Bump version to 2.1.1-1
Resolves: Bug 2061801 - rebase 389-ds-base to 2.1.1
This commit is contained in:
Mark Reynolds
parent
265418f26c
commit
61a477e918
|
|
@ -210,3 +210,4 @@
|
|||
/389-ds-base-2.0.13.tar.bz2
|
||||
/389-ds-base-2.0.14.tar.bz2
|
||||
/389-ds-base-2.1.0.tar.bz2
|
||||
/389-ds-base-2.1.1.tar.bz2
|
||||
|
|
|
|||
|
|
@ -1,31 +0,0 @@
|
|||
From d41352806f44c47a9e99f9eb1b0bdfef7b0aa4f4 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Reynolds <mreynolds@redhat.com>
|
||||
Date: Tue, 25 Jan 2022 12:27:02 -0500
|
||||
Subject: [PATCH] Bug 2027783 - CVE-2021-4091 389-ds-base: double-free of the
|
||||
virtual attribute context in persistent search
|
||||
|
||||
Description: Fix double free. The double free is related to
|
||||
persistent search req. It was introduced with i
|
||||
https://pagure.io/389-ds-base/issue/49097
|
||||
|
||||
Reviewed by: mreynolds, progier, jchapman
|
||||
---
|
||||
ldap/servers/slapd/pblock.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
|
||||
index 94e7c0ab7..56bbfc92e 100644
|
||||
--- a/ldap/servers/slapd/pblock.c
|
||||
+++ b/ldap/servers/slapd/pblock.c
|
||||
@@ -330,6 +330,8 @@ slapi_pblock_clone(Slapi_PBlock *pb)
|
||||
if (pb->pb_intplugin != NULL) {
|
||||
_pblock_assert_pb_intplugin(new_pb);
|
||||
*(new_pb->pb_intplugin) = *(pb->pb_intplugin);
|
||||
+ /* Make sure that only the cloned pblock refers to vattr_context */
|
||||
+ pb->pb_intplugin->pb_vattr_context = NULL;
|
||||
}
|
||||
if (pb->pb_deprecated != NULL) {
|
||||
_pblock_assert_pb_deprecated(new_pb);
|
||||
--
|
||||
2.31.1
|
||||
|
||||
|
|
@ -46,7 +46,7 @@ ExcludeArch: i686
|
|||
|
||||
Summary: 389 Directory Server (base)
|
||||
Name: 389-ds-base
|
||||
Version: 2.1.0
|
||||
Version: 2.1.1
|
||||
Release: 1%{?dist}
|
||||
License: GPLv3+ and ASL 2.0
|
||||
URL: https://www.port389.org
|
||||
|
|
@ -147,8 +147,9 @@ Provides: bundled(crate(zeroize_derive)) = 1.3.1
|
|||
|
||||
##### Bundled cargo crates list - END #####
|
||||
|
||||
BuildRequires: nspr-devel
|
||||
BuildRequires: nss-devel >= 3.34
|
||||
BuildRequires: nspr-devel >= 4.32
|
||||
BuildRequires: nss-devel >= 3.67.0-7
|
||||
|
||||
BuildRequires: openldap-devel
|
||||
BuildRequires: lmdb-devel
|
||||
BuildRequires: libdb-devel
|
||||
|
|
@ -231,8 +232,8 @@ Requires: python%{python3_pkgversion}-ldap
|
|||
|
||||
# this is needed to setup SSL if you are not using the
|
||||
# administration server package
|
||||
Requires: nss-tools
|
||||
Requires: nss >= 3.34
|
||||
Requires: nspr >= 4.32
|
||||
Requires: nss >= 3.67.0-7
|
||||
%dirsrv_requires_ge nss
|
||||
|
||||
# these are not found by the auto-dependency method
|
||||
|
|
@ -265,7 +266,6 @@ Source2: %{name}-devel.README
|
|||
%if %{bundle_jemalloc}
|
||||
Source3: https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2
|
||||
%endif
|
||||
Patch01: 0001-Bug-2027783-CVE-2021-4091-389-ds-base-double-free-of.patch
|
||||
|
||||
%description
|
||||
389 Directory Server is an LDAPv3 compliant server. The base package includes
|
||||
|
|
@ -278,8 +278,8 @@ Please see http://seclists.org/oss-sec/2016/q1/363 for more information.
|
|||
|
||||
%package libs
|
||||
Summary: Core libraries for 389 Directory Server
|
||||
BuildRequires: nspr-devel
|
||||
BuildRequires: nss-devel >= 3.34
|
||||
BuildRequires: nspr >= 4.32
|
||||
BuildRequires: nss >= 3.67.0-7
|
||||
BuildRequires: openldap-devel
|
||||
BuildRequires: libdb-devel
|
||||
BuildRequires: cyrus-sasl-devel
|
||||
|
|
@ -715,6 +715,10 @@ exit 0
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu May 12 2022 Mark Reynolds <mreynolds@redhat.com> - 2.1.1-1
|
||||
- Bump version to 2.1.1-1
|
||||
- Resolves: Bug 2061801 - rebase 389-ds-base to 2.1.1
|
||||
|
||||
* Tue Mar 8 2022 Mark Reynolds <mreynolds@redhat.com> - 2.1.0-1
|
||||
- Bump version to 2.1.0-1
|
||||
- Resolves: Bug 2061801 - rebase 389-ds-base to 2.1.0
|
||||
|
|
|
|||
2
sources
2
sources
|
|
@ -1,2 +1,2 @@
|
|||
SHA512 (389-ds-base-2.1.0.tar.bz2) = 496195b848566a0ccee272f06a041e2f764a5c8f3d84651a0fc3c7ca9128102ac6e8a8c9ae0945ce1742f39006daa724e394d0481d7c494a9701bf6c8709be51
|
||||
SHA512 (389-ds-base-2.1.1.tar.bz2) = 38feb135847ef409e03642433a84aea84b65f7c0d55cae35e71ff3c541e2c33bb5c1b207096438c7578db7ec98ce8b3fa3a0282d3ca0637ad9e593bc324fb78c
|
||||
SHA512 (jemalloc-5.2.1.tar.bz2) = 0bbb77564d767cef0c6fe1b97b705d368ddb360d55596945aea8c3ba5889fbce10479d85ad492c91d987caacdbbdccc706aa3688e321460069f00c05814fae02
|
||||
|
|
|
|||
Loading…
Reference in New Issue