Commit 3969a33b authored by Rocky Automation's avatar Rocky Automation 📺
Browse files

import 389-ds-base-2.0.14-1.el9

parent 62bbb9b7
3793bb1f6fd7bbc9843438375dfecaa52ed942dd SOURCES/389-ds-base-2.0.11.tar.bz2
895e2c67a2b2fd8c97f4a56ae7849ffd46517432 SOURCES/389-ds-base-2.0.14.tar.bz2
9e06b5cc57fd185379d007696da153893cf73e30 SOURCES/jemalloc-5.2.1.tar.bz2
SOURCES/389-ds-base-2.0.11.tar.bz2
SOURCES/389-ds-base-2.0.14.tar.bz2
SOURCES/jemalloc-5.2.1.tar.bz2
From d41352806f44c47a9e99f9eb1b0bdfef7b0aa4f4 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Tue, 25 Jan 2022 12:27:02 -0500
Subject: [PATCH] Bug 2027783 - CVE-2021-4091 389-ds-base: double-free of the
virtual attribute context in persistent search
Description: Fix double free. The double free is related to
persistent search req. It was introduced with i
https://pagure.io/389-ds-base/issue/49097
Reviewed by: mreynolds, progier, jchapman
---
ldap/servers/slapd/pblock.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index 94e7c0ab7..56bbfc92e 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -330,6 +330,8 @@ slapi_pblock_clone(Slapi_PBlock *pb)
if (pb->pb_intplugin != NULL) {
_pblock_assert_pb_intplugin(new_pb);
*(new_pb->pb_intplugin) = *(pb->pb_intplugin);
+ /* Make sure that only the cloned pblock refers to vattr_context */
+ pb->pb_intplugin->pb_vattr_context = NULL;
}
if (pb->pb_deprecated != NULL) {
_pblock_assert_pb_deprecated(new_pb);
--
2.31.1
......@@ -46,9 +46,9 @@ ExcludeArch: i686
Summary: 389 Directory Server (base)
Name: 389-ds-base
Version: 2.0.11
Version: 2.0.14
Release: 1%{?dist}
License: GPLv3+ and ASL 2.0 and MPLv2.0 and Boost
License: GPLv3+ and ASL 2.0
URL: https://www.port389.org
Conflicts: selinux-policy-base < 3.9.8
Conflicts: freeipa-server < 4.0.3
......@@ -59,7 +59,7 @@ Provides: ldif2ldbm >= 0
##### Bundled cargo crates list - START #####
Provides: bundled(crate(ahash)) = 0.7.6
Provides: bundled(crate(ansi_term)) = 0.11.0
Provides: bundled(crate(ansi_term)) = 0.12.1
Provides: bundled(crate(atty)) = 0.2.14
Provides: bundled(crate(autocfg)) = 1.0.1
Provides: bundled(crate(base64)) = 0.13.0
......@@ -68,81 +68,82 @@ Provides: bundled(crate(byteorder)) = 1.4.3
Provides: bundled(crate(cbindgen)) = 0.9.1
Provides: bundled(crate(cc)) = 1.0.72
Provides: bundled(crate(cfg-if)) = 1.0.0
Provides: bundled(crate(clap)) = 2.33.3
Provides: bundled(crate(concread)) = 0.2.19
Provides: bundled(crate(clap)) = 2.34.0
Provides: bundled(crate(concread)) = 0.2.21
Provides: bundled(crate(crossbeam)) = 0.8.1
Provides: bundled(crate(crossbeam-channel)) = 0.5.1
Provides: bundled(crate(crossbeam-channel)) = 0.5.2
Provides: bundled(crate(crossbeam-deque)) = 0.8.1
Provides: bundled(crate(crossbeam-epoch)) = 0.9.5
Provides: bundled(crate(crossbeam-queue)) = 0.3.2
Provides: bundled(crate(crossbeam-utils)) = 0.8.5
Provides: bundled(crate(crossbeam-epoch)) = 0.9.6
