Updated 389-ds-base packages fix CVE-2018-1054
Publication date: 07 Mar 2018Modification date: 07 Mar 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1054
Description
389-ds-base has been updated to fix a security issue. A flaw was found in 389 Directory Server that affects all versions. An improper handling of the search feature with an extended filter, when read access onis enabled, in SetUnicodeStringFromUTF_8 function in collate.c, can lead to out-of-bounds memory operations. This may allow a remote unauthenticated attacker to trigger a server crash, thus resulting in denial of service. (CVE-2018-1054)
References
SRPMS
6/core
- 389-ds-base-1.3.5.17-1.3.mga6