rpms/openldap/devel openldap-2.3.27-modify-noop.patch,NONE,1.1
Jan Šafránek (jsafrane)
fedora-extras-commits at redhat.com
Fri Feb 8 14:21:33 UTC 2008
Author: jsafrane
Update of /cvs/pkgs/rpms/openldap/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30153
Added Files:
openldap-2.3.27-modify-noop.patch
Log Message:
fix CVE-2008-0658
Resolves: #432014
openldap-2.3.27-modify-noop.patch:
--- NEW FILE openldap-2.3.27-modify-noop.patch ---
432013: CVE-2008-0658 openldap: slapd crash on modrdn operation with NOOP control on entry in bdb storage
Source: upstream,
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/back-bdb/modify.c,v
retrieving revision 1.124.2.16
retrieving revision 1.124.2.17
--- servers/slapd/back-bdb/modrdn.c 2008/01/11 03:01:37 1.197
+++ servers/slapd/back-bdb/modrdn.c 2008/02/07 11:06:24 1.198
@@ -739,6 +739,8 @@
} else {
rs->sr_err = LDAP_X_NO_OPERATION;
ltid = NULL;
+ /* Only free attrs if they were dup'd. */
+ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL;
goto return_results;
}
More information about the fedora-extras-commits
mailing list