Hi 389-ds-base has five open CVE's, all fixed by the new upstream release which is staged in git: git://git.debian.org/git/pkg-fedora-ds/389-ds-base.git not finalized/tagged yet but tested. I'm also a DM so if someone feels like giving me upload permission to that package (or all of pkg-fedora-ds) I certainly wouldn't mind :) -- t