Security update for 389-ds

This update for 389-ds fixes the following issues:

- CVE-2017-7551: 389-ds-base: Password brute-force possible for locked account due to different return codes (bsc#1051997)
- CVE-2016-4992: 389-ds: Information disclosure via repeated use of LDAP ADD operation (bsc#997256)
- CVE-2016-5405: 389-ds: Password verification vulnerable to timing attack (bsc#1007004)
- CVE-2017-2591: 389-ds-base: Heap buffer overflow in uiduniq.c (bsc#1020670)
- CVE-2017-2668 389-ds Remote crash via crafted LDAP messages (bsc#1069067)
- CVE-2016-0741: 389-ds: worker threads do not detect abnormally closed connections causing DoS (bsc#1069074)

Fixed bugs
bnc#1051997
VUL-0: CVE-2017-7551: 389-ds-base: Password brute-force possible for locked account due to different return codes
bnc#997256
VUL-0: CVE-2016-4992: 389-ds: Information disclosure via repeated use of LDAP ADD operation
bnc#1007004
VUL-0: CVE-2016-5405: 389-ds: Password verification vulnerable to timing attack
bnc#1020670
VUL-1: CVE-2017-2591: 389-ds-base: Heap buffer overflow in uiduniq.c
bnc#1069067
VUL-0: CVE-2017-2668 389-ds Remote crash via crafted LDAP messages
bnc#1069074
VUL-0: CVE-2016-0741: 389-ds: worker threads do not detect abnormally closed connections causing DoS
Selected Binaries
openSUSE Build Service is sponsored by