Security Advisory Important: 389-ds-base security update

Advisory: RHSA-2013:1752-2
Type: Security Advisory
Severity: Important
Issued on: 2013-11-21
Last updated on: 2013-11-21
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.5)
Red Hat Enterprise Linux Server EUS (v. 6.5.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-4485

Details

Updated 389-ds-base packages that fix one security issue are now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The 389 Directory Server is an LDAPv3 compliant server. The base packages
include the Lightweight Directory Access Protocol (LDAP) server and
command-line utilities for server administration.

It was discovered that the 389 Directory Server did not properly handle
certain Get Effective Rights (GER) search queries when the attribute list,
which is a part of the query, included several names using the '@'
character. An attacker able to submit search queries to the 389 Directory
Server could cause it to crash. (CVE-2013-4485)

All 389-ds-base users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. After installing
this update, the 389 server service will be restarted automatically.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
389-ds-base-1.2.11.15-30.el6_5.src.rpm
File outdated by:  RHBA-2015:1326
    MD5: 39cebf654240b0e02b51313cc9f07ed3
SHA-256: 91cb269ab81c52618e1424a3e8f4199638e3fde73de634d18c5b2bf096cac947
 
IA-32:
389-ds-base-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 25e71b4eb78f7583df63b64c709689a7
SHA-256: faa506ac4f3c643d61cb67341492451a9c2bbb4929486aa6082977693e2e8de3
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
 
x86_64:
389-ds-base-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: 507ea0d56872daa8f65bb92e509c4ee1
SHA-256: 62db1c8348570d5ee17a4fb76ab02378b10fbaf141c355ff4526d2522a34f6bc
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-debuginfo-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: e7137221c7e55da74c5be3335e30ea34
SHA-256: 7ec2671fed55611f3b69a2c94bc23bfa11ad7afa093787134244372c90e69146
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-devel-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: 0f3dcfac2613fa4fb07d597f6005e672
SHA-256: ab6b9c14be9c708381d85f91835f49e6f68e1b4ef098e371e044f653e92519f1
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
389-ds-base-libs-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: baad2e4f65894b4ff381043982091372
SHA-256: c41af79db927a098890c23ef0a594dcaeb5261bb04c957b37e49d14db4972136
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
389-ds-base-1.2.11.15-30.el6_5.src.rpm
File outdated by:  RHBA-2015:1326
    MD5: 39cebf654240b0e02b51313cc9f07ed3
SHA-256: 91cb269ab81c52618e1424a3e8f4199638e3fde73de634d18c5b2bf096cac947
 
x86_64:
389-ds-base-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: 507ea0d56872daa8f65bb92e509c4ee1
SHA-256: 62db1c8348570d5ee17a4fb76ab02378b10fbaf141c355ff4526d2522a34f6bc
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-debuginfo-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: e7137221c7e55da74c5be3335e30ea34
SHA-256: 7ec2671fed55611f3b69a2c94bc23bfa11ad7afa093787134244372c90e69146
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-devel-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: 0f3dcfac2613fa4fb07d597f6005e672
SHA-256: ab6b9c14be9c708381d85f91835f49e6f68e1b4ef098e371e044f653e92519f1
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
389-ds-base-libs-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: baad2e4f65894b4ff381043982091372
SHA-256: c41af79db927a098890c23ef0a594dcaeb5261bb04c957b37e49d14db4972136
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
389-ds-base-1.2.11.15-30.el6_5.src.rpm
File outdated by:  RHBA-2015:1326
    MD5: 39cebf654240b0e02b51313cc9f07ed3
SHA-256: 91cb269ab81c52618e1424a3e8f4199638e3fde73de634d18c5b2bf096cac947
 
IA-32:
389-ds-base-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 25e71b4eb78f7583df63b64c709689a7
SHA-256: faa506ac4f3c643d61cb67341492451a9c2bbb4929486aa6082977693e2e8de3
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
 
x86_64:
389-ds-base-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: 507ea0d56872daa8f65bb92e509c4ee1
SHA-256: 62db1c8348570d5ee17a4fb76ab02378b10fbaf141c355ff4526d2522a34f6bc
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-debuginfo-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: e7137221c7e55da74c5be3335e30ea34
SHA-256: 7ec2671fed55611f3b69a2c94bc23bfa11ad7afa093787134244372c90e69146
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-devel-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: 0f3dcfac2613fa4fb07d597f6005e672
SHA-256: ab6b9c14be9c708381d85f91835f49e6f68e1b4ef098e371e044f653e92519f1
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
389-ds-base-libs-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: baad2e4f65894b4ff381043982091372
SHA-256: c41af79db927a098890c23ef0a594dcaeb5261bb04c957b37e49d14db4972136
 
Red Hat Enterprise Linux Server AUS (v. 6.5)

