import libldb-2.1.3-2.el8

2020-11-03 06:49:34 -05:00 · 2020-11-03 06:49:34 -05:00 · 37b99dac8a
commit 37b99dac8a
parent aa054c1de6
4 changed files with 64 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/ldb-2.0.7.tar.gz
+SOURCES/ldb-2.1.3.tar.gz
--- a/.libldb.metadata
+++ b/.libldb.metadata
@ -1 +1 @@
-f80b43fd7461fccfd14d9f81eb83c3bd1543940f SOURCES/ldb-2.0.7.tar.gz
+06d1c8457e56b2df26cec16253a62acc789aa6fb SOURCES/ldb-2.1.3.tar.gz
--- a/SOURCES/CVE-2020-10730.patch
+++ b/SOURCES/CVE-2020-10730.patch
@ -0,0 +1,48 @@
 From 3bdc110e167d7e0f20022dea48ec51b1f46369cb Mon Sep 17 00:00:00 2001
 From: Gary Lockyer <gary@catalyst.net.nz>
 Date: Wed, 13 May 2020 10:56:56 +1200
 Subject: [PATCH 10/11] CVE-2020-10730: lib ldb: Check if
 ldb_lock_backend_callback called twice
 Prevent use after free issues if ldb_lock_backend_callback is called
 twice, usually due to ldb_module_done being called twice. This can happen if a
 module ignores the return value from function a function that calls
 ldb_module_done as part of it's error handling.
 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
 Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 ---
 lib/ldb/common/ldb.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)
 diff --git a/lib/ldb/common/ldb.c b/lib/ldb/common/ldb.c
 index 44a487ba987..090d41dde69 100644
 --- a/lib/ldb/common/ldb.c
 +++ b/lib/ldb/common/ldb.c
@@ -1009,6 +1009,13 @@ static int ldb_lock_backend_callback(struct ldb_request *req,
 	struct ldb_db_lock_context *lock_context;
 	int ret;
 +	if (req->context == NULL) {
 +		/*
 +		 * The usual way to get here is to ignore the return codes
 +		 * and continuing processing after an error.
 +		 */
 +		abort();
 +	}
 	lock_context = talloc_get_type(req->context,
 				       struct ldb_db_lock_context);
@@ -1023,7 +1030,7 @@ static int ldb_lock_backend_callback(struct ldb_request *req,
 		 * If this is a LDB_REPLY_DONE or an error, unlock the
 		 * DB by calling the destructor on this context
 		 */
 -		talloc_free(lock_context);
 +		TALLOC_FREE(req->context);
 		return ret;
 	}
 -- 
 2.17.1
--- a/SPECS/libldb.spec
+++ b/SPECS/libldb.spec
@ -1,10 +1,10 @@
-%global talloc_version 2.2.0
+%global talloc_version 2.3.1
-%global tdb_version 1.4.2
+%global tdb_version 1.4.3
-%global tevent_version 0.10.0
+%global tevent_version 0.10.2
 Name: libldb
-Version: 2.0.7
+Version: 2.1.3
-Release: 3%{?dist}
+Release: 2%{?dist}
 Summary: A schema-less, ldap like, API and database
 Requires: libtalloc%{?_isa} >= %{talloc_version}
 Requires: libtdb%{?_isa} >= %{tdb_version}
@ -42,6 +42,8 @@ Obsoletes: python2-ldb-debuginfo < %{version}-%{release}
 # Patches
 Patch0001: CVE-2020-10730.patch
 %description
 An extensible library that implements an LDAP like API to access remote LDAP
 servers, or use local tdb databases.
@ -85,7 +87,7 @@ Obsoletes: python-ldb-devel-common < %{version}-%{release}
 Development files for the Python bindings for the LDB library
 %prep
-%autosetup -n ldb-%{version} -p1
+%autosetup -n ldb-%{version} -p3
 %build
 %configure --disable-rpath \
@ -178,6 +180,12 @@ rm -f $RPM_BUILD_ROOT/%{_mandir}/man3/_*
 %ldconfig_scriptlets -n python3-ldb
 %changelog
 * Wed Jun 24 2020 Isaac Boukris <iboukris@redhat.com> - 2.1.3-2
 - Resolves: rhbz#1849615 - Fix CVE-2020-10730 use-after-free
 * Tue Jun 2 2020 Isaac Boukris <iboukris@redhat.com> - 2.1.3-1
 - Resolves: rhbz#1817567 - Rebase libldb to 2.1.3 for samba
 * Tue Nov 26 2019 Isaac Boukris <iboukris@redhat.com> - 2.0.7-3
 - Resolves: rhbz#1754423 - Rebase libldb to 2.0.7 version for samba
 - Related: rhbz#1754423 - Fix sssd tests (ldb)
`@ -1 +1 @@`
	`SOURCES/ldb-2.0.7.tar.gz`	`SOURCES/ldb-2.1.3.tar.gz`
`@ -1 +1 @@`
	`f80b43fd7461fccfd14d9f81eb83c3bd1543940f SOURCES/ldb-2.0.7.tar.gz`	`06d1c8457e56b2df26cec16253a62acc789aa6fb SOURCES/ldb-2.1.3.tar.gz`