|
|
Log in / Subscribe / Register

Mageia alert MGASA-2016-0081 (389-ds-base)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2016-0081: Updated 389-ds-base packages fix security vulnerability 


Date:
    	      Tue, 23 Feb 2016 13:23:49 +0100


Message-ID:
    	      <20160223122349.C7C0F9F660@duvel.mageia.org>


MGASA-2016-0081 - Updated 389-ds-base packages fix security vulnerability

Publication date: 23 Feb 2016
URL: http://advisories.mageia.org/MGASA-2016-0081.html
Type: security
Affected Mageia releases: 5
CVE: CVE-2016-0741

Description:
An infinite-loop vulnerability was discovered in the 389 directory server,
where the server failed to correctly handle unexpectedly closed client
connections. A remote attacker able to connect to the server could use
this flaw to make the directory server consume an excessive amount of CPU
and stop accepting connections (denial of service) (CVE-2016-0741).

References:
- https://bugs.mageia.org/show_bug.cgi?id=17784
- https://rhn.redhat.com/errata/RHSA-2016-0204.html
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0741

SRPMS:
- 5/core/389-ds-base-1.3.4.8-1.mga5
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds