ca8d
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm     MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
389-ds-base-libs-1.2.11.15-22.el6_4.x86_64.rpm     MD5: f35752a80e15344bd216dd49c52fc85e
SHA-256: 19f6045734d64e4aed4369900b28c41907942041a4006080937094a97ef24b3c
 
Red Hat Enterprise Linux Server EUS (v. 6.4.z)

SRPMS:
389-ds-base-1.2.11.15-22.el6_4.src.rpm
File outdated by:  RHSA-2014:0292
    MD5: a04f8758042144eb562a59a8f57971da
SHA-256: b14004a26931d6b56a03d12f7103842c188a62cafb5296940bc4de9a88f5f35f
 
IA-32:
389-ds-base-1.2.11.15-22.el6_4.i686.rpm     MD5: f41b6a1cec3820f2722b5d5856f91407
SHA-256: 864bbcebfe74dd9170255a87b6175ee6789e315e5f8571bb912282b0dbd657a3
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm     MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm     MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm     MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
 
x86_64:
389-ds-base-1.2.11.15-22.el6_4.x86_64.rpm     MD5: 905962143145b3b963dc432fbd8093f9
SHA-256: f3e9643ed5582b140996031d3f35ee0fb1aad0ad325988911f84b5d15e05a801
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm     MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-debuginfo-1.2.11.15-22.el6_4.x86_64.rpm     MD5: e3995c68348bb09e92e126011e79216a
SHA-256: faa2414b54344e9a11f79e9b79d44c8af6ccdc86375a70b8cf56147e751138bd
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm     MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-devel-1.2.11.15-22.el6_4.x86_64.rpm     MD5: 7d8da8e8b3d78aab3ea0914e693e5d11
SHA-256: fdd0bda8ded521557821e5fcdcf516e88ef40a02ea62413a65b847df6287ca8d
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm     MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
389-ds-base-libs-1.2.11.15-22.el6_4.x86_64.rpm     MD5: f35752a80e15344bd216dd49c52fc85e
SHA-256: 19f6045734d64e4aed4369900b28c41907942041a4006080937094a97ef24b3c
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
389-ds-base-1.2.11.15-22.el6_4.src.rpm
File outdated by:  RHSA-2014:0292
    MD5: a04f8758042144eb562a59a8f57971da
SHA-256: b14004a26931d6b56a03d12f7103842c188a62cafb5296940bc4de9a88f5f35f
 
IA-32:
389-ds-base-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: f41b6a1cec3820f2722b5d5856f91407
SHA-256: 864bbcebfe74dd9170255a87b6175ee6789e315e5f8571bb912282b0dbd657a3
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
 
x86_64:
389-ds-base-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: 905962143145b3b963dc432fbd8093f9
SHA-256: f3e9643ed5582b140996031d3f35ee0fb1aad0ad325988911f84b5d15e05a801
389-ds-base-debuginfo-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: d10cfa1315218b9768920560e44e6dad
SHA-256: 3a039996ca11504cdd35750a47698e1d158236ecbb99a1a210f14cd8c5793dc1
389-ds-base-debuginfo-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: e3995c68348bb09e92e126011e79216a
SHA-256: faa2414b54344e9a11f79e9b79d44c8af6ccdc86375a70b8cf56147e751138bd
389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: a7d0fac9f12ce9a330045668fde6edb9
SHA-256: c365608e0961b80a84c8c68ace53daecd25d64c0197f4a28c5dc9099da906b6f
389-ds-base-devel-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: 7d8da8e8b3d78aab3ea0914e693e5d11
SHA-256: fdd0bda8ded521557821e5fcdcf516e88ef40a02ea62413a65b847df6287ca8d
389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm
File outdated by:  RHSA-2014:0292
    MD5: 22b2c1f0855434f1707287df62af38f4
SHA-256: 1e4f5c5dcebaffa8faa5ef4559d467ace2b712ca06ccf7fd5d8bc708c6f87f35
389-ds-base-libs-1.2.11.15-22.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0292
    MD5: f35752a80e15344bd216dd49c52fc85e
SHA-256: 19f6045734d64e4aed4369900b28c41907942041a4006080937094a97ef24b3c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

999634 - CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/