Bug 1623247
Summary: | CVE-2018-14624 389-ds-base: Server crash through modify command with large DN [rhel-7.5.z] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Jaroslav Reznik <jreznik> |
Component: | 389-ds-base | Assignee: | mreynolds |
Status: | CLOSED ERRATA | QA Contact: | Viktor Ashirov <vashirov> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.7-Alt | CC: | dmoppert, gparente, mhonek, mreynolds, msauton, nkinder, rmeggins, sfowler, spichugi, tbordaz, vashirov |
Target Milestone: | rc | Keywords: | Security, SecurityTracking, ZStream |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | 389-ds-base-1.3.7.5-27.el7_5 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1614820 | Environment: | |
Last Closed: | 2018-09-25 19:06:11 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1614820 | ||
Bug Blocks: | 1619450 | ||
Deadline: | 2019-08-31 |
Description
Jaroslav Reznik
2018-08-28 20:14:24 UTC
*** Bug 1623721 has been marked as a duplicate of this bug. *** Build tested: 389-ds-base-1.3.7.5-27.el7_5.x86_64 Reproducer from https://bugzilla.redhat.com/show_bug.cgi?id=1614820#c7 no longer crashes the server, error messages are formatted correctly: [30/Aug/2018:08:43:15.953873158 -0400] - EMERG - Insufficent buffer capacity to fit timestamp and message! [30/Aug/2018:08:43:16.087007955 -0400] - EMERG - Insufficent buffer capacity to fit timestamp and message! [30/Aug/2018:08:43:16.113006138 -0400] - EMERG - Insufficent buffer capacity to fit timestamp and message! [30/Aug/2018:08:43:16.145550284 -0400] - EMERG - Insufficent buffer capacity to fit timestamp and message! Marking as VERIFIED. A change was made (new impact, public date, or CSAw status) to the security issue(s) blocked by this tracker, resulting in a new SLA deadline. This bug must now be resolved by 31-Aug-2019. Refer to this bug's Description for information about how to resolve this bug. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2018:2757 |