Information on source package 389-ds-base

Available versions

ReleaseVersion
jessie1.3.3.5-4
jessie (security)1.3.3.5-4+deb8u5
stretch1.3.5.17-2
buster1.4.0.21-1
sid1.4.0.22-1

Open issues

BugjessiestretchbustersidDescription
CVE-2019-3883undeterminedundeterminedundeterminedundeterminedIn 389-ds-base up to version 1.4.1.2, requests are handled by workers ...
CVE-2018-14648fixedvulnerablefixedfixedA flaw was found in 389 Directory Server. A specially crafted search q ...
CVE-2018-14638fixedvulnerablefixedfixedA flaw was found in 389-ds-base before version 1.3.8.4-13. The process ...
CVE-2018-14624fixedvulnerablefixedfixedA vulnerability was discovered in 389-ds-base through versions 1.3.7.1 ...
CVE-2018-10935fixedvulnerablefixedfixedA flaw was found in the 389 Directory Server that allows users to caus ...
CVE-2018-1089fixedvulnerablefixedfixed389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properl ...
CVE-2018-10871fixedvulnerablefixedfixed389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Clear ...
CVE-2018-10850fixedvulnerablefixedfixed389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race ...
CVE-2018-1054fixedvulnerablefixedfixedAn out-of-bounds memory read flaw was found in the way 389-ds-base han ...
CVE-2017-7551fixedvulnerablefixedfixed389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to pass ...
CVE-2017-15134fixedvulnerablefixedfixedA stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x ...
CVE-2016-5416vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...
CVE-2016-5405vulnerable (no DSA)fixedfixedfixed389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...
CVE-2016-4992vulnerable (no DSA)fixedfixedfixed389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...

Resolved issues

BugDescription
CVE-2017-2668389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an ...
CVE-2017-2591389-ds-base before version 1.3.6 is vulnerable to an improperly NULL t ...
CVE-2017-15135It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0. ...
CVE-2016-0741slapd/connection.c in 389 Directory Server (formerly Fedora Directory ...
CVE-2015-3230389 Directory Server (formerly Fedora Directory Server) before 1.3.3.1 ...
CVE-2015-1854389 Directory Server before 1.3.3.10 allows attackers to bypass intend ...
CVE-2014-8112389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x bef ...
CVE-2014-8105389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does n ...
CVE-2014-3562Red Hat Directory Server 8 and 389 Directory Server, when debugging is ...
CVE-2014-0132The SASL authentication functionality in 389 Directory Server before 1 ...
CVE-2013-4485389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8. ...
CVE-2013-4283ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attacker ...
CVE-2013-2219The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server ...
CVE-2013-1897The do_search function in ldap/servers/slapd/search.c in 389 Directory ...
CVE-2013-0336The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ ...
CVE-2013-0312389 Directory Server before 1.3.0.4 allows remote attackers to cause a ...
CVE-2012-4450389 Directory Server 1.2.10 does not properly update the ACL when a DN ...
CVE-2012-2746389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server bef ...
CVE-2012-2678389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server bef ...
CVE-2012-0833The acllas__handle_group_entry function in servers/plugins/acl/acllas. ...

Security announcements

DSA / DLADescription
DLA-1554-2389-ds-base - regression update
DLA-1554-1389-ds-base - security update
DLA-1526-1389-ds-base - security update
DLA-1483-1389-ds-base - security update
DLA-1428-1389-ds-base - security update

Search for package or bug name: Reporting problems