Bug 1960720

Summary: CVE-2021-3514 389-ds:1.4/389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control() [rhel-8] [rhel-8.4.0.z]
Product: Red Hat Enterprise Linux 8 Reporter: RHEL Program Management Team <pgm-rhel-tools>
Component: 389-ds-baseAssignee: thierry bordaz <tbordaz>
Status: CLOSED ERRATA QA Contact: RHDS QE <ds-qe-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.3CC: bsmejkal, cbuissar, ldap-maint, mharmsen, mreynolds, tbordaz
Target Milestone: betaKeywords: Security, SecurityTracking, Triaged, ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: sync-to-jira
Fixed In Version: 389-ds-1.4-8040020210608090708.96015a92 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: 1952804 Environment:
Last Closed: 2021-06-29 16:07:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1952804    
Bug Blocks: 1952907    

Comment 1 Tomas Hoger 2021-05-25 07:58:50 UTC
We should fix this before the fix is applied to any EUS.


Comment 2 thierry bordaz 2021-06-07 14:01:54 UTC
Fix pushed upstream => POST

Comment 9 errata-xmlrpc 2021-06-29 16:07:29 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: 389-ds:1.4 security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.