Headline
RHSA-2022:7087: Red Hat Security Advisory: 389-ds-base security and bug fix update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2850: 389-ds-base: SIGSEGV in sync_repl
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-10-25
Updated:
2022-10-25
RHSA-2022:7087 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: 389-ds-base security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
- 389-ds-base: SIGSEGV in sync_repl (CVE-2022-2850)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Import may break replication because changelog starting csn may not be created (BZ#2113056)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the 389 server service will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2113056 - Import may break replication because changelog starting csn may not be created
- BZ - 2118691 - CVE-2022-2850 389-ds-base: SIGSEGV in sync_repl
Red Hat Enterprise Linux Server 7
SRPM
389-ds-base-1.3.10.2-17.el7_9.src.rpm
SHA-256: ca60ee46feaeea3099b86e5cc879898fb906eb19f158f90cba1a133d77e91c1a
x86_64
389-ds-base-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: fe412472deadb4cd830c484cc669aa6081dcae42d3be1412888761e1d0ef9c26
389-ds-base-debuginfo-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: f23f7db86f2ccc0e40c208a87d73f5a402fb9f8b4a7e74ec5a35e2cca429a577
389-ds-base-debuginfo-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: f23f7db86f2ccc0e40c208a87d73f5a402fb9f8b4a7e74ec5a35e2cca429a577
389-ds-base-devel-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 4b83b75d530427850160e3fffc4402507162d16a893dc9b5226dafa5d7c42db1
389-ds-base-libs-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 8ab804565ac7e6aba521c90249f9a7efc7d0d3779e41795e284f69033e721a55
389-ds-base-snmp-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 5b76c5b830a94882a1372610095f5aadd8ab5dbd8bc1bff124849133c1bb3893
Red Hat Enterprise Linux Workstation 7
SRPM
389-ds-base-1.3.10.2-17.el7_9.src.rpm
SHA-256: ca60ee46feaeea3099b86e5cc879898fb906eb19f158f90cba1a133d77e91c1a
x86_64
389-ds-base-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: fe412472deadb4cd830c484cc669aa6081dcae42d3be1412888761e1d0ef9c26
389-ds-base-debuginfo-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: f23f7db86f2ccc0e40c208a87d73f5a402fb9f8b4a7e74ec5a35e2cca429a577
389-ds-base-debuginfo-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: f23f7db86f2ccc0e40c208a87d73f5a402fb9f8b4a7e74ec5a35e2cca429a577
389-ds-base-devel-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 4b83b75d530427850160e3fffc4402507162d16a893dc9b5226dafa5d7c42db1
389-ds-base-libs-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 8ab804565ac7e6aba521c90249f9a7efc7d0d3779e41795e284f69033e721a55
389-ds-base-snmp-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 5b76c5b830a94882a1372610095f5aadd8ab5dbd8bc1bff124849133c1bb3893
Red Hat Enterprise Linux Desktop 7
SRPM
389-ds-base-1.3.10.2-17.el7_9.src.rpm
SHA-256: ca60ee46feaeea3099b86e5cc879898fb906eb19f158f90cba1a133d77e91c1a
x86_64
389-ds-base-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: fe412472deadb4cd830c484cc669aa6081dcae42d3be1412888761e1d0ef9c26
389-ds-base-debuginfo-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: f23f7db86f2ccc0e40c208a87d73f5a402fb9f8b4a7e74ec5a35e2cca429a577
389-ds-base-devel-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 4b83b75d530427850160e3fffc4402507162d16a893dc9b5226dafa5d7c42db1
389-ds-base-libs-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 8ab804565ac7e6aba521c90249f9a7efc7d0d3779e41795e284f69033e721a55
389-ds-base-snmp-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 5b76c5b830a94882a1372610095f5aadd8ab5dbd8bc1bff124849133c1bb3893
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
389-ds-base-1.3.10.2-17.el7_9.src.rpm
SHA-256: ca60ee46feaeea3099b86e5cc879898fb906eb19f158f90cba1a133d77e91c1a
s390x
389-ds-base-1.3.10.2-17.el7_9.s390x.rpm
SHA-256: 98befa6a824733d61f72bde9ac6dcb4b4f0fad327c23d80d0ef6cf0589580640
389-ds-base-debuginfo-1.3.10.2-17.el7_9.s390x.rpm
SHA-256: 4367a9241f29a54ce4bc42affa4427f6012cec33cd349e90ff135088cec94d9b
389-ds-base-devel-1.3.10.2-17.el7_9.s390x.rpm
SHA-256: d36fa2a234346120f089e9c00bde773f7467f30d7ebb686196038f70d54e7f2d
389-ds-base-libs-1.3.10.2-17.el7_9.s390x.rpm
