(RHSA-2023:4655) Moderate: redhat-ds:11 security, bug fix, and enhancement update

2023-08-1514:07:53

access.redhat.com

red hat directory server

ldapv3

security

update

cve-2023-1055

upgrade

cvss

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

13.3%

JSON

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.

Security Fix(s):

RHDS: LDAP browser tries to decode userPassword instead of userCertificate attribute (CVE-2023-1055)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Users of Red Hat Directory Server 11 are advised to upgrade to these updated packages.

OSVersionArchitecturePackageVersionFilename
RedHatanyx86_64389-ds-base-libs< 1.4.3.34-1.module+el8dsrv+18380+8350b80e389-ds-base-libs-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHatanyx86_64389-ds-base-libs-debuginfo< 1.4.3.34-1.module+el8dsrv+18380+8350b80e389-ds-base-libs-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHatanyx86_64389-ds-base-legacy-tools-debuginfo< 1.4.3.34-1.module+el8dsrv+18380+8350b80e389-ds-base-legacy-tools-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHatanyx86_64389-ds-base-legacy-tools< 1.4.3.34-1.module+el8dsrv+18380+8350b80e389-ds-base-legacy-tools-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHatanyx86_64389-ds-base-debugsource< 1.4.3.34-1.module+el8dsrv+18380+8350b80e389-ds-base-debugsource-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHatanynoarchcockpit-389-ds< 1.4.3.34-1.module+el8dsrv+18380+8350b80ecockpit-389-ds-1.4.3.34-1.module+el8dsrv+18380+8350b80e.noarch.rpm
RedHatanyx86_64389-ds-base< 1.4.3.34-1.module+el8dsrv+18380+8350b80e389-ds-base-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHatanyx86_64389-ds-base-devel< 1.4.3.34-1.module+el8dsrv+18380+8350b80e389-ds-base-devel-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHatanynoarchpython3-lib389< 1.4.3.34-1.module+el8dsrv+18380+8350b80epython3-lib389-1.4.3.34-1.module+el8dsrv+18380+8350b80e.noarch.rpm
RedHatanyx86_64389-ds-base-debuginfo< 1.4.3.34-1.module+el8dsrv+18380+8350b80e389-ds-base-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	x86_64	389-ds-base-libs	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	389-ds-base-libs-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHat	any	x86_64	389-ds-base-libs-debuginfo	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	389-ds-base-libs-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHat	any	x86_64	389-ds-base-legacy-tools-debuginfo	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	389-ds-base-legacy-tools-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHat	any	x86_64	389-ds-base-legacy-tools	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	389-ds-base-legacy-tools-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHat	any	x86_64	389-ds-base-debugsource	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	389-ds-base-debugsource-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHat	any	noarch	cockpit-389-ds	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	cockpit-389-ds-1.4.3.34-1.module+el8dsrv+18380+8350b80e.noarch.rpm
RedHat	any	x86_64	389-ds-base	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	389-ds-base-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHat	any	x86_64	389-ds-base-devel	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	389-ds-base-devel-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm
RedHat	any	noarch	python3-lib389	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	python3-lib389-1.4.3.34-1.module+el8dsrv+18380+8350b80e.noarch.rpm
RedHat	any	x86_64	389-ds-base-debuginfo	< 1.4.3.34-1.module+el8dsrv+18380+8350b80e	389-ds-base-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm