-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 19 Jan 2025 13:30:31 +0100 Source: 389-ds-base Architecture: source Version: 1.4.4.11-2+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: Debian FreeIPA Team <pkg-freeipa-devel@alioth-lists.debian.net> Changed-By: Andrej Shadura <andrewsh@debian.org> Changes: 389-ds-base (1.4.4.11-2+deb11u1) bullseye-security; urgency=medium . * Non-maintainer upload by the LTS team. * Backport security patches from the upstream. - CVE-2021-3652: Locked crypt accounts on import may allow any password. - CVE-2021-4091: Double-free of the virtual attribute context in persistent search, forcing the server to behave unexpectedly, and crash. - CVE-2022-0918: Denial of service triggered by specially crafted unauthenticated message crashing the server. - CVE-2022-0996: User with an expired password can still login with full privileges. - CVE-2022-2850: Crash while managing invalid cookie causing denial of service. - CVE-2024-2199 and CVE-2024-8445: Crash when modifying userPassword using malformed input. - CVE-2024-3657: Failure on the directory server with specially crafted LDAP query leading to denial of service. - CVE-2024-5953: Denial of service while attempting to log in with a user with a malformed hash in their password. Checksums-Sha1: a338fa0607340a4d3d714a0d52e1cfa306c39b94 2205 389-ds-base_1.4.4.11-2+deb11u1.dsc 8953b2c44970585308510889ca08e2a18d226784 6140023 389-ds-base_1.4.4.11.orig.tar.bz2 6087aecf31d62ee6c6bb67fcf97d7c37ab6b639b 454784 389-ds-base_1.4.4.11-2+deb11u1.debian.tar.xz c4a7f45f17de956a9c9d61422db009f1d10a09be 9217 389-ds-base_1.4.4.11-2+deb11u1_source.buildinfo Checksums-Sha256: 3e7f50b7c430dcb4e9492b9a924e82218941b98eac366b92918509cf7b1ad2fc 2205 389-ds-base_1.4.4.11-2+deb11u1.dsc 4a790fd3e74132f769577543dd1fcca8247481c1abdbcf162d82d34e2eaf1729 6140023 389-ds-base_1.4.4.11.orig.tar.bz2 45fa8ed9a453d8b01cf3a214a78d59bd4c9f6b999cc9583324f2ba480d07eb18 454784 389-ds-base_1.4.4.11-2+deb11u1.debian.tar.xz 18dd4bd576b86d921e4d8ac6eae8e96f6efa207710e231fe9c0363d4b1cd8ba8 9217 389-ds-base_1.4.4.11-2+deb11u1_source.buildinfo Files: 89dc937feac74d6e7709d588f8be27fd 2205 net optional 389-ds-base_1.4.4.11-2+deb11u1.dsc f35696d7d370f4370c02e49c98d281f3 6140023 net optional 389-ds-base_1.4.4.11.orig.tar.bz2 b3a24f34d00a7cf1c510458736d002fb 454784 net optional 389-ds-base_1.4.4.11-2+deb11u1.debian.tar.xz 894746eaad68e3d0c4bb5f8cd64727f7 9217 net optional 389-ds-base_1.4.4.11-2+deb11u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCZ4z15wAKCRDoRGtKyMdy YaoFAP94BQAuAD1BVP2PiJ4vUIK2Tw/0WYsySNblc8BZ8+9+6gD/S4AuKTsl1ZXT cI5CYgJK2pDvTZXX+k5xQvBDrvNTUgY= =EBWB -----END PGP SIGNATURE-----