Synopsis: Moderate: 389-ds-base security, bug fix, and enhancement update
Issue Date: 2013-02-21
CVE Numbers: CVE-2012-4450
—
A flaw was found in the way 389 Directory Server enforced ACLs after performing
an LDAP modify relative distinguished name (modrdn) operation. After modrdn was
used to move part of a tree, the ACLs defined on the moved (Distinguished Name)
were not properly enforced until the server was restarted. This could allow
LDAP users to access information that should be restricted by the defined ACLs.
(CVE-2012-4450)
After installing this update, the 389 server service will be restarted
automatically.
—
SL6
x86_64
389-ds-base-1.2.11.15-11.el6.x86_64.rpm
389-ds-base-debuginfo-1.2.11.15-11.el6.i686.rpm
389-ds-base-debuginfo-1.2.11.15-11.el6.x86_64.rpm
389-ds-base-devel-1.2.11.15-11.el6.i686.rpm
389-ds-base-devel-1.2.11.15-11.el6.x86_64.rpm
389-ds-base-libs-1.2.11.15-11.el6.i686.rpm
389-ds-base-libs-1.2.11.15-11.el6.x86_64.rpm
i386
389-ds-base-1.2.11.15-11.el6.i686.rpm
389-ds-base-debuginfo-1.2.11.15-11.el6.i686.rpm
389-ds-base-devel-1.2.11.15-11.el6.i686.rpm
389-ds-base-libs-1.2.11.15-11.el6.i686.rpm
– Scientific Linux Development Team
