[SECURITY] Fedora 38 Update: 389-ds-base-2.3.5-1.fc38
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-c92be0dfa0
2023-07-26 00:35:00.941441
--------------------------------------------------------------------------------
Name : 389-ds-base
Product : Fedora 38
Version : 2.3.5
Release : 1.fc38
URL : https://www.port389.org
Summary : 389 Directory Server (base)
Description :
389 Directory Server is an LDAPv3 compliant server. The base package includes
the LDAP server and command line utilities for server administration.
--------------------------------------------------------------------------------
Update Information:
Bump version to 2.3.5
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 10 2023 Marek Reynolds [mreynolds@redhat.com] - 2.3.5-1
- Bump version to 2.3.5
- Issue 5752 - RFE - Provide a history for LastLoginTime (#5807)
- Issue 5793 - UI - fix suffix selection in export modal
- Issue 5793 - UI - Fix minor crashes (#5827)
- Issue 5825 - healthcheck - password storage scheme warning needs more info
- Issue 5822 - Allow empty export path for db2ldif
- Issue 5755 - Massive memory leaking on update operations (#5824)
- Issue 5551 - Almost empty and not loaded ns-slapd high cpu load
- Issue 5156 - RFE that implement slapi_memberof (#5694)
- Issue 5722 - RFE When a filter contains 'nsrole', improve response time by rewriting the filter (#5723)
- Issue 5755 - The Massive memory leaking on update operations (#5803)
- Issue 5752 - CI - Add more tests for lastLoginHistorySize RFE (#5802)
- Issue 2375 - CLI - Healthcheck - revise and add new checks
- Issue 5793 - UI - movce from webpack to esbuild bundler
- Issue 5781 - Bug handling return code of pre-extended operation plugin.
- Issue 5785 - move bash completion to post section of specfile
- Issue 5646 - Various memory leaks (#5725)
- Issue 5789 - Improve ds-replcheck error handling
- Issue 5786 - CLI - registers tools for bash completion
- Issue 5778 - UI - Remove error message if .dsrc is missing
- Issue 4758 - Add tests for WebUI
- Issue 5751 - Cleanallruv task crashes on consumer (#5775)
- Issue 5743 - Disabling replica crashes the server (#5746)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2173676 - CVE-2023-1055 389-ds-base: RHDS: LDAP browser tries to decode userPassword instead of userCertificate attribute [fedora-37]
https://bugzilla.redhat.com/show_bug.cgi?id=2173676
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-c92be0dfa0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
A 389-ds-base security update has been released for Fedora 38.