stable

freeipa-4.1.4-1.fc22 and slapi-nis-0.54.2-1.fc22

FEDORA-2015-4788 created by abbra 9 years ago for Fedora 22

CVE-2015-1827: It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash.

CVE-2015-0283: It was discovered that the slapi-nis Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for information about a group with many members, or a request for a user that belongs to a large number of groups, would cause a Directory Server to enter an infinite loop and consume an excessive amount of CPU time.

These issues were discovered by Sumit Bose of Red Hat.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2015-4788

This update has been submitted for testing by abbra.

9 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/51953/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/51953/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 22 testing updates repository.

9 years ago

This update is currently being pushed to the Fedora 22 testing updates repository.

9 years ago

This update has been pushed to testing

9 years ago
User Icon pbrobinson commented & provided feedback 9 years ago
karma

Works on ARMv7

User Icon dkupka commented & provided feedback 9 years ago
karma

Works for me.

User Icon mbasti commented & provided feedback 9 years ago
karma

Works for me

This update has reached the stable karma threshold and will be pushed to the stable updates repository

9 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/53122/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 22 stable updates repository.

9 years ago

This update has been pushed to stable

9 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
9 years ago
in testing
9 years ago
in stable
9 years ago
modified
9 years ago
BZ#1195729 CVE-2015-0283 slapi-nis: infinite loop in getgrnam_r() and getgrgid_r()
0
0
BZ#1205200 CVE-2015-1827 ipa: memory corruption when using get_user_grouplist()
0
0
BZ#1206047 CVE-2015-1827 freeipa: ipa: memory corruption when using get_user_grouplist() [fedora-all]
0
0
BZ#1206049 CVE-2015-0283 slapi-nis: infinite loop in getgrnam_r() and getgrgid_r() [fedora-all]
0
0

Automated Test Results