Recommended update for 389-ds

Announcement ID: SUSE-RU-2020:1761-1
Rating: moderate
References:
Affected Products:
  • Server Applications Module 15-SP1
  • SUSE Linux Enterprise High Performance Computing 15 SP1
  • SUSE Linux Enterprise Real Time 15 SP1
  • SUSE Linux Enterprise Server 15 SP1
  • SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1
  • SUSE Manager Proxy 4.0
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Server 4.0

An update that has one fix can now be installed.

Description:

This update for 389-ds fixes the following issues:

  • Resolve TLS 1.0 recognition issue. (bsc#1171749)
  • Update from version 1.4.2.12~git0.b11942c36 to version 1.4.2.14~git0.5ac5b02ce:
  • Allow using uid for replication manager entry
  • Abort operation if CSN can not be generated
  • Fix ASAN ODR warnings
  • RFE - ds-replcheck - make online timeout configurable
  • Remove unnecessary slapi entry dups
  • Improve dscreate instance name validation
  • Ignore pid when it is ourself in protect_db
  • Fix some npm audit issues
  • Healthcheck json report fails when mapping tree is deleted
  • Container pid start and stop issues
  • Fix return code when it's nothing to free
  • Abort when a empty valueset is freed
  • Memory leaks in dbscan and changelog encryption
  • Prevent unnecessarily duplication of the target entry
  • Permissions of some shipped directories may change over time
  • Fix implementation of attr unique
  • Add nsslapd-enable-upgrade-hash to the schema
  • Deadlock when updating the schema
  • Unable to set sslVersionMin to TLS1.0
  • Unable to install server where IPv6 is disabled
  • CLI fix consistency issues with confirmations
  • React deprecating ComponentWillMount
  • Fix npm audit issues
  • Heavy StartTLS connection load can randomly fail with err=1
  • Transition between two instances needs improvement
  • Replace exec() with setattr()
  • The check for the ds version for the backend config was broken
  • Refactor passwordUserAttributes's and passwordBadWords's code
  • slapi_pal.c possible static buffer overflow
  • Remove dbmon "incr" option from arg parser
  • Port dbmon.sh to dsconf
  • Intermittent SSL hang with rhds
  • SSCA lacks basicConstraint:CA
  • Database links: get_monitor() takes 1 positional argument but 2 were given
  • Setting nsslapd-allowed-sasl-mechanisms truncates the value

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • Server Applications Module 15-SP1
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP1-2020-1761=1

Package List:

  • Server Applications Module 15-SP1 (aarch64 ppc64le s390x x86_64)
    • libsvrcore0-debuginfo-1.4.2.14~git0.5ac5b02ce-7.19.2
    • 389-ds-debuginfo-1.4.2.14~git0.5ac5b02ce-7.19.2
    • libsvrcore0-1.4.2.14~git0.5ac5b02ce-7.19.2
    • 389-ds-snmp-debuginfo-1.4.2.14~git0.5ac5b02ce-7.19.2
    • lib389-1.4.2.14~git0.5ac5b02ce-7.19.2
    • 389-ds-snmp-1.4.2.14~git0.5ac5b02ce-7.19.2
    • 389-ds-devel-1.4.2.14~git0.5ac5b02ce-7.19.2
    • 389-ds-1.4.2.14~git0.5ac5b02ce-7.19.2
    • 389-ds-debugsource-1.4.2.14~git0.5ac5b02ce-7.19.2

References: