Site Navigation:
security 389-ds-base-1.2.10.14-2.el5 security update
Status:stable
Release: Fedora EPEL 5
Update ID: FEDORA-EPEL-2012-13203
Builds: 389-ds-base-1.2.10.14-2.el5 (logs)
Pushed: True
Date Submitted: 2012-10-16 16:30:42
Date Released: 2012-10-18 17:02:11
Submitter: rmeggins
Karma: 1
Details

CVE-2012-4450 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL issues with modrdn with attribute uniqueness and referential integrity rebase to 1.2.10.11 to pick up several crash + security fixes crash bug with multiple transactions and range searches Ticket #331 - transaction errors with db 4.3 and db 4.2 Ticket #305 - Certain CMP operations hang or cause ns-slapd to crash fix cos crash - address some valgrind issues - fix kernel version checking fix tombstone crash - fix TLS - fix defaultNamingContext The 1.2.10.0 release - a couple of bug fixes coverity fixes - valgrind issues - schema repl - ruv tombstone - nsMatchingRule - account policy fixes - entryrdn improvements Ticket #272 - add tombstonenumsubordinates to schema the 389-ds-base 1.2.10.a7 release - several bug fixes - fixes for systemd fix shutdown crash - fix systemd dirsrv.target - entryusn fix - csn improvements Bug fixes for setup -u, coverity, modrdn 100% cpu, entryusn, referint txn fix config del/add mods - memberof is transaction aware resource limits for simple paged results slapi_rwlock - transactions - account usability - bug fixes Fix for managed entry Fixed source tarball fix transaction support in ldbm_delete Ticket #294 - 389 DS Segfaults during replica install in FreeIPA typo in previous patch Trac Ticket 396 - Account Usability Control Not Working

Bugs Fixed
860608 - CVE-2012-4450: 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) [fedora-all]
Feedback
bodhi - 2012-10-16 16:31:05
This update has been submitted for testing by rmeggins.
bodhi - 2012-10-18 16:06:52
This update is currently being pushed to the Fedora EPEL 5 testing updates repository.
bodhi - 2012-10-18 17:28:49
This update has been pushed to testing
bodhi - 2012-11-01 22:03:04
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
orion - 2012-11-21 16:57:23
Working fine in production here.
bodhi - 2012-11-21 16:57:28
This update has reached the stable karma threshold and will be pushed to the stable updates repository
bodhi - 2012-11-22 15:53:55
This update is currently being pushed to the Fedora EPEL 5 stable updates repository.
bodhi - 2012-11-22 17:32:00
This update has been pushed to stable

Add a comment

Tip: Login to impact how quickly this update gets pushed or unpushed.
obfuscated letters