389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. Red Hat would like to thank Joachim Jabs for reporting this issue. Bug Fix: * Previously, the deref plug-in failed to dereference attributes that use distinguished name syntax, such as uniqueMember. With this patch, the deref plug-in can dereference such attributes and additionally Name and Optional UID syntax. As a result, the deref plug-in now supports any syntax