Advisories ยป MGASA-2018-0245

Updated 389-ds-base packages fix security vulnerability

Publication date: 16 May 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1089

Description

389-ds-base did not properly handle characters needed to be escaped in
its query filter. This could result in buffer overflows, from the heap
or the stack, on larger filters.  An unauthenticated attacker could send
a specially crafted LDAP request and crash the server (CVE-2018-1089).
                

References

SRPMS

6/core