-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 24 Oct 2018 17:16:21 +0200 Source: 389-ds-base Binary: 389-ds 389-ds-base-libs 389-ds-base-libs-dbg 389-ds-base-dev 389-ds-base 389-ds-base-dbg Architecture: source all amd64 Version: 1.3.3.5-4+deb8u4 Distribution: jessie-security Urgency: high Maintainer: Debian 389ds Team <pkg-fedora-ds-maintainers@lists.alioth.debian.org> Changed-By: Hugo Lefeuvre <hle@debian.org> Description: 389-ds - 389 Directory Server suite - metapackage 389-ds-base - 389 Directory Server suite - server 389-ds-base-dbg - 389 Directory Server suite - server debugging symbols 389-ds-base-dev - 389 Directory Server suite - development files 389-ds-base-libs - 389 Directory Server suite - libraries 389-ds-base-libs-dbg - 389 Directory Server suite - library debugging symbols Changes: 389-ds-base (1.3.3.5-4+deb8u4) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-14648: A specially crafted search query could lead to excessive CPU consumption in the do_search() function. An unauthenticated attacker could leverage this flaw to cause a denial of service. Checksums-Sha1: 3da5fad95f5901cf9cc507be4d7b9eb703f48557 2277 389-ds-base_1.3.3.5-4+deb8u4.dsc 148696d9752a6bdf7b8ad1fab06b381c984f2f2c 36544 389-ds-base_1.3.3.5-4+deb8u4.debian.tar.xz cb0a637d05cd4c83b306ce09e2c5b667e778bf9d 16502 389-ds_1.3.3.5-4+deb8u4_all.deb 84889ee96a5cae0c362a3b7f23fdd9bdcfc8552f 388920 389-ds-base-libs_1.3.3.5-4+deb8u4_amd64.deb 07a2ebbc7eb7f10590cb815ff13218d0be13ad0d 1282850 389-ds-base-libs-dbg_1.3.3.5-4+deb8u4_amd64.deb 3750c25080cae2f33474683ae49f29e7cccec4b7 69736 389-ds-base-dev_1.3.3.5-4+deb8u4_amd64.deb deecc013817ee98d101a125e3c7f2693c9a654b3 1456510 389-ds-base_1.3.3.5-4+deb8u4_amd64.deb bc182252e3dc88c4cb5356a1f4d8efbccee3c48a 4181570 389-ds-base-dbg_1.3.3.5-4+deb8u4_amd64.deb Checksums-Sha256: 446cdc3fe6f2b73bdea491cf2a28e74f6144bf8936ab3d67bc81fe18b3b5d883 2277 389-ds-base_1.3.3.5-4+deb8u4.dsc cafc27adeb2ed72d446803e9f14ec809a5b57d0b411dd4393e9009f382254acd 36544 389-ds-base_1.3.3.5-4+deb8u4.debian.tar.xz 4220def67c57fed3b2fec78f4561ff7b1af7f15fdec2c01140358914feec427a 16502 389-ds_1.3.3.5-4+deb8u4_all.deb 3c45a806d3ecdef2924ab211c86226f0f10e21f9fa3360f412a5e539dfbf0be9 388920 389-ds-base-libs_1.3.3.5-4+deb8u4_amd64.deb 58617a651571f8d17bfc3538a64d1955fb4504e1cfefb8096890fe03527aee3c 1282850 389-ds-base-libs-dbg_1.3.3.5-4+deb8u4_amd64.deb f0d88e895b9676dbfdfc1ee5859d6daa516333b6eb8753ac80e0eab93744b07d 69736 389-ds-base-dev_1.3.3.5-4+deb8u4_amd64.deb 3f2248bd9dff7d793c3e15cba81525b12b08480051e9e08ff8f749c01007dbe6 1456510 389-ds-base_1.3.3.5-4+deb8u4_amd64.deb ba6fbd1d832860bfacd0ab072917409701cf88d8322ab5dbb592bcb0128d8de2 4181570 389-ds-base-dbg_1.3.3.5-4+deb8u4_amd64.deb Files: d6518b6b1ae8003ae4a8af2bc11a64f7 2277 net optional 389-ds-base_1.3.3.5-4+deb8u4.dsc 500f4251cde336c7b6dd9f222e5dacf1 36544 net optional 389-ds-base_1.3.3.5-4+deb8u4.debian.tar.xz d38ee56991bd8a63ca470b2d27fd562f 16502 net optional 389-ds_1.3.3.5-4+deb8u4_all.deb fd6ce304a65d0dce4f0a236dbfc2cd37 388920 libs optional 389-ds-base-libs_1.3.3.5-4+deb8u4_amd64.deb 7f0caf53065432e92b06bc9b9f19c4ac 1282850 debug extra 389-ds-base-libs-dbg_1.3.3.5-4+deb8u4_amd64.deb 79b985fabe53a75b49729ba32289b93e 69736 libdevel optional 389-ds-base-dev_1.3.3.5-4+deb8u4_amd64.deb b71af9c1615a5da614938b209b1fa348 1456510 net optional 389-ds-base_1.3.3.5-4+deb8u4_amd64.deb 6d4a1300d4ada78668c7a9f03f969881 4181570 debug extra 389-ds-base-dbg_1.3.3.5-4+deb8u4_amd64.deb -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEUFZhdgIWqBhwqCvuZYVUZx9w0DQFAlvQktsACgkQZYVUZx9w 0DRhRAgAn/92OJf4JOTcN2aUZD9GnJmOK2Xbta2+j1D3H4YSkTo9dzF+5pF+vjvc VMLDmut8Ybuom7J8hj+UI8+mBGKeyrEGOOsPqSPvkRqpwiNS5PxNdTDGG5LkJoOU y54ZPcS0it0fEbF0pO06FvpChgyff0Bo/fuLVRBHxj2pZCg3bnDOUPZ0kJ3Tr41+ xCpg2p1Hgk90r7sKt60eyUTKXovlS2p2plJLqvDFfwpHY/HdEJxgbnC4GYA+UZ+u NYKdlrDZcaTUGelG8bL/zHFoOOCmCcKSOBL8BkL8b7hoWUFOYmwSOnw5X9qnVrsh NVUJZv/KBOT5o6bJtLLuXNeF2xMqAA== =vd7b -----END PGP SIGNATURE-----