Updated 389-ds-base packages fix security vulnerability
Publication date: 16 May 2018Modification date: 16 May 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1089
Description
389-ds-base did not properly handle characters needed to be escaped in its query filter. This could result in buffer overflows, from the heap or the stack, on larger filters. An unauthenticated attacker could send a specially crafted LDAP request and crash the server (CVE-2018-1089).
References
SRPMS
6/core
- 389-ds-base-1.3.5.17-1.5.mga6