[Pkg-freeipa-devel] Bug#944150: 389-ds-base: CVE-2019-14824: Read permission check bypass via the deref plugin

Salvatore Bonaccorso carnil at debian.org
Tue Nov 5 06:22:06 GMT 2019

Source: 389-ds-base
Severity: grave
Tags: security upstream


The following vulnerability was published for 389-ds-base.

Read permission check bypass via the deref plugin

Note that [1] gives [2] as external reference, but there I get a 404
page not found. Not sure if the issue is marked private or the
reference is wrong.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-14824
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1747448
[2] https://pagure.io/freeipa/issue/8050

Please adjust the affected versions in the BTS as needed.


More information about the Pkg-freeipa-devel mailing list