CLSA-2026:1778892584

[CLSA-2026:1778892584] 389-ds-base: Fix of 3 CVEs

Type:

security

Severity:

Moderate

Release date:

2026-05-16 00:49:49 UTC

Description:

- CVE-2024-5953: fix DoS via malformed password hash on bind
- CVE-2024-2199: fix DoS via malformed userPassword modify
- CVE-2025-2487: fix NULL pointer deref on failed MODDN operations

Updated packages:

389-ds-base-2.2.4-5.el9_2.tuxcare.els4.x86_64.rpm
sha:39366ecddb85ad3dcc7c466ed3d4c21c39ee8f592de3ddf497df0be657651a21
389-ds-base-devel-2.2.4-5.el9_2.tuxcare.els4.x86_64.rpm
sha:ff65b1209471cd12313f026d8773a83cbca968a5eda0e27315a24437080478d1
389-ds-base-libs-2.2.4-5.el9_2.tuxcare.els4.x86_64.rpm
sha:78cdf7fe0fa156f79d65faef49ac19a6df29b9995b41bd29c7f871315cfde0ca
389-ds-base-snmp-2.2.4-5.el9_2.tuxcare.els4.x86_64.rpm
sha:23d7fe2f7c8c44ce94a40b2eb5425c2fbf77c7571c736cf8e1276c715d8204a0
python3-lib389-2.2.4-5.el9_2.tuxcare.els4.noarch.rpm
sha:2b846495e9f1757c4c989678bf2b216e18bbab94bb91c5b9e62bfa4fdf18a882

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.