SRPMS:
389-ds-base-1.2.11.15-30.el6_5.src.rpm
File outdated by:  RHBA-2015:1326
    MD5: 39cebf654240b0e02b51313cc9f07ed3
SHA-256: 91cb269ab81c52618e1424a3e8f4199638e3fde73de634d18c5b2bf096cac947
 
x86_64:
389-ds-base-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1031
    MD5: 507ea0d56872daa8f65bb92e509c4ee1
SHA-256: 62db1c8348570d5ee17a4fb76ab02378b10fbaf141c355ff4526d2522a34f6bc
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-debuginfo-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1031
    MD5: e7137221c7e55da74c5be3335e30ea34
SHA-256: 7ec2671fed55611f3b69a2c94bc23bfa11ad7afa093787134244372c90e69146
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-devel-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1031
    MD5: 0f3dcfac2613fa4fb07d597f6005e672
SHA-256: ab6b9c14be9c708381d85f91835f49e6f68e1b4ef098e371e044f653e92519f1
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
389-ds-base-libs-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1031
    MD5: baad2e4f65894b4ff381043982091372
SHA-256: c41af79db927a098890c23ef0a594dcaeb5261bb04c957b37e49d14db4972136
 
Red Hat Enterprise Linux Server EUS (v. 6.5.z)

SRPMS:
389-ds-base-1.2.11.15-30.el6_5.src.rpm
File outdated by:  RHBA-2015:1326
    MD5: 39cebf654240b0e02b51313cc9f07ed3
SHA-256: 91cb269ab81c52618e1424a3e8f4199638e3fde73de634d18c5b2bf096cac947
 
IA-32:
389-ds-base-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: 25e71b4eb78f7583df63b64c709689a7
SHA-256: faa506ac4f3c643d61cb67341492451a9c2bbb4929486aa6082977693e2e8de3
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
 
x86_64:
389-ds-base-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1031
    MD5: 507ea0d56872daa8f65bb92e509c4ee1
SHA-256: 62db1c8348570d5ee17a4fb76ab02378b10fbaf141c355ff4526d2522a34f6bc
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-debuginfo-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1031
    MD5: e7137221c7e55da74c5be3335e30ea34
SHA-256: 7ec2671fed55611f3b69a2c94bc23bfa11ad7afa093787134244372c90e69146
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-devel-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1031
    MD5: 0f3dcfac2613fa4fb07d597f6005e672
SHA-256: ab6b9c14be9c708381d85f91835f49e6f68e1b4ef098e371e044f653e92519f1
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHSA-2014:1031
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
389-ds-base-libs-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1031
    MD5: baad2e4f65894b4ff381043982091372
SHA-256: c41af79db927a098890c23ef0a594dcaeb5261bb04c957b37e49d14db4972136
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
389-ds-base-1.2.11.15-30.el6_5.src.rpm
File outdated by:  RHBA-2015:1326
    MD5: 39cebf654240b0e02b51313cc9f07ed3
SHA-256: 91cb269ab81c52618e1424a3e8f4199638e3fde73de634d18c5b2bf096cac947
 
IA-32:
389-ds-base-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 25e71b4eb78f7583df63b64c709689a7
SHA-256: faa506ac4f3c643d61cb67341492451a9c2bbb4929486aa6082977693e2e8de3
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
 
x86_64:
389-ds-base-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: 507ea0d56872daa8f65bb92e509c4ee1
SHA-256: 62db1c8348570d5ee17a4fb76ab02378b10fbaf141c355ff4526d2522a34f6bc
389-ds-base-debuginfo-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: fb11b53be8a6e04209d05dd47a29cf13
SHA-256: d775a094bd346b883070554fed009d5355c44f97454fe19b7fbc1f5edff3c8df
389-ds-base-debuginfo-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: e7137221c7e55da74c5be3335e30ea34
SHA-256: 7ec2671fed55611f3b69a2c94bc23bfa11ad7afa093787134244372c90e69146
389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 14e72d897c559e62905ebfe38460f9d8
SHA-256: ccf937e19d218564108d7ee447014c93e1db417715a451bc1173b9a674b5cd52
389-ds-base-devel-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: 0f3dcfac2613fa4fb07d597f6005e672
SHA-256: ab6b9c14be9c708381d85f91835f49e6f68e1b4ef098e371e044f653e92519f1
389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpm
File outdated by:  RHBA-2015:1326
    MD5: 68bd072472f2e3f238b85585ef750e4d
SHA-256: 7095c9bf40f03c075e060d63dff2399c35bd6bcea92ee9148d994b386c7b512b
389-ds-base-libs-1.2.11.15-30.el6_5.x86_64.rpm
File outdated by:  RHBA-2015:1326
    MD5: baad2e4f65894b4ff381043982091372
SHA-256: c41af79db927a098890c23ef0a594dcaeb5261bb04c957b37e49d14db4972136
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1024552 - CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/