-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: 389-ds-base
Version: 1.3.3.5-4+deb8u5
A regression was found in the recent security update for 389-ds-base
(the 389 Directory Server), announced as DLA-1554-2, caused by an
incomplete fix for CVE-2018-14648. The regression
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: 389-ds-base
Version: 1.3.3.5-4+deb8u4
CVE ID : CVE-2018-14648
It was discovered that 389-ds-base (the 389 Directory Server) is vulnerable
to search queries with malformed values in the do_search() function