-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 16 Jan 2025 17:16:37 +0100 Source: 389-ds-base Binary: 389-ds cockpit-389-ds python3-lib389 Architecture: all Version: 2.3.1+dfsg1-1+deb12u1 Distribution: bookworm Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Andrej Shadura Description: 389-ds - 389 Directory Server suite - metapackage cockpit-389-ds - Cockpit user interface for 389 Directory Server python3-lib389 - Python3 module for accessing and configuring the 389 Directory Se Closes: 1072531 1082852 Changes: 389-ds-base (2.3.1+dfsg1-1+deb12u1) bookworm; urgency=high . * Non-maintainer upload. * Apply security patches from the upstream: - CVE-2024-2199 and CVE-2024-8445: Crash when modifying userPassword using malformed input (Closes: #1072531, #1082852). - CVE-2024-5953: Denial of service while attempting to log in with a user with a malformed hash in their password. - CVE-2024-3657: Failure on the directory server with specially-crafted LDAP query leading to denial of service. Checksums-Sha1: 2d02f039bb5420b45e565828bf30519ceabcd727 19638 389-ds-base_2.3.1+dfsg1-1+deb12u1_all-buildd.buildinfo 1c274857849bd072143a1df4574b677988c55c24 14096 389-ds_2.3.1+dfsg1-1+deb12u1_all.deb 7607f86d3e947f26605b55ff2763bfa8d1ca0596 687632 cockpit-389-ds_2.3.1+dfsg1-1+deb12u1_all.deb 24bda1f7f2ce2184eb84142bdbc5c83fbe8b6b3a 386208 python3-lib389_2.3.1+dfsg1-1+deb12u1_all.deb Checksums-Sha256: f6b256d98ecce9d6658fbd0e5dd25037ed8884b9f53fd42845c5ab3e9da911e9 19638 389-ds-base_2.3.1+dfsg1-1+deb12u1_all-buildd.buildinfo de49c33ffef0e9b86cc8d4709116b755739290a8f7e5849d7220cc96b9b64b69 14096 389-ds_2.3.1+dfsg1-1+deb12u1_all.deb b7e51bb2c7860b8987f300233f6510c67324f57fe6eccc42e036e7fb4a4e3e2f 687632 cockpit-389-ds_2.3.1+dfsg1-1+deb12u1_all.deb c1428eb014c6a02b94e1e294e202a995d7a5a75b429aea5a2c95bd066325cb40 386208 python3-lib389_2.3.1+dfsg1-1+deb12u1_all.deb Files: 3afe53a707aa34b2e35f08f9cf9a0563 19638 net optional 389-ds-base_2.3.1+dfsg1-1+deb12u1_all-buildd.buildinfo a227469ff35ea8c05dd2ff1893e6cc9f 14096 net optional 389-ds_2.3.1+dfsg1-1+deb12u1_all.deb 4405fca4f8dfae8d86e32cb75222e27e 687632 net optional cockpit-389-ds_2.3.1+dfsg1-1+deb12u1_all.deb ff9e4ce45e6e7b86e52fff8373f28ebd 386208 net optional python3-lib389_2.3.1+dfsg1-1+deb12u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgdRoRGwEM09wlaMzOni7ZmUpKEcFAmeVIewACgkQOni7ZmUp KEfJnxAAnv5BLZ1RWJvAvkOns93WD+I2sEDIJDCwI+JtEexpVN1pFhl8zLvOqUz4 PTBj79GY++4MkIv6N0eSMfhS3Eon+9qfU98TSS6hUPath6l027kemoAc2wC6zAGn h9rEmPS6lwxiX+EpCq16l/2YraDIcxRvKgari2Rzz2i3n0+fQagQqWQJ/HXsJTrh MfvrckDu9pdBiNepOftbUYAghExOEmVhXuwkveTK4G6ZTuFm90ykTDNFcS/MjTUB VwrFTvN0V2d38cir8COMv48HuZgVQ5tx9IfSgs0u8R+dV48f8TFNQr4tFBrwsKNl Nv0H+XH9xQxuFrP3VqrZTAIuvyqSb7oOOLKcbU0VdskrZkjWrGZ5pc250rR0BmvY vi+J4JRCGlR7EHQq9vXBy/g5VlCSc/cWITLMaOkx54weXEA5Kx7TzX7ut+dEPMt5 dNlkWeM4lKrdJOeqTW0b148cFECLux7Z282mBJsHRbo47CT+9n20/5E7iHd9kXgj v5GVfmltyPzR9ePaGORhLWJ+N9muyvGHqNVOo/LcQmKOy6MMT+I65pAZOHGi+y+P j/1i5cVX4dWdselJFledNYKuuVmImorRzCqoz2MlL/LpSVg/xrihvsTt4j2+9Ki/ bf/8E5I3msVuH5il/ffufJL2ZYF//vaFgdKrW1jMAx+coXRK/48= =wZGC -----END PGP SIGNATURE-----