rpms/openldap/F-7 openldap-2.3.27-modify-noop.patch, NONE, 1.1 openldap.spec, 1.70, 1.71
Jan Šafránek (jsafrane)
fedora-extras-commits at redhat.com
Tue Feb 5 15:55:32 UTC 2008
- Previous message (by thread): rpms/cups/devel cups-1.3.x.patch, NONE, 1.1 cups-lspp.patch, 1.28, 1.29 cups.spec, 1.384, 1.385 cups-str2650.patch, 1.1, NONE cups-str2664.patch, 1.1, NONE
- Next message (by thread): rpms/openoffice.org/devel openoffice.org-2.2.0.ooo68717.gstreamer.video.patch, 1.6, 1.7 workspace.cairotext01.patch, 1.2, 1.3 workspace.notes2.patch, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jsafrane
Update of /cvs/pkgs/rpms/openldap/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32128
Modified Files:
openldap.spec
Added Files:
openldap-2.3.27-modify-noop.patch
Log Message:
fix CVE-2007-6698
Resolves: #431409
openldap-2.3.27-modify-noop.patch:
--- NEW FILE openldap-2.3.27-modify-noop.patch ---
431203: CVE-2007-6698 openldap: slapd crash on NOOP control operation on entry in bdb storage
Source: upstream, http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4925
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modify.c.diff?r1=1.124.2.16&r2=1.124.2.17&f=h
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/back-bdb/modify.c,v
retrieving revision 1.124.2.16
retrieving revision 1.124.2.17
diff -u -r1.124.2.16 -r1.124.2.17
--- servers/slapd/back-bdb/modify.c 2007/01/02 21:44:00 1.124.2.16
+++ servers/slapd/back-bdb/modify.c 2007/04/11 18:32:24 1.124.2.17
@@ -538,6 +538,8 @@
} else {
rs->sr_err = LDAP_X_NO_OPERATION;
ltid = NULL;
+ /* Only free attrs if they were dup'd. */
+ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL;
goto return_results;
}
} else {
Index: openldap.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openldap/F-7/openldap.spec,v
retrieving revision 1.70
retrieving revision 1.71
diff -u -r1.70 -r1.71
--- openldap.spec 14 Jan 2008 13:11:58 -0000 1.70
+++ openldap.spec 5 Feb 2008 15:54:51 -0000 1.71
@@ -13,7 +13,7 @@
Summary: The configuration files, libraries, and documentation for OpenLDAP
Name: openldap
Version: %{version_23}
-Release: 5%{?dist}
+Release: 6%{?dist}
License: OpenLDAP
Group: System Environment/Daemons
Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version_23}.tgz
@@ -45,6 +45,7 @@
Patch11: openldap-2.3.34-smbk5pwd.patch
Patch12: openldap-2.3.34-classes-dos.patch
Patch13: openldap-2.3.34-pcache.patch
+Patch14: openldap-2.3.27-modify-noop.patch
# Patches for 2.2.29 for the compat-openldap package.
Patch100: openldap-2.2.13-tls-fix-connection-test.patch
@@ -186,6 +187,7 @@
%patch11 -p1 -b .smbk5pwd
%patch12 -p0 -b .classes
%patch13 -p0 -b .pcache
+%patch14 -p0 -b .modify-noop
cp %{_datadir}/libtool/config.{sub,guess} build/
popd
@@ -751,13 +753,16 @@
%attr(0644,root,root) %{evolution_connector_libdir}/*.a
%changelog
-* Mon Jan 14 2008 Jan Safranek <jsafranek at redhat.com> 2.3.34-5%{?dist}
+* Tue Feb 5 2008 Jan Safranek <jsafranek at redhat.com> 2.3.34-6
+- fix CVE-2007-6698 (#431409)
+
+* Mon Jan 14 2008 Jan Safranek <jsafranek at redhat.com> 2.3.34-5
- fix default slurpd directory to /var/lib/ldap (#424831)
-* Fri Nov 2 2007 Jan Safranek <jsafranek at redhat.com> 2.3.34-4%{?dist}
+* Fri Nov 2 2007 Jan Safranek <jsafranek at redhat.com> 2.3.34-4
- fix various security flaws (#360081)
-* Fri Jul 13 2007 Jan Safranek <jsafranek at redhat.com> 2.3.34-3%{?dist}
+* Fri Jul 13 2007 Jan Safranek <jsafranek at redhat.com> 2.3.34-3
- Fix initscript return codes (#242667)
- Provide overlays including smbk5pwd (as modules; #246036, #245896, #220895)
- Add available modules to config file
@@ -771,7 +776,7 @@
- add ldconfig to devel post/postun (bz#240253)
- include misc.schema in default slapd.conf (bz#147805)
-* Mon Apr 23 2007 Jan Safranek <jsafranek at redhat.com> 2.3.34-2%{?dist}
+* Mon Apr 23 2007 Jan Safranek <jsafranek at redhat.com> 2.3.34-2
- slapadd during package update is now quiet (bz#224581)
- use _localstatedir instead of var/ during build (bz#220970)
- bind-libbind-devel removed from BuildRequires (bz#216851)
@@ -781,20 +786,20 @@
- do not strip binaries to produce correct .debuginfo packages
(bz#152516)
-* Mon Feb 19 2007 Jay Fenlason <fenlason<redhat.com> 2.3.34-1%{?dist}
+* Mon Feb 19 2007 Jay Fenlason <fenlason<redhat.com> 2.3.34-1
- New upstream release
- Upgrade the scripts for migrating the database so that they might
actually work.
- change bind-libbind-devel to bind-devel in BuildPreReq
-* Mon Dec 4 2006 Thomas Woerner <twoerner at redhat.com> 2.3.30-1.1%{?dist}
+* Mon Dec 4 2006 Thomas Woerner <twoerner at redhat.com> 2.3.30-1.1
- tcp_wrappers has a new devel and libs sub package, therefore changing build
requirement for tcp_wrappers to tcp_wrappers-devel
-* Wed Nov 15 2006 Jay Fenlason <fenlason at redhat.com> 2.3.30-1%{?dist}
+* Wed Nov 15 2006 Jay Fenlason <fenlason at redhat.com> 2.3.30-1
- New upstream version
-* Wed Oct 25 2006 Jay Fenlason <fenlason at redhat.com> 2.3.28-1%{?dist}
+* Wed Oct 25 2006 Jay Fenlason <fenlason at redhat.com> 2.3.28-1
- New upstream version
* Sun Oct 01 2006 Jesse Keating <jkeating at redhat.com> - 2.3.27-4
- Previous message (by thread): rpms/cups/devel cups-1.3.x.patch, NONE, 1.1 cups-lspp.patch, 1.28, 1.29 cups.spec, 1.384, 1.385 cups-str2650.patch, 1.1, NONE cups-str2664.patch, 1.1, NONE
- Next message (by thread): rpms/openoffice.org/devel openoffice.org-2.2.0.ooo68717.gstreamer.video.patch, 1.6, 1.7 workspace.cairotext01.patch, 1.2, 1.3 workspace.notes2.patch, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list