SHA-256: 10355e145c2f57b1e9d31e23ea9f43dc8cd6a6e7fe2ba16acbdeb76e0d1d7cbd
389-ds-base-snmp-1.3.10.2-17.el7_9.s390x.rpm
SHA-256: 97d0b74dd311669b751b92fb5c0f57a65e9ff536522111971fbae620d4a33664
Red Hat Enterprise Linux for Power, big endian 7
SRPM
389-ds-base-1.3.10.2-17.el7_9.src.rpm
SHA-256: ca60ee46feaeea3099b86e5cc879898fb906eb19f158f90cba1a133d77e91c1a
ppc64
389-ds-base-1.3.10.2-17.el7_9.ppc64.rpm
SHA-256: aa0d6fa6bd832cca36f284b33f155f11d361d9839e5ddf583d2b99db01fcf8bc
389-ds-base-debuginfo-1.3.10.2-17.el7_9.ppc64.rpm
SHA-256: bc28257db4eda948a6cd61d664c8c2e00e62f3760df9c7831e1aeefb43c16dc8
389-ds-base-devel-1.3.10.2-17.el7_9.ppc64.rpm
SHA-256: a9340c4a2690fca22244eebe108940bad4a4650520f468ca3fd5018d1db89b80
389-ds-base-libs-1.3.10.2-17.el7_9.ppc64.rpm
SHA-256: a0427e80593c953a86970753a244867278a3de02a3182a8ed1c399cde9eae740
389-ds-base-snmp-1.3.10.2-17.el7_9.ppc64.rpm
SHA-256: 16170b290d21572192963bf5f9a1c3a1ddd66074690b3ad73cb172353da55788
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
389-ds-base-1.3.10.2-17.el7_9.src.rpm
SHA-256: ca60ee46feaeea3099b86e5cc879898fb906eb19f158f90cba1a133d77e91c1a
x86_64
389-ds-base-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: fe412472deadb4cd830c484cc669aa6081dcae42d3be1412888761e1d0ef9c26
389-ds-base-debuginfo-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: f23f7db86f2ccc0e40c208a87d73f5a402fb9f8b4a7e74ec5a35e2cca429a577
389-ds-base-devel-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 4b83b75d530427850160e3fffc4402507162d16a893dc9b5226dafa5d7c42db1
389-ds-base-libs-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 8ab804565ac7e6aba521c90249f9a7efc7d0d3779e41795e284f69033e721a55
389-ds-base-snmp-1.3.10.2-17.el7_9.x86_64.rpm
SHA-256: 5b76c5b830a94882a1372610095f5aadd8ab5dbd8bc1bff124849133c1bb3893
Red Hat Enterprise Linux for Power, little endian 7
SRPM
389-ds-base-1.3.10.2-17.el7_9.src.rpm
SHA-256: ca60ee46feaeea3099b86e5cc879898fb906eb19f158f90cba1a133d77e91c1a
ppc64le
389-ds-base-1.3.10.2-17.el7_9.ppc64le.rpm
SHA-256: 2798b32623b19bbf7676deb51e055dcdebb723b23adee35049789e82e9e58ef0
389-ds-base-debuginfo-1.3.10.2-17.el7_9.ppc64le.rpm
SHA-256: 21091e7ef912244c926170d0e63d515c19f01719657726bf5d7ab7a8cecd0049
389-ds-base-debuginfo-1.3.10.2-17.el7_9.ppc64le.rpm
SHA-256: 21091e7ef912244c926170d0e63d515c19f01719657726bf5d7ab7a8cecd0049
389-ds-base-devel-1.3.10.2-17.el7_9.ppc64le.rpm
SHA-256: 7945a7d966f91bdabf1c783d40ad9b9f92d352236e2792de29032d11c90c3f3f
389-ds-base-libs-1.3.10.2-17.el7_9.ppc64le.rpm
SHA-256: 17ce61f2e0004576c34622f387d47b347c179faffaa1bea165d8028819ee9b03
389-ds-base-snmp-1.3.10.2-17.el7_9.ppc64le.rpm
SHA-256: aecda88a3230d57cfc7d17d5e9b3df2ff1e85b56fcb6827e38979b84f6ff2c21
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-0479-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.
An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.0 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2850: 389-ds-base: SIGSEGV in sync_repl
Red Hat Security Advisory 2022-8976-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.
An update for 389-ds-base is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0918: 389-ds-base: sending crafted message could result in DoS * CVE-2022-0996: 389-ds-base: expired password was still allowed to access the database * CVE-2022-2850: 389-ds-base: SIGSEGV in sync_repl
An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.5 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2850: 389-ds-base: SIGSEGV in sync_repl
Red Hat Security Advisory 2022-8680-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2850: 389-ds-base: SIGSEGV in sync_repl
Red Hat Security Advisory 2022-8162-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include denial of service and memory leak vulnerabilities.
An update for 389-ds-base is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0918: 389-ds-base: sending crafted message could result in DoS * CVE-2022-0996: 389-ds-base: expired password was still allowed to access the database * CVE-2022-2850: 389-ds-base: SIGSEGV in sync_repl
Red Hat Security Advisory 2022-7133-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.
Red Hat Security Advisory 2022-7087-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2850: 389-ds-base: SIGSEGV in sync_repl
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514.