Security update for 389-ds SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:01807-1 Final 1 1 2025-06-03T13:15:20Z current 2025-06-03T13:15:20Z 2025-06-03T13:15:20Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for 389-ds This update for 389-ds fixes the following issues: Security fixes: - CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242666) Other fixes: - Enable memory accounting as SUSE disables it by default (bsc#1241016). - Fix dsidm service get_dn option failing (bsc#1241988) - Version update 2.2.10~git99.aa5d0ecbf Various fixes and solved issues from github repository The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-1807,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1807,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1807,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1807,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1807 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202501807-1/ Link for SUSE-SU-2025:01807-1 https://lists.suse.com/pipermail/sle-security-updates/2025-June/021020.html E-Mail link for SUSE-SU-2025:01807-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1241016 SUSE Bug 1241016 https://bugzilla.suse.com/1241988 SUSE Bug 1241988 https://bugzilla.suse.com/1242666 SUSE Bug 1242666 https://www.suse.com/security/cve/CVE-2025-3416/ SUSE CVE CVE-2025-3416 page SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS SUSE Linux Enterprise Server 15 SP5-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP5 389-ds-2.2.10~git99.aa5d0ecbf-150500.3.36.1 389-ds-devel-2.2.10~git99.aa5d0ecbf-150500.3.36.1 389-ds-snmp-2.2.10~git99.aa5d0ecbf-150500.3.36.1 lib389-2.2.10~git99.aa5d0ecbf-150500.3.36.1 libsvrcore0-2.2.10~git99.aa5d0ecbf-150500.3.36.1 389-ds-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS 389-ds-devel-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS lib389-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS libsvrcore0-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS 389-ds-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS 389-ds-devel-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS lib389-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS libsvrcore0-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS 389-ds-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS 389-ds-devel-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS lib389-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS libsvrcore0-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS 389-ds-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 389-ds-devel-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 lib389-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 libsvrcore0-2.2.10~git99.aa5d0ecbf-150500.3.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string. CVE-2025-3416 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:389-ds-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:389-ds-devel-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:lib389-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsvrcore0-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:389-ds-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:389-ds-devel-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:lib389-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsvrcore0-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise Server 15 SP5-LTSS:389-ds-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise Server 15 SP5-LTSS:389-ds-devel-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise Server 15 SP5-LTSS:lib389-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise Server 15 SP5-LTSS:libsvrcore0-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:389-ds-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:389-ds-devel-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:lib389-2.2.10~git99.aa5d0ecbf-150500.3.36.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsvrcore0-2.2.10~git99.aa5d0ecbf-150500.3.36.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202501807-1/ https://www.suse.com/security/cve/CVE-2025-3416.html CVE-2025-3416 https://bugzilla.suse.com/1242599 SUSE Bug 1242599