Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted 389-ds-base 1.4.4.11-2+deb11u1 (source) into oldstable-security
Date: Sun, 19 Jan 2025 13:10:24 +0000
Signed by: Andrew Shadura <andrewsh@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 19 Jan 2025 13:30:31 +0100
Source: 389-ds-base
Architecture: source
Version: 1.4.4.11-2+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian FreeIPA Team <pkg-freeipa-devel@alioth-lists.debian.net>
Changed-By: Andrej Shadura <andrewsh@debian.org>
Changes:
 389-ds-base (1.4.4.11-2+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS team.
   * Backport security patches from the upstream.
     - CVE-2021-3652: Locked crypt accounts on import may allow any password.
     - CVE-2021-4091: Double-free of the virtual attribute context in
       persistent search, forcing the server to behave unexpectedly, and crash.
     - CVE-2022-0918: Denial of service triggered by specially crafted
       unauthenticated message crashing the server.
     - CVE-2022-0996: User with an expired password can still login with full
       privileges.
     - CVE-2022-2850: Crash while managing invalid cookie causing denial of
       service.
     - CVE-2024-2199 and CVE-2024-8445: Crash when modifying userPassword using
       malformed input.
     - CVE-2024-3657: Failure on the directory server with specially crafted
       LDAP query leading to denial of service.
     - CVE-2024-5953: Denial of service while attempting to log in with
       a user with a malformed hash in their password.
Checksums-Sha1:
 a338fa0607340a4d3d714a0d52e1cfa306c39b94 2205 389-ds-base_1.4.4.11-2+deb11u1.dsc
 8953b2c44970585308510889ca08e2a18d226784 6140023 389-ds-base_1.4.4.11.orig.tar.bz2
 6087aecf31d62ee6c6bb67fcf97d7c37ab6b639b 454784 389-ds-base_1.4.4.11-2+deb11u1.debian.tar.xz
 c4a7f45f17de956a9c9d61422db009f1d10a09be 9217 389-ds-base_1.4.4.11-2+deb11u1_source.buildinfo
Checksums-Sha256:
 3e7f50b7c430dcb4e9492b9a924e82218941b98eac366b92918509cf7b1ad2fc 2205 389-ds-base_1.4.4.11-2+deb11u1.dsc
 4a790fd3e74132f769577543dd1fcca8247481c1abdbcf162d82d34e2eaf1729 6140023 389-ds-base_1.4.4.11.orig.tar.bz2
 45fa8ed9a453d8b01cf3a214a78d59bd4c9f6b999cc9583324f2ba480d07eb18 454784 389-ds-base_1.4.4.11-2+deb11u1.debian.tar.xz
 18dd4bd576b86d921e4d8ac6eae8e96f6efa207710e231fe9c0363d4b1cd8ba8 9217 389-ds-base_1.4.4.11-2+deb11u1_source.buildinfo
Files:
 89dc937feac74d6e7709d588f8be27fd 2205 net optional 389-ds-base_1.4.4.11-2+deb11u1.dsc
 f35696d7d370f4370c02e49c98d281f3 6140023 net optional 389-ds-base_1.4.4.11.orig.tar.bz2
 b3a24f34d00a7cf1c510458736d002fb 454784 net optional 389-ds-base_1.4.4.11-2+deb11u1.debian.tar.xz
 894746eaad68e3d0c4bb5f8cd64727f7 9217 net optional 389-ds-base_1.4.4.11-2+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCZ4z15wAKCRDoRGtKyMdy
YaoFAP94BQAuAD1BVP2PiJ4vUIK2Tw/0WYsySNblc8BZ8+9+6gD/S4AuKTsl1ZXT
cI5CYgJK2pDvTZXX+k5xQvBDrvNTUgY=
=EBWB
-----END PGP SIGNATURE-----

News for package 389-ds-base