Synopsis: Important: 389-ds-base security update
Advisory ID: SLSA-2014:1031-1
Issue Date: 2014-08-07
CVE Numbers: CVE-2014-3562
—
It was found that when replication was enabled for each attribute in 389
Directory Server, which is the default configuration, the server returned
replicated metadata when the directory was searched while debugging was
enabled. A remote attacker could use this flaw to disclose potentially
sensitive information. (CVE-2014-3562)
After installing this update, the 389 server service will be restarted
automatically.
—
SL6
x86_64
389-ds-base-1.2.11.15-34.el6_5.x86_64.rpm
389-ds-base-debuginfo-1.2.11.15-34.el6_5.i686.rpm
389-ds-base-debuginfo-1.2.11.15-34.el6_5.x86_64.rpm
389-ds-base-devel-1.2.11.15-34.el6_5.i686.rpm
389-ds-base-devel-1.2.11.15-34.el6_5.x86_64.rpm
389-ds-base-libs-1.2.11.15-34.el6_5.i686.rpm
389-ds-base-libs-1.2.11.15-34.el6_5.x86_64.rpm
i386
389-ds-base-1.2.11.15-34.el6_5.i686.rpm
389-ds-base-debuginfo-1.2.11.15-34.el6_5.i686.rpm
389-ds-base-devel-1.2.11.15-34.el6_5.i686.rpm
389-ds-base-libs-1.2.11.15-34.el6_5.i686.rpm
– Scientific Linux Development Team
