-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 16 Jan 2025 17:16:37 +0100 Source: 389-ds-base Binary: 389-ds-base 389-ds-base-dbgsym 389-ds-base-dev 389-ds-base-libs 389-ds-base-libs-dbgsym Architecture: i386 Version: 2.3.1+dfsg1-1+deb12u1 Distribution: bookworm Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) Changed-By: Andrej Shadura Description: 389-ds-base - 389 Directory Server suite - server 389-ds-base-dev - 389 Directory Server suite - development files 389-ds-base-libs - 389 Directory Server suite - libraries Closes: 1072531 1082852 Changes: 389-ds-base (2.3.1+dfsg1-1+deb12u1) bookworm; urgency=high . * Non-maintainer upload. * Apply security patches from the upstream: - CVE-2024-2199 and CVE-2024-8445: Crash when modifying userPassword using malformed input (Closes: #1072531, #1082852). - CVE-2024-5953: Denial of service while attempting to log in with a user with a malformed hash in their password. - CVE-2024-3657: Failure on the directory server with specially-crafted LDAP query leading to denial of service. Checksums-Sha1: a03b2e3d21c8fca141f5072f7052ff318cc71592 8696852 389-ds-base-dbgsym_2.3.1+dfsg1-1+deb12u1_i386.deb a07cfa31544ff3344fc8f3a0fb7d8e8aaa376f9c 73704 389-ds-base-dev_2.3.1+dfsg1-1+deb12u1_i386.deb fda3e68dff8ee2f4affa430132695c96b181c6fb 3846412 389-ds-base-libs-dbgsym_2.3.1+dfsg1-1+deb12u1_i386.deb b04f1ba0777b73b1edd77a319a4b0f22dbae1423 1190656 389-ds-base-libs_2.3.1+dfsg1-1+deb12u1_i386.deb a84eb3ce3156af328beb3d87f1a0d0d86b944a9c 20323 389-ds-base_2.3.1+dfsg1-1+deb12u1_i386-buildd.buildinfo db0ba7191c60561df0c574795ed5bcdea1638e62 2497248 389-ds-base_2.3.1+dfsg1-1+deb12u1_i386.deb Checksums-Sha256: 8c71f13e306da3bc206da82d6bf938d1884dad12d839388c5f9f6eb7072b56af 8696852 389-ds-base-dbgsym_2.3.1+dfsg1-1+deb12u1_i386.deb 0cb21522223337f185efbca4ef0fddd92ab5dda986ab0225f85d7f4ecef5452c 73704 389-ds-base-dev_2.3.1+dfsg1-1+deb12u1_i386.deb 1f6f34436718c8054d79f730bfda2b82b4509a15f15add2f75d3bbaabefcf920 3846412 389-ds-base-libs-dbgsym_2.3.1+dfsg1-1+deb12u1_i386.deb 36fcdf0593059462b2242342fbd097c0e08ffcb779c62f3368064878f549c44c 1190656 389-ds-base-libs_2.3.1+dfsg1-1+deb12u1_i386.deb b45a02caab5e09815034012c18b48939034713aeff4b37f19a70a07039ffe574 20323 389-ds-base_2.3.1+dfsg1-1+deb12u1_i386-buildd.buildinfo 63dbc2d663adaa4d9ffb8c2f16927144209b461ad37c81d27092e712c6b4e570 2497248 389-ds-base_2.3.1+dfsg1-1+deb12u1_i386.deb Files: 577921e1ce0bb097da93d4f9901d42c3 8696852 debug optional 389-ds-base-dbgsym_2.3.1+dfsg1-1+deb12u1_i386.deb ca8b87d14c5692fa298385dadb6d3585 73704 libdevel optional 389-ds-base-dev_2.3.1+dfsg1-1+deb12u1_i386.deb 7c82c42c101e31279988aa2926b20779 3846412 debug optional 389-ds-base-libs-dbgsym_2.3.1+dfsg1-1+deb12u1_i386.deb 89c0b1cb56152ac4523e36ca98ebba9a 1190656 libs optional 389-ds-base-libs_2.3.1+dfsg1-1+deb12u1_i386.deb 94640f8067008ff8e693b8720612678c 20323 net optional 389-ds-base_2.3.1+dfsg1-1+deb12u1_i386-buildd.buildinfo 8747a0376fadce0b20149ce9053c5622 2497248 net optional 389-ds-base_2.3.1+dfsg1-1+deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEGBeuno8wiDXCewDuqqLQG5ksqMMFAmeVIO8ACgkQqqLQG5ks qMPjgQ/+Lq6Ql9IZLCTML+ddO/HcVDv20pXFJWXI9zrjbzlYTWJ/74URtT/asYj9 xCidbmF1NHGqQliRHVa6hh/gaJu8+9omRUh3JFHQ/w+5jj1actJQCXU0fB47yLcz VEo1eQ5vIo09Th4wRSlGKf4Ob5jzzMXRopvL4V+yJX+eGJR8HkLA2PKS0N84VvA3 lGNl46ZzueBW32k89DxvaX7yuDmQXjJP+GZnhwcraTeuKXBIIS5P8GTQhpG2XBsP q50Pt6Rl9MIe7Y8/R4+jEiHL160Vs6Rwag0yT1IaxMWWsS/4p1RMti69CPMapRoe p9RaBfPyeqwKktAm2wQ7/V3xHLKqgizDOU68guDFivjo5oeXC3AvMKKw6MnXYlKN HjmQDThsPXZO+qdAKEMeP/cviCVicoSSFUnWMLcILHCMsgpbN/5uTVVquJxnma/o 5Dk7LUtDXwR6LEbPjf9dMFCzFpVFIJ0jgPSTSq4JlwI84jagFRHKxhEaBBnZQmSo cWg8PP6N5KW/34jpRayBquy3DO0q0B1lZkDVXxQO+AzwFebAhCme8uv2TIF5WA6w n4b8kzXBtrjGukSRZDpnBAf61zJ0YI2aubgt67z0hytkyD2dMU9JY5f4qKX/zzwB qzPGAUmaUzoJFyVmgaDSBU9VDnzzNq80V1h+yU/VkJe+pMCth/s= =yGmX -----END PGP SIGNATURE-----