Bug 1904991

Summary: CVE-2020-35518 389-ds:1.4/389-ds-base: information disclosure during the binding of a DN [rhel-8]
Product: Red Hat Enterprise Linux 8 Reporter: thierry bordaz <tbordaz>
Component: 389-ds-baseAssignee: thierry bordaz <tbordaz>
Status: CLOSED ERRATA QA Contact: RHDS QE <ds-qe-bugs>
Severity: medium Docs Contact:
Priority: urgent    
Version: 8.4CC: ldap-maint, mreynolds, msauton, sgouvern, tkubota, tscherf
Target Milestone: rcKeywords: Security, SecurityTracking, TestCaseProvided, Triaged, ZStream
Target Release: 8.0   
Hardware: All   
OS: Linux   
Whiteboard: sync-to-jira
Fixed In Version: 389-ds-1.4-8040020210107175838-866effaa Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1908705 1923217 1930272 1931182 1946632 (view as bug list) Environment:
Last Closed: 2021-05-18 15:45:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1905565, 1908705, 1923217, 1930272, 1931182, 1946632    
Deadline: 2021-12-07   

Comment 3 thierry bordaz 2020-12-08 16:05:10 UTC 
Upstream ticket https://github.com/389ds/389-ds-base/issues/4480
Comment 4 thierry bordaz 2020-12-16 15:36:39 UTC 
fix is pushed upstream -> POST
Comment 17 sgouvern 2021-01-18 14:16:18 UTC 
wrong build attached to the errata -> moving to ITM12
Comment 18 sgouvern 2021-01-18 14:51:23 UTC 
Correct build now attached to the errata : as per comment 14, marking as VERIFIED and moving back to ITM11
Comment 21 errata-xmlrpc 2021-05-18 15:45:44 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (389-ds:1.4 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:1835