[Pkg-freeipa-devel] Bug#944150: 389-ds-base: CVE-2019-14824: Read permission check bypass via the deref plugin
Salvatore Bonaccorso
carnil at debian.org
Tue Nov 5 06:22:06 GMT 2019
Source: 389-ds-base
Version: 1.4.1.6-4
Severity: grave
Tags: security upstream
Hi,
The following vulnerability was published for 389-ds-base.
CVE-2019-14824[0]:
Read permission check bypass via the deref plugin
Note that [1] gives [2] as external reference, but there I get a 404
page not found. Not sure if the issue is marked private or the
reference is wrong.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-14824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14824
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1747448
[2] https://pagure.io/freeipa/issue/8050
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Pkg-freeipa-devel
mailing list