Oval Definition:oval:com.redhat.rhsa:def:20141031
Revision Date:2014-08-07Version:637
Title:RHSA-2014:1031: 389-ds-base security update (Important)
Description:The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

  • It was found that when replication was enabled for each attribute in 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose potentially sensitive information. (CVE-2014-3562)

    This issue was discovered by Ludwig Krispenz of Red Hat.

    All 389-ds-base users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the 389 server service will be restarted automatically.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2014-3562
    CVE-2014-3562
    RHSA-2014:1031
    RHSA-2014:1031-00
    RHSA-2014:1031-01
    Platform(s):Red Hat Enterprise Linux 6
    Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • 389-ds-base is earlier than 0:1.2.11.15-34.el6_5
  • AND 389-ds-base is signed with Red Hat redhatrelease2 key
  • 389-ds-base-devel is earlier than 0:1.2.11.15-34.el6_5
  • AND 389-ds-base-devel is signed with Red Hat redhatrelease2 key
  • 389-ds-base-libs is earlier than 0:1.2.11.15-34.el6_5
  • AND 389-ds-base-libs is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • 389-ds-base is earlier than 0:1.3.1.6-26.el7_0
  • AND 389-ds-base is signed with Red Hat redhatrelease2 key
  • 389-ds-base-devel is earlier than 0:1.3.1.6-26.el7_0
  • AND 389-ds-base-devel is signed with Red Hat redhatrelease2 key
  • 389-ds-base-libs is earlier than 0:1.3.1.6-26.el7_0
  • AND 389-ds-base-libs is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 6 Client is installed
  • OR Red Hat Enterprise Linux 6 Server is installed
  • OR Red Hat Enterprise Linux 6 Workstation is installed
  • OR Red Hat Enterprise Linux 6 ComputeNode is installed
  • AND
  • 389-ds-base is earlier than 0:1.2.11.15-34.el6_5
  • AND 389-ds-base is signed with Red Hat redhatrelease2 key
  • 389-ds-base-devel is earlier than 0:1.2.11.15-34.el6_5
  • AND 389-ds-base-devel is signed with Red Hat redhatrelease2 key
  • 389-ds-base-libs is earlier than 0:1.2.11.15-34.el6_5
  • AND 389-ds-base-libs is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 Client is installed
  • OR Red Hat Enterprise Linux 7 Server is installed
  • OR Red Hat Enterprise Linux 7 Workstation is installed
  • OR Red Hat Enterprise Linux 7 ComputeNode is installed
  • AND
  • 389-ds-base is earlier than 0:1.3.1.6-26.el7_0
  • AND 389-ds-base is signed with Red Hat redhatrelease2 key
  • 389-ds-base-devel is earlier than 0:1.3.1.6-26.el7_0
  • AND 389-ds-base-devel is signed with Red Hat redhatrelease2 key
  • 389-ds-base-libs is earlier than 0:1.3.1.6-26.el7_0
  • AND 389-ds-base-libs is signed with Red Hat redhatrelease2 key
    • BACK