The 389 Directory Server project has announced the release of version 1.4.3.18. From the release announcements, it looks like some of the changes in these versions are:
- Fixed a security issue that could cause unexpected information to be returned in an LDAP request
- Fixed memory management issues that could cause crashes or potential security issues
- Fixed a potential crash when dereferencing an entry that exists but is not returned by an internal search
- Fixed a potential crash resulting from a division-by-zero in disk monitoring code
- Fixed an out-of-bounds issue affecting the file descriptor table
- Fixed an issue that may cause the changelog cache to upload updates from the wrong starting point
- Fixed an issue with singleLevel searches below “cn=monitor”
- Fixed a performance issue around the use of the TCP_NODELAY socket option
- Added a warning for skipped entries during an online LDIF import
- Added cockpit enabling to dsctl
- Added support for encoding passwords with gost-yescrypt
- Added the machine name as a subject alternative name when generating certificates
- Fixed an issue that could prevent dsidm from removing an organizationalUnit entry