Security Advisory Important: 389-ds-base security and bug fix update

Advisory: RHSA-2017:0920-1
Type: Security Advisory
Severity: Important
Issued on: 2017-04-12
Last updated on: 2017-04-12
Affected Products: Red Hat Enterprise Linux Desktop (v. 7)
Red Hat Enterprise Linux HPC Node (v. 7)
Red Hat Enterprise Linux Server (v. 7)
Red Hat Enterprise Linux Server TUS (v. 7.3)
Red Hat Enterprise Linux Workstation (v. 7)
CVEs (cve.mitre.org): CVE-2017-2668

Details

An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base
packages include the Lightweight Directory Access Protocol (LDAP) server and
command-line utilities for server administration.

Security Fix(es):

* An invalid pointer dereference flaw was found in the way 389-ds-base handled
LDAP bind requests. A remote unauthenticated attacker could use this flaw to
make ns-slapd crash via a specially crafted LDAP bind request, resulting in
denial of service. (CVE-2017-2668)

Red Hat would like to thank Joachim Jabs (F24) for reporting this issue.

Bug Fix(es):

* Previously, when adding a filtered role definition that uses the "nsrole"
virtual attribute in the filter, Directory Server terminated unexpectedly. A
patch has been applied, and now the roles plug-in ignores all virtual
attributes. As a result, an error message is logged when an invalid filter is
used. Additionally, the role is deactivated and Directory Server no longer
fails. (BZ#1429498)

* In a replication topology, Directory Server incorrectly calculated the size of
string format entries when a lot of entries were deleted. The calculated size of
entries was smaller than the actual required size. Consequently, Directory
Server allocated insufficient memory and terminated unexpectedly when the data
was written to it. With this update, the size of string format entries is now
calculated correctly in the described situation and Directory Server no longer
terminates unexpectedly. (BZ#1429495)


Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the 389 server service will be restarted
automatically.

Updated packages

Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
389-ds-base-1.3.5.10-20.el7_3.src.rpm
File outdated by:  RHBA-2017:1313
    MD5: 88855b19e50387e6e478ae17b2e6c1be
SHA-256: acbd3d94e53e8c98348baff7581bee6bd8d263907b6d07a87362297e471e314c
 
x86_64:
389-ds-base-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 655351c8f380026da45957a135122e10
SHA-256: bb49b12f7a634d1f271d603ba9dd01c1e05d4581f639a03cf7edba1232326905
389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: cdd12283588dcfce3c216df7d95534c2
SHA-256: 90bd6cc314fdc40002fcdc5129776599d72bb008d0b6abe677d9291c3688d168
389-ds-base-devel-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d76e77a23f69214970f7fe27c33978b5
SHA-256: 98ffc3ef93fd7ecb3c9c962461491c0de9a2473ccea93e81fd8b7c353dc2e81e
389-ds-base-libs-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 2af2b4995ea6c34f88eeb6437544147a
SHA-256: e32efc7f87836d39012bca80d9d39f5906424d6b3316eb18f527dac8407d98e4
389-ds-base-snmp-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d11e4a084c4f40f6fe61df9f6468f480
SHA-256: a0106d7df84264e9dbdfbb9b62cecf31f3830ce11c2d3a80019a373e0a99d83f
 
Red Hat Enterprise Linux HPC Node (v. 7)

SRPMS:
389-ds-base-1.3.5.10-20.el7_3.src.rpm
File outdated by:  RHBA-2017:1313
    MD5: 88855b19e50387e6e478ae17b2e6c1be
SHA-256: acbd3d94e53e8c98348baff7581bee6bd8d263907b6d07a87362297e471e314c
 
x86_64:
389-ds-base-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 655351c8f380026da45957a135122e10
SHA-256: bb49b12f7a634d1f271d603ba9dd01c1e05d4581f639a03cf7edba1232326905
389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: cdd12283588dcfce3c216df7d95534c2
SHA-256: 90bd6cc314fdc40002fcdc5129776599d72bb008d0b6abe677d9291c3688d168
389-ds-base-devel-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d76e77a23f69214970f7fe27c33978b5
SHA-256: 98ffc3ef93fd7ecb3c9c962461491c0de9a2473ccea93e81fd8b7c353dc2e81e
389-ds-base-libs-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 2af2b4995ea6c34f88eeb6437544147a
SHA-256: e32efc7f87836d39012bca80d9d39f5906424d6b3316eb18f527dac8407d98e4
389-ds-base-snmp-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d11e4a084c4f40f6fe61df9f6468f480
SHA-256: a0106d7df84264e9dbdfbb9b62cecf31f3830ce11c2d3a80019a373e0a99d83f
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
389-ds-base-1.3.5.10-20.el7_3.src.rpm
File outdated by:  RHBA-2017:1313
    MD5: 88855b19e50387e6e478ae17b2e6c1be
SHA-256: acbd3d94e53e8c98348baff7581bee6bd8d263907b6d07a87362297e471e314c
 
PPC64LE:
389-ds-base-1.3.5.10-20.el7_3.ppc64le.rpm
File outdated by:  RHBA-2017:1313
    MD5: 116beaeea24f2f6d513aa597a46eaff0
SHA-256: 9d25dcd02b7958555d0b7c32af3ab847d8aef8e43eaed8a85df68645c321c821
389-ds-base-debuginfo-1.3.5.10-20.el7_3.ppc64le.rpm
File outdated by:  RHBA-2017:1313
    MD5: 1be7dff9905727da20a415a9686dbe3d
SHA-256: 4aa84bb057ec3b9cd9c436e36adb553ae9b7c2ecbe2d86476a547aae3bc1becb
389-ds-base-devel-1.3.5.10-20.el7_3.ppc64le.rpm
File outdated by:  RHBA-2017:1313
    MD5: cc0f2a7cc16c7500e978a93d903cb43e
SHA-256: 15e0b0d1fdd26b03053cdd1bb1b7643c842936cf1c11b14691c290c0a84f6b4c
389-ds-base-libs-1.3.5.10-20.el7_3.ppc64le.rpm
File outdated by:  RHBA-2017:1313
    MD5: 700877ac4131c55c31f3c9d5a0e92a0f
SHA-256: c927ec030727e269929dec19d4031e24dd42965a128e0e7e0c380cb2b5482955
389-ds-base-snmp-1.3.5.10-20.el7_3.ppc64le.rpm
File outdated by:  RHBA-2017:1313
    MD5: ee6457d81e143398922e120bd0554f0f
SHA-256: f98a70c44552838966b3f995aba78ca02d74481420c75ddefd781a9fd7e41277
 
x86_64:
389-ds-base-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 655351c8f380026da45957a135122e10
SHA-256: bb49b12f7a634d1f271d603ba9dd01c1e05d4581f639a03cf7edba1232326905
389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: cdd12283588dcfce3c216df7d95534c2
SHA-256: 90bd6cc314fdc40002fcdc5129776599d72bb008d0b6abe677d9291c3688d168
389-ds-base-devel-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d76e77a23f69214970f7fe27c33978b5
SHA-256: 98ffc3ef93fd7ecb3c9c962461491c0de9a2473ccea93e81fd8b7c353dc2e81e
389-ds-base-libs-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 2af2b4995ea6c34f88eeb6437544147a
SHA-256: e32efc7f87836d39012bca80d9d39f5906424d6b3316eb18f527dac8407d98e4
389-ds-base-snmp-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d11e4a084c4f40f6fe61df9f6468f480
SHA-256: a0106d7df84264e9dbdfbb9b62cecf31f3830ce11c2d3a80019a373e0a99d83f
 
Red Hat Enterprise Linux Server TUS (v. 7.3)

SRPMS:
389-ds-base-1.3.5.10-20.el7_3.src.rpm
File outdated by:  RHBA-2017:1313
    MD5: 88855b19e50387e6e478ae17b2e6c1be
SHA-256: acbd3d94e53e8c98348baff7581bee6bd8d263907b6d07a87362297e471e314c
 
x86_64:
389-ds-base-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 655351c8f380026da45957a135122e10
SHA-256: bb49b12f7a634d1f271d603ba9dd01c1e05d4581f639a03cf7edba1232326905
389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: cdd12283588dcfce3c216df7d95534c2
SHA-256: 90bd6cc314fdc40002fcdc5129776599d72bb008d0b6abe677d9291c3688d168
389-ds-base-devel-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d76e77a23f69214970f7fe27c33978b5
SHA-256: 98ffc3ef93fd7ecb3c9c962461491c0de9a2473ccea93e81fd8b7c353dc2e81e
389-ds-base-libs-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 2af2b4995ea6c34f88eeb6437544147a
SHA-256: e32efc7f87836d39012bca80d9d39f5906424d6b3316eb18f527dac8407d98e4
389-ds-base-snmp-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d11e4a084c4f40f6fe61df9f6468f480
SHA-256: a0106d7df84264e9dbdfbb9b62cecf31f3830ce11c2d3a80019a373e0a99d83f
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
389-ds-base-1.3.5.10-20.el7_3.src.rpm
File outdated by:  RHBA-2017:1313
    MD5: 88855b19e50387e6e478ae17b2e6c1be
SHA-256: acbd3d94e53e8c98348baff7581bee6bd8d263907b6d07a87362297e471e314c
 
x86_64:
389-ds-base-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 655351c8f380026da45957a135122e10
SHA-256: bb49b12f7a634d1f271d603ba9dd01c1e05d4581f639a03cf7edba1232326905
389-ds-base-debuginfo-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: cdd12283588dcfce3c216df7d95534c2
SHA-256: 90bd6cc314fdc40002fcdc5129776599d72bb008d0b6abe677d9291c3688d168
389-ds-base-devel-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d76e77a23f69214970f7fe27c33978b5
SHA-256: 98ffc3ef93fd7ecb3c9c962461491c0de9a2473ccea93e81fd8b7c353dc2e81e
389-ds-base-libs-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: 2af2b4995ea6c34f88eeb6437544147a
SHA-256: e32efc7f87836d39012bca80d9d39f5906424d6b3316eb18f527dac8407d98e4
389-ds-base-snmp-1.3.5.10-20.el7_3.x86_64.rpm
File outdated by:  RHBA-2017:1313
    MD5: d11e4a084c4f40f6fe61df9f6468f480
SHA-256: a0106d7df84264e9dbdfbb9b62cecf31f3830ce11c2d3a80019a373e0a99d83f
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1429495 - ns-slapd dies under heavy load
1429498 - A filtered nsrole that specifies an empty nsrole in its nsRoleFilter will result in a segfault.
1436575 - CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/