Commit 5cad1d01 authored by Rocky Automation's avatar Rocky Automation 📺
Browse files

import 389-ds-base-2.0.14-1.el9

parents
895e2c67a2b2fd8c97f4a56ae7849ffd46517432 SOURCES/389-ds-base-2.0.14.tar.bz2
9e06b5cc57fd185379d007696da153893cf73e30 SOURCES/jemalloc-5.2.1.tar.bz2
SOURCES/389-ds-base-2.0.14.tar.bz2
SOURCES/jemalloc-5.2.1.tar.bz2
From d41352806f44c47a9e99f9eb1b0bdfef7b0aa4f4 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Tue, 25 Jan 2022 12:27:02 -0500
Subject: [PATCH] Bug 2027783 - CVE-2021-4091 389-ds-base: double-free of the
virtual attribute context in persistent search
Description: Fix double free. The double free is related to
persistent search req. It was introduced with i
https://pagure.io/389-ds-base/issue/49097
Reviewed by: mreynolds, progier, jchapman
---
ldap/servers/slapd/pblock.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index 94e7c0ab7..56bbfc92e 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -330,6 +330,8 @@ slapi_pblock_clone(Slapi_PBlock *pb)
if (pb->pb_intplugin != NULL) {
_pblock_assert_pb_intplugin(new_pb);
*(new_pb->pb_intplugin) = *(pb->pb_intplugin);
+ /* Make sure that only the cloned pblock refers to vattr_context */
+ pb->pb_intplugin->pb_vattr_context = NULL;
}
if (pb->pb_deprecated != NULL) {
_pblock_assert_pb_deprecated(new_pb);
--
2.31.1
For detailed information on developing plugins for
389 Directory Server visit.
http://port389/wiki/Plugins
#!/bin/bash
DATE=`date +%Y%m%d`
# use a real tag name here
VERSION=1.3.5.14
PKGNAME=389-ds-base
TAG=${TAG:-$PKGNAME-$VERSION}
URL="https://git.fedorahosted.org/git/?p=389/ds.git;a=snapshot;h=$TAG;sf=tgz"
SRCNAME=$PKGNAME-$VERSION
wget -O $SRCNAME.tar.gz "$URL"
echo convert tgz format to tar.bz2 format
gunzip $PKGNAME-$VERSION.tar.gz
bzip2 $PKGNAME-$VERSION.tar
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment