SUSE-RU-2020:1186-1: moderate: Recommended update for 389-ds

sle-updates at lists.suse.com sle-updates at lists.suse.com
Tue May 5 10:16:53 MDT 2020 

   SUSE Recommended Update: Recommended update for 389-ds
______________________________________________________________________________

Announcement ID:    SUSE-RU-2020:1186-1
Rating:             moderate
References:         #1169364 
Affected Products:
                    SUSE Linux Enterprise Module for Server Applications 15-SP1
                    SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
______________________________________________________________________________

   An update that has one recommended fix can now be installed.

Description:

   This update for 389-ds fixes the following issues:

   - Update ns-slapd ownership to remove dirsrv as an owner as dirsrv will
     not exist in containers with systemd users.

   Update to version 1.4.2.12~git0.b11942c36:

     * Issue 50337 - Replace exec() with setattr()
     * Issue 50545 - the check for the ds version for the backend config was
       broken
     * Issue 50875 - Refactor passwordUserAttributes's and passwordBadWords's
       code
     * Ticket 51014 - slapi_pal.c possible static buffer overflow
     * Issue 50545 - remove dbmon "incr" option from arg parser
     * Issue 50545 - Port dbmon.sh to dsconf
     * Ticket 50905 - intermittent SSL hang with rhds
     * Issue 50952 - SSCA lacks basicConstraint:CA
     * Issue 50640 - Database links: get_monitor() takes 1 positional
       argument but 2 were given
     * Issue 50869 - Setting nsslapd-allowed-sasl-mechanisms truncates the
       value


   Update to version 1.4.2.11~git0.aff1a2831: (bsc#1169364)

     * Issue 50994 - Fix latest UI bugs found by QE
     * Issue 50337 - Replace exec() with setattr()
     * Issue 50984 - Memory leaks in disk monitoring
     * Issue 50975 - Revise UI branding with new minimized build
     * Issue 49437 - Fix memory leak with indirect COS
     * Issue 50976 - Clean up Web UI source directory from unused files
     * Issue 50744 - -n option of dbverify does not work
     * Issue 50952- SSCA lacks basicConstraint:CA
     * Bump version to 1.4.2.10
     * Issue 50966 - UI - Database indexes not using typeAhead correctly
     * Issue 50974 - UI - wrong title in "Delete Suffix" popup
     * Issue 50972 - Fix cockpit plugin build
     * Issue 50800 - wildcards in rootdn-allow-ip attribute are not accepted
     * Issue 50963 - We should bundle *.min.js files of Console
     * Bump version to 1.4.2.9
     * Ticket: 50755 - setting nsslapd-db-home-directory is overriding
       db_directory
     * Issue 50937 - Update CLI for new backend split configuration
     * Issue 50499 - Fix npm audit issues
     * Issue 50884 -  Health check tool DSEldif check fails
     * Issue 50926 - Remove dual spinner and other UI fixes
     * Issue 49845 - Remove pkgconfig check for libasan
     * Issue 50758 - Only Recommend bash-completion, not Require
     * Issue 50928 - Unable to create a suffix with countryName
     * Issue 50904 - Connect All React Components And Refactor the Main
       Navigation Tab Code
     * Issue 50919 - Backend delete fails using dsconf
     * Issue 50872 - dsconf can't create GSSAPI replication agreements
     * Ticket 50914 - No error returned when adding an entry matching filters
       for a non existing automember group
     * Issue 50909 - nsDS5ReplicaId cant be set to the old value it had before
     * Ticket 50618 - support cgroupv2
     * Ticket 50898 - ldclt core dumped when run with -e genldif option
     * Bump version to 1.4.2.8
     * Issue 50855 - remove unused file from UI
     * Issue 50855 - UI: Port Server Tab to React
     * Issue 49845 - README does not contain complete information on building
     * Ticket - 49623-cont cenotaph errors on modrdn operations
     * Issue 50882 - Fix healthcheck errors for instances that do not have
       TLS enabled
     * Issue 50886 - Typo in the replication debug message
     * Issue 50873 - Fix healthcheck and virtual attr check
     * Issue 50873 - Fix issues with healthcheck tool
     * Ticket 50857 - Memory leak in ACI using IP subject
     * Issue 50823 - dsctl doesn't work with 'slapd-' in the instance name
     * Ticket 49624 cont - DB Deadlock on modrdn appears to corrupt database
       and entry cache
     * Issue 50850 - Fix dsctl healthcheck for python36
     * Issue 49990 - Need to enforce a hard maximum limit for file descriptors
     * Bump version to 1.4.2.7
     * Issue 49254 - Fix compiler failures and warnings
     * Ticket 50741-cont bdb_start - Detected Disorderly Shutdown
     * Issue 50836 - Port Schema UI tab to React
     * Issue 50842 - Decrease 389-console Cockpit component size
     * Ticket 50790 - Add result text when filter is invalid
     * Issue 50834 - Incorrectly setting the NSS default SSL version max
     * Issue 50829 - Disk monitoring rotated log cleanup causes
       heap-use-after-free
     * Ticket 50709 - (cont) Several memory leaks reported by Valgrind for
       389-ds 1.3.9.1-10
     * Issue 50599 - Fix memory leak when removing db region files
     * Issue 49395 - Set the default TLS version min to TLS1.2
     * Issue 50818 - dsconf pwdpolicy get error
     * Issue 50824 - dsctl remove fails with "name 'ensure_str' is not
       defined"
     * Issue 50599 - Remove db region files prior to db recovery
     * Issue 50812 -  dscontainer executable should be placed under
       /usr/libexec/dirsrv/
     * Issue 50816 - dsconf allows the root password to be set to nothing
     * Issue 50798 - incorrect bytes in format string(fix import issue)

   - resolve a warning found in static analysis in OBS (upstream #51014)


Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Server Applications 15-SP1:

      zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP1-2020-1186=1

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1:

      zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-1186=1



Package List:

   - SUSE Linux Enterprise Module for Server Applications 15-SP1 (aarch64 ppc64le s390x x86_64):

      389-ds-1.4.2.12~git0.b11942c36-7.15.1
      389-ds-debuginfo-1.4.2.12~git0.b11942c36-7.15.1
      389-ds-debugsource-1.4.2.12~git0.b11942c36-7.15.1
      389-ds-devel-1.4.2.12~git0.b11942c36-7.15.1
      389-ds-snmp-1.4.2.12~git0.b11942c36-7.15.1
      389-ds-snmp-debuginfo-1.4.2.12~git0.b11942c36-7.15.1
      lib389-1.4.2.12~git0.b11942c36-7.15.1
      libsvrcore0-1.4.2.12~git0.b11942c36-7.15.1
      libsvrcore0-debuginfo-1.4.2.12~git0.b11942c36-7.15.1

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64):

      389-ds-debuginfo-1.4.2.12~git0.b11942c36-7.15.1
      389-ds-debugsource-1.4.2.12~git0.b11942c36-7.15.1
      389-ds-snmp-1.4.2.12~git0.b11942c36-7.15.1
      389-ds-snmp-debuginfo-1.4.2.12~git0.b11942c36-7.15.1


References:

   https://bugzilla.suse.com/1169364

More information about the sle-updates mailing list