Bug#1034891: closed by Timo Aaltonen (Re: [Pkg-freeipa-devel] Bug#1034891: 389-ds-base: CVE-2023-1055)
Hi, On Mon, Jan 08, 2024 at 07:06:10PM +0100, Salvatore Bonaccorso wrote: > Hi, > > On Mon, Jan 08, 2024 at 06:56:40PM +0100, Salvatore Bonaccorso wrote: > > > Source: 389-ds-base > > > Version: 2.3.4+dfsg1-1 > > > > > > Moritz Mühlenhoff kirjoitti 26.4.2023 klo 20.43: > > > > Source: 389-ds-base > > > > X-Debbugs-CC: t...@security.debian.org > > > > Severity: important > > > > Tags: security > > > > > > > > Hi, > > > > > > > > The following vulnerability was published for 389-ds-base. > > > > > > > > CVE-2023-1055[0]: > > > > | A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP > > > > | tries to decode the userPassword attribute instead of the > > > > | userCertificate attribute which could lead into sensitive information > > > > | leaked. An attacker with a local account where the cockpit-389-ds is > > > > | running can list the processes and display the hashed passwords. The > > > > | highest threat from this vulnerability is to data confidentiality. > > > > > > > > https://bugzilla.redhat.com/show_bug.cgi?id=2173517 > > > > > > > > If you fix the vulnerability please also make sure to include the > > > > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > > > > > > > For further information see: > > > > > > > > [0] https://security-tracker.debian.org/tracker/CVE-2023-1055 > > > > https://www.cve.org/CVERecord?id=CVE-2023-1055 > > > > > > > > Please adjust the affected versions in the BTS as needed. > > > > > > this was fixed upstream in 2.3.2 > > > > Do you have a reference to an upstream issue and/or upstream changes > > in 2.3.2 which fixes the issue? > > Or is it actually more related to > https://github.com/389ds/389-ds-base/issues/5687 which then would be > in 2.3.5 instead? (and inline with fedora importing 2.3.5 and > addressing the CVE?) Looks it is https://github.com/389ds/389-ds-base/commit/8483d60de374be78ce3dd423ac7ad7a3cdc5eaca#diff-2cf572ab2e20b5e58a2f66fc7b07b00cd2781cd376aaf52e6d82bb351ed0d0e9L364-L371 in 2.3.3, and first included in 2.3.4+dfsg1-1. Regards, Salvatore
Bug#1034891: closed by Timo Aaltonen (Re: [Pkg-freeipa-devel] Bug#1034891: 389-ds-base: CVE-2023-1055)
Hi, On Mon, Jan 08, 2024 at 06:56:40PM +0100, Salvatore Bonaccorso wrote: > > Source: 389-ds-base > > Version: 2.3.4+dfsg1-1 > > > > Moritz Mühlenhoff kirjoitti 26.4.2023 klo 20.43: > > > Source: 389-ds-base > > > X-Debbugs-CC: t...@security.debian.org > > > Severity: important > > > Tags: security > > > > > > Hi, > > > > > > The following vulnerability was published for 389-ds-base. > > > > > > CVE-2023-1055[0]: > > > | A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP > > > | tries to decode the userPassword attribute instead of the > > > | userCertificate attribute which could lead into sensitive information > > > | leaked. An attacker with a local account where the cockpit-389-ds is > > > | running can list the processes and display the hashed passwords. The > > > | highest threat from this vulnerability is to data confidentiality. > > > > > > https://bugzilla.redhat.com/show_bug.cgi?id=2173517 > > > > > > If you fix the vulnerability please also make sure to include the > > > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > > > > > For further information see: > > > > > > [0] https://security-tracker.debian.org/tracker/CVE-2023-1055 > > > https://www.cve.org/CVERecord?id=CVE-2023-1055 > > > > > > Please adjust the affected versions in the BTS as needed. > > > > this was fixed upstream in 2.3.2 > > Do you have a reference to an upstream issue and/or upstream changes > in 2.3.2 which fixes the issue? Or is it actually more related to https://github.com/389ds/389-ds-base/issues/5687 which then would be in 2.3.5 instead? (and inline with fedora importing 2.3.5 and addressing the CVE?) Regards, Salvatore
Bug#1034891: closed by Timo Aaltonen (Re: [Pkg-freeipa-devel] Bug#1034891: 389-ds-base: CVE-2023-1055)
> Source: 389-ds-base > Version: 2.3.4+dfsg1-1 > > Moritz Mühlenhoff kirjoitti 26.4.2023 klo 20.43: > > Source: 389-ds-base > > X-Debbugs-CC: t...@security.debian.org > > Severity: important > > Tags: security > > > > Hi, > > > > The following vulnerability was published for 389-ds-base. > > > > CVE-2023-1055[0]: > > | A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP > > | tries to decode the userPassword attribute instead of the > > | userCertificate attribute which could lead into sensitive information > > | leaked. An attacker with a local account where the cockpit-389-ds is > > | running can list the processes and display the hashed passwords. The > > | highest threat from this vulnerability is to data confidentiality. > > > > https://bugzilla.redhat.com/show_bug.cgi?id=2173517 > > > > If you fix the vulnerability please also make sure to include the > > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > > > For further information see: > > > > [0] https://security-tracker.debian.org/tracker/CVE-2023-1055 > > https://www.cve.org/CVERecord?id=CVE-2023-1055 > > > > Please adjust the affected versions in the BTS as needed. > > this was fixed upstream in 2.3.2 Do you have a reference to an upstream issue and/or upstream changes in 2.3.2 which fixes the issue? Regards, Salvatore
Bug#1034891: 389-ds-base: CVE-2023-1055
Source: 389-ds-base X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for 389-ds-base. CVE-2023-1055[0]: | A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP | tries to decode the userPassword attribute instead of the | userCertificate attribute which could lead into sensitive information | leaked. An attacker with a local account where the cockpit-389-ds is | running can list the processes and display the hashed passwords. The | highest threat from this vulnerability is to data confidentiality. https://bugzilla.redhat.com/show_bug.cgi?id=2173517 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-1055 https://www.cve.org/CVERecord?id=CVE-2023-1055 Please adjust the affected versions in the BTS as needed.