Summary: | <net-nds/389-ds-base-1.4.4.16: unauthenticated DoS with malicious query (CVE-2021-3514) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | chris, Dessa, proxy-maint |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/389ds/389-ds-base/issues/4711 | ||
See Also: | https://github.com/gentoo/gentoo/pull/21815 | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2021-06-06 03:16:16 UTC
Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Ping The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1d313250b77028f193e7590666973e8ba2a38270 commit 1d313250b77028f193e7590666973e8ba2a38270 Author: Robert Förster <Dessa@gmake.de> AuthorDate: 2021-07-28 13:09:56 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2021-08-12 07:49:50 +0000 net-nds/389-ds-base: remove vulnerable Bug: https://bugs.gentoo.org/794505 Package-Manager: Portage-3.0.20, Repoman-3.0.3 Signed-off-by: Robert Förster <Dessa@gmake.de> Closes: https://github.com/gentoo/gentoo/pull/21815 Signed-off-by: Joonas Niilola <juippis@gentoo.org> net-nds/389-ds-base/389-ds-base-1.4.4.13.ebuild | 304 --------------------- net-nds/389-ds-base/Manifest | 34 --- .../files/389-ds-base-1.4.4.13-libxcrypt.patch | 66 ----- 3 files changed, 404 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2c99b894acb927383fe0b2e47e02b93d0fdc352c commit 2c99b894acb927383fe0b2e47e02b93d0fdc352c Author: Robert Förster <Dessa@gmake.de> AuthorDate: 2021-07-28 13:09:01 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2021-08-12 07:49:25 +0000 net-nds/389-ds-base: bump to 1.4.4.16 with security fixes for CVE-2021-3514 and CVE-2021-3652 Bug: https://bugs.gentoo.org/794505 Package-Manager: Portage-3.0.20, Repoman-3.0.3 Signed-off-by: Robert Förster <Dessa@gmake.de> Signed-off-by: Joonas Niilola <juippis@gentoo.org> net-nds/389-ds-base/389-ds-base-1.4.4.16.ebuild | 299 +++++++++++++++++++++ net-nds/389-ds-base/Manifest | 26 ++ .../files/389-ds-base-1.4.4.16-crypt-import.patch | 118 ++++++++ 3 files changed, 443 insertions(+) Thanks! |