-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 16 Jan 2025 17:16:37 +0100 Source: 389-ds-base Binary: 389-ds-base 389-ds-base-dbgsym 389-ds-base-dev 389-ds-base-libs 389-ds-base-libs-dbgsym Architecture: amd64 Version: 2.3.1+dfsg1-1+deb12u1 Distribution: bookworm Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Andrej Shadura Description: 389-ds-base - 389 Directory Server suite - server 389-ds-base-dev - 389 Directory Server suite - development files 389-ds-base-libs - 389 Directory Server suite - libraries Closes: 1072531 1082852 Changes: 389-ds-base (2.3.1+dfsg1-1+deb12u1) bookworm; urgency=high . * Non-maintainer upload. * Apply security patches from the upstream: - CVE-2024-2199 and CVE-2024-8445: Crash when modifying userPassword using malformed input (Closes: #1072531, #1082852). - CVE-2024-5953: Denial of service while attempting to log in with a user with a malformed hash in their password. - CVE-2024-3657: Failure on the directory server with specially-crafted LDAP query leading to denial of service. Checksums-Sha1: e03c9f7176569a12e380a1dd1ddbaf5a2aa73805 9508560 389-ds-base-dbgsym_2.3.1+dfsg1-1+deb12u1_amd64.deb 3a5c74f72eb82448c4dd1ade9c5cfc5449203d82 73704 389-ds-base-dev_2.3.1+dfsg1-1+deb12u1_amd64.deb eea749cf585694f1421ba30dfc810ed293c9a71e 4098396 389-ds-base-libs-dbgsym_2.3.1+dfsg1-1+deb12u1_amd64.deb 8fdb00ec49be9c9c6809dfca49afc833c86cbbe5 1099192 389-ds-base-libs_2.3.1+dfsg1-1+deb12u1_amd64.deb b49cea985e08c8268a6d585109048e9184f3451c 20392 389-ds-base_2.3.1+dfsg1-1+deb12u1_amd64-buildd.buildinfo 6eb1b1f5b277c854af9cc8ba0632e0739d0d9112 2307724 389-ds-base_2.3.1+dfsg1-1+deb12u1_amd64.deb Checksums-Sha256: 529eba1f2c325e89199ea20d9b74d7020958bff0a297e7522e6f981f6500cf9b 9508560 389-ds-base-dbgsym_2.3.1+dfsg1-1+deb12u1_amd64.deb 638eca7c606e2282db281fa8432ebb138f4a25beec2acdd9641b7c0f4cb6772b 73704 389-ds-base-dev_2.3.1+dfsg1-1+deb12u1_amd64.deb 2e0093070ee233760f19f4c126fc59dd01dd382399657e1e8e5c7113a18420af 4098396 389-ds-base-libs-dbgsym_2.3.1+dfsg1-1+deb12u1_amd64.deb ab819febd0502088ed74d1d731f319e6b6ead3f712da7671224c7b22e0ec6e31 1099192 389-ds-base-libs_2.3.1+dfsg1-1+deb12u1_amd64.deb d052f28e0aabfb1f0b736eebfee7234dacdb8d33479f0e159ba102676c2cc534 20392 389-ds-base_2.3.1+dfsg1-1+deb12u1_amd64-buildd.buildinfo 8ca5b9c0fc99181c07728f88d7c1cf76b33a6c286814807e05eb05fdf73aef7f 2307724 389-ds-base_2.3.1+dfsg1-1+deb12u1_amd64.deb Files: 9ece996b3fcacd6dc532a0b7d26c2426 9508560 debug optional 389-ds-base-dbgsym_2.3.1+dfsg1-1+deb12u1_amd64.deb f0ed3cb6ed6225d67e9237bfed0368b6 73704 libdevel optional 389-ds-base-dev_2.3.1+dfsg1-1+deb12u1_amd64.deb bd05577a8cf168c082cd2d05a28cbaf6 4098396 debug optional 389-ds-base-libs-dbgsym_2.3.1+dfsg1-1+deb12u1_amd64.deb 18727fdaeed8c19df33b1db63c0024b9 1099192 libs optional 389-ds-base-libs_2.3.1+dfsg1-1+deb12u1_amd64.deb c02bc395b84ef407b116d3816487bb57 20392 net optional 389-ds-base_2.3.1+dfsg1-1+deb12u1_amd64-buildd.buildinfo 818f6e2d51097f91d8762385cab88cb7 2307724 net optional 389-ds-base_2.3.1+dfsg1-1+deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvy6d65NNYPbL6IQIEQ1nooK/IAQFAmeVIRcACgkQEQ1nooK/ IAQQ+BAArI4AkOazSIN75jdwqoDMiYFrJpkmcnvrgmwl0RA9+dL5CKOqGcCbCF0m ZsYcadYhMXoMArxgV7NJqieh99OoyPaP9WY1md0PbXir9MoZaeLDK/jPkkxJ2+Jd e61URgIzbvsxclZUmPnIQsWL7abW+rFsYW90FTPYkWisNLP9xEZAFIGCWZBahEbh FymsOBOTnNmIuQvqaKtF+BTUNB3dJdmdM8690G4yyjRz1Qk4mSBggMRIIXOs44xa K5wpWDfUkUvJMIghJT41/TOPc6MW0zoqO+hR4I21vdUgqdz0z7jnQL3aaw4DGXtN lNa1O1mCMcR47XIb1XFxvsZYfIgF/ygkiGwhqRb+TgXYkDZLwqmXo7vXFEwZ+qLj LOHG64w6k2+YIJOuqsX+JEIoSsJMMgCB480WK2nIkR27V3VAoXi43gNBdZQHaDBa urefl4Mc6co0CSwt3imb9hP15UAbawDvdQMvAHBAa48HqRjVsP+yPkQyUoKGZFbV a1e5v70dVJPObxD3PHGquzhdKv0U4zgpgOTTyf0TbN7DG+yu/VYxQUV5BNCRm8Wv L0At1RY6i8Wac/Cqm2QvDEXh+Z1z3L7EfZgtPlUjqb/h8BGNPdsaaAs6Xmzd+Piq diggpqVz5QcPbChSAGvuY3FKeCXyLu68C05Y1Waa4pptWhTDFJY= =h5Jw -----END PGP SIGNATURE-----