| Summary: | <net-nds/389-ds-base-1.3.4.8: access control bypass with modrdn | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | trivial | CC: | maintainer-needed |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-10.html | ||
| Whiteboard: | ~4 [noglsa] | ||
| Package list: | Runtime testing required: | --- | |
Hi, We have updated 389-ds-base to 1.3.4.7. This should resolve the issue. Thanks, Referenced commit 5a7174bf7122309eee568651fb5f3413155f9fc2 No vulnerable versions in tree. |
From ${URL} : The 389 Directory Server team is proud to announce 389-ds-base version 1.3.3.10. Fedora packages are available from the Fedora 21, 22 and Rawhide repositories. The new packages and versions are: 389-ds-base-1.3.3.10-1 A source tarball is available for download at Download Source Highlights in 1.3.3.10 One important security bug was fixed. Detailed Changelog since 1.3.3.8 Bug 1216203 - CVE-2015-1854 389ds-base: access control bypass with modrdn [fedora-all] @maintainer(s): since the package or the affected version has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.