389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: remote Denial of Service via search filters in SetUnicodeStringFromUTF_8 in collate.c * 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. The CVE-2017-15135 issue was discovered by Martin Poole .