CVE-2015-1545: slapd crashes on search with deref control (#1190645)
This commit is contained in:
Jan Synacek
parent
4b2abac9db
commit
ef18f96fdf
|
|
@ -0,0 +1,26 @@
|
|||
From 7a5a98577a0481d864ca7fe05b9b32274d4d1fb5 Mon Sep 17 00:00:00 2001
|
||||
From: Howard Chu <hyc@openldap.org>
|
||||
Date: Mon, 19 Jan 2015 22:25:53 +0000
|
||||
Subject: [PATCH] ITS#8027 require non-empty AttributeList
|
||||
|
||||
---
|
||||
servers/slapd/overlays/deref.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/servers/slapd/overlays/deref.c b/servers/slapd/overlays/deref.c
|
||||
index 9420e3e..05aa890 100644
|
||||
--- a/servers/slapd/overlays/deref.c
|
||||
+++ b/servers/slapd/overlays/deref.c
|
||||
@@ -183,7 +183,8 @@ deref_parseCtrl (
|
||||
ber_len_t cnt = sizeof(struct berval);
|
||||
ber_len_t off = 0;
|
||||
|
||||
- if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR )
|
||||
+ if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR
|
||||
+ || !cnt )
|
||||
{
|
||||
rs->sr_text = "Dereference control: derefSpec decoding error";
|
||||
rs->sr_err = LDAP_PROTOCOL_ERROR;
|
||||
--
|
||||
2.1.0
|
||||
|
||||
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
Name: openldap
|
||||
Version: 2.4.40
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: LDAP support libraries
|
||||
Group: System Environment/Daemons
|
||||
License: OpenLDAP
|
||||
|
|
@ -48,6 +48,8 @@ Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
|
|||
Patch20: openldap-ldapi-sasl.patch
|
||||
# TLSv1 support, already included upstream
|
||||
Patch21: openldap-support-tlsv1-and-later.patch
|
||||
# CVE-2015-1545, already upstream
|
||||
Patch22: openldap-require-non-empty-attributelist.patch
|
||||
|
||||
# Fedora specific patches
|
||||
Patch100: openldap-autoconf-pkgconfig-nss.patch
|
||||
|
|
@ -164,6 +166,7 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
|
|||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
%patch22 -p1
|
||||
|
||||
%patch102 -p1
|
||||
|
||||
|
|
@ -576,6 +579,9 @@ exit 0
|
|||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Tue Feb 10 2015 Jan Synáček <jsynacek@redhat.com> - 2.4.40-3
|
||||
- CVE-2015-1545: slapd crashes on search with deref control (#1190645)
|
||||
|
||||
* Fri Nov 14 2014 Jan Synáček <jsynacek@redhat.com> - 2.4.40-2
|
||||
- enhancement: support TLSv1 and later (#1160466)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue