CVE-2015-1827: It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash.
CVE-2015-0283: It was discovered that the slapi-nis Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for information about a group with many members, or a request for a user that belongs to a large number of groups, would cause a Directory Server to enter an infinite loop and consume an excessive amount of CPU time.
These issues were discovered by Sumit Bose of Red Hat.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2015-4747
Please login to add feedback.
This update has been submitted for testing by abbra.
Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/51918/steps/runtask/logs/stdio (results are informative only)
Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/51918/steps/runtask/logs/stdio (results are informative only)
This update is currently being pushed to the Fedora 21 testing updates repository.
This update is currently being pushed to the Fedora 21 testing updates repository.
This update has been pushed to testing
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by abbra.
Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/55132/steps/runtask/logs/stdio (results are informative only)
This update is currently being pushed to the Fedora 21 stable updates repository.
This update has been pushed to stable