Provides: bundled(crate(crossbeam-queue)) = 0.3.3
Provides: bundled(crate(crossbeam-utils)) = 0.8.6
Provides: bundled(crate(entryuuid)) = 0.1.0
Provides: bundled(crate(entryuuid_syntax)) = 0.1.0
Provides: bundled(crate(fastrand)) = 1.7.0
Provides: bundled(crate(fernet)) = 0.1.4
Provides: bundled(crate(foreign-types)) = 0.3.2
Provides: bundled(crate(foreign-types-shared)) = 0.1.1
Provides: bundled(crate(getrandom)) = 0.2.3
Provides: bundled(crate(getrandom)) = 0.2.4
Provides: bundled(crate(hashbrown)) = 0.11.2
Provides: bundled(crate(hermit-abi)) = 0.1.19
Provides: bundled(crate(instant)) = 0.1.12
Provides: bundled(crate(itoa)) = 0.4.8
Provides: bundled(crate(itoa)) = 1.0.1
Provides: bundled(crate(jobserver)) = 0.1.24
Provides: bundled(crate(lazy_static)) = 1.4.0
Provides: bundled(crate(libc)) = 0.2.107
Provides: bundled(crate(libc)) = 0.2.113
Provides: bundled(crate(librnsslapd)) = 0.1.0
Provides: bundled(crate(librslapd)) = 0.1.0
Provides: bundled(crate(lock_api)) = 0.4.5
Provides: bundled(crate(log)) = 0.4.14
Provides: bundled(crate(lru)) = 0.6.6
Provides: bundled(crate(memoffset)) = 0.6.4
Provides: bundled(crate(once_cell)) = 1.8.0
Provides: bundled(crate(lru)) = 0.7.2
Provides: bundled(crate(memoffset)) = 0.6.5
Provides: bundled(crate(once_cell)) = 1.9.0
Provides: bundled(crate(openssl)) = 0.10.38
Provides: bundled(crate(openssl-sys)) = 0.9.71
Provides: bundled(crate(openssl-sys)) = 0.9.72
Provides: bundled(crate(parking_lot)) = 0.11.2
Provides: bundled(crate(parking_lot_core)) = 0.8.5
Provides: bundled(crate(paste)) = 0.1.18
Provides: bundled(crate(paste-impl)) = 0.1.18
Provides: bundled(crate(pin-project-lite)) = 0.2.7
Provides: bundled(crate(pkg-config)) = 0.3.22
Provides: bundled(crate(ppv-lite86)) = 0.2.15
Provides: bundled(crate(pin-project-lite)) = 0.2.8
Provides: bundled(crate(pkg-config)) = 0.3.24
Provides: bundled(crate(ppv-lite86)) = 0.2.16
Provides: bundled(crate(proc-macro-hack)) = 0.5.19
Provides: bundled(crate(proc-macro2)) = 1.0.32
Provides: bundled(crate(proc-macro2)) = 1.0.36
Provides: bundled(crate(pwdchan)) = 0.1.0
Provides: bundled(crate(quote)) = 1.0.10
Provides: bundled(crate(quote)) = 1.0.15
Provides: bundled(crate(rand)) = 0.8.4
Provides: bundled(crate(rand_chacha)) = 0.3.1
Provides: bundled(crate(rand_core)) = 0.6.3
Provides: bundled(crate(rand_hc)) = 0.3.1
Provides: bundled(crate(redox_syscall)) = 0.2.10
Provides: bundled(crate(remove_dir_all)) = 0.5.3
Provides: bundled(crate(ryu)) = 1.0.5
Provides: bundled(crate(ryu)) = 1.0.9
Provides: bundled(crate(scopeguard)) = 1.1.0
Provides: bundled(crate(serde)) = 1.0.130
Provides: bundled(crate(serde_derive)) = 1.0.130
Provides: bundled(crate(serde_json)) = 1.0.71
Provides: bundled(crate(serde)) = 1.0.135
Provides: bundled(crate(serde_derive)) = 1.0.135
Provides: bundled(crate(serde_json)) = 1.0.78
Provides: bundled(crate(slapd)) = 0.1.0
Provides: bundled(crate(slapi_r_plugin)) = 0.1.0
