On 21.12.2016 20:07, Moritz Muehlenhoff wrote: > On Sat, Aug 13, 2016 at 05:46:19PM +0200, Salvatore Bonaccorso wrote: >> Source: 389-ds-base >> Version: 1.3.3.5-4 >> Severity: important >> Tags: security upstream >> Forwarded: https://fedorahosted.org/389/ticket/48852 >> >> Hi, >> >> the following vulnerability was published for 389-ds-base. I'm filling >> to be able to track it in the BTS (I'm not familiar enough with >> 389-ds-base, but looks that it's planned to fix that in 1.3.6). >> >> CVE-2016-5416[0]: >> ACI readable by anonymous user > > What's the status? It's been four months without a followup to this security > bug...
Still unfixed upstream. -- t

