Updated 389-ds-base packages fix security vulnerability
Publication date: 06 Apr 2018Modification date: 06 Apr 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-15135
Description
It was discovered that a lack of size check in slapi_ct_memcmp() function may lead to authentication bypass through pre-hashed userPassword attributes under highly specific circumstances (CVE-2017-15135).
References
SRPMS
6/core
- 389-ds-base-1.3.5.17-1.4.mga6