Provides: bundled(crate(smallvec)) = 1.7.0
Provides: bundled(crate(smallvec)) = 1.8.0
Provides: bundled(crate(strsim)) = 0.8.0
Provides: bundled(crate(syn)) = 1.0.81
Provides: bundled(crate(syn)) = 1.0.86
Provides: bundled(crate(synstructure)) = 0.12.6
Provides: bundled(crate(tempfile)) = 3.2.0
Provides: bundled(crate(tempfile)) = 3.3.0
Provides: bundled(crate(textwrap)) = 0.11.0
Provides: bundled(crate(tokio)) = 1.14.0
Provides: bundled(crate(tokio-macros)) = 1.6.0
Provides: bundled(crate(tokio)) = 1.15.0
Provides: bundled(crate(tokio-macros)) = 1.7.0
Provides: bundled(crate(toml)) = 0.5.8
Provides: bundled(crate(unicode-width)) = 0.1.9
Provides: bundled(crate(unicode-xid)) = 0.2.2
Provides: bundled(crate(uuid)) = 0.8.2
Provides: bundled(crate(vcpkg)) = 0.2.15
Provides: bundled(crate(vec_map)) = 0.8.2
Provides: bundled(crate(version_check)) = 0.9.3
Provides: bundled(crate(version_check)) = 0.9.4
Provides: bundled(crate(wasi)) = 0.10.2+wasi_snapshot_preview1
Provides: bundled(crate(winapi)) = 0.3.9
Provides: bundled(crate(winapi-i686-pc-windows-gnu)) = 0.4.0
Provides: bundled(crate(winapi-x86_64-pc-windows-gnu)) = 0.4.0
Provides: bundled(crate(zeroize)) = 1.4.3
Provides: bundled(crate(zeroize_derive)) = 1.2.2
Provides: bundled(crate(zeroize)) = 1.5.0
Provides: bundled(crate(zeroize_derive)) = 1.3.1
##### Bundled cargo crates list - END #####
BuildRequires: nspr-devel
......@@ -261,6 +262,7 @@ Source2: %{name}-devel.README
%if %{bundle_jemalloc}
Source3: https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2
%endif
Patch01: 0001-Bug-2027783-CVE-2021-4091-389-ds-base-double-free-of.patch
%description
389 Directory Server is an LDAPv3 compliant server. The base package includes
......@@ -630,6 +632,7 @@ exit 0
%{_sbindir}/openldap_to_ds
%{_mandir}/man8/openldap_to_ds.8.gz
%{_libexecdir}/%{pkgname}/ds_systemd_ask_password_acl
%{_libexecdir}/%{pkgname}/ds_selinux_restorecon.sh
%{_mandir}/man5/99user.ldif.5.gz
%{_mandir}/man5/certmap.conf.5.gz
%{_mandir}/man5/slapd-collations.conf.5.gz
......@@ -709,6 +712,19 @@ exit 0
%endif
%changelog
* Fri Jan 28 2022 Mark Reynolds <mreynolds@redhat.com> - 2.0.14-1
- Bump version to 2.0.14-1
- Resolves: Bug 2034880 - ipa-restore command is failing when restore after uninstalling the server (part2)
* Tue Jan 25 2022 Mark Reynolds <mreynolds@redhat.com> - 2.0.13-1
- Bump version to 2.0.13-1
- Resolves: Bug 2034880 - ipa-restore command is failing when restore after uninstalling the server
- Resolves: Bug 2045098 - Demoting a supplier to a consumer crashes the server
* Wed Nov 24 2021 Simon Pichugin <spichugi@redhat.com> - 2.0.11-2
- Bump version to 2.0.11-2
- Revert commit "Set db home directory by default"
* Thu Nov 18 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.11-1
- Bump version to 2.0.11-1
- Resolves: Bug 2024693 - Rebase RHEL 9.0 with 389-ds-base
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment