summaryrefslogtreecommitdiff
path: root/databases
diff options
context:
space:
mode:
authorspz <spz@pkgsrc.org>2014-05-09 09:18:38 +0000
committerspz <spz@pkgsrc.org>2014-05-09 09:18:38 +0000
commite1569dcd553ecead2415c01063bc6ea0af4c784f (patch)
tree5f0b21f0a09e08a33b404ead405a62c2ab5d1e7a /databases
parentd5f78e1d4706fbc22915fe2277b6c4174e26935a (diff)
downloadpkgsrc-e1569dcd553ecead2415c01063bc6ea0af4c784f.tar.gz
Pullup ticket #4402 - requested by tron
databases/openldap-server: security patch Revisions pulled up: - databases/openldap-server/Makefile 1.41 - databases/openldap/distinfo 1.95 - databases/openldap/patches/patch-libraries_librewrite_session.c 1.1 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Fri May 9 08:12:00 UTC 2014 Modified Files: pkgsrc/databases/openldap: distinfo pkgsrc/databases/openldap-server: Makefile Added Files: pkgsrc/databases/openldap/patches: patch-libraries_librewrite_session.c Log Message: Add patch from OpenLDAP GIT repository to fix CVE-2013-4449 (SA55238). To generate a diff of this commit: cvs rdiff -u -r1.94 -r1.95 pkgsrc/databases/openldap/distinfo cvs rdiff -u -r1.40 -r1.41 pkgsrc/databases/openldap-server/Makefile cvs rdiff -u -r0 -r1.1 \ pkgsrc/databases/openldap/patches/patch-libraries_librewrite_session.c
Diffstat (limited to 'databases')
-rw-r--r--databases/openldap-server/Makefile4
-rw-r--r--databases/openldap/distinfo3
-rw-r--r--databases/openldap/patches/patch-libraries_librewrite_session.c24
3 files changed, 28 insertions, 3 deletions
diff --git a/databases/openldap-server/Makefile b/databases/openldap-server/Makefile
index 514e64ef103..b2333694ed3 100644
--- a/databases/openldap-server/Makefile
+++ b/databases/openldap-server/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.40 2014/03/25 22:36:58 asau Exp $
+# $NetBSD: Makefile,v 1.40.2.1 2014/05/09 09:18:38 spz Exp $
PKGNAME= ${DISTNAME:S/-/-server-/}
-PKGREVISION= 1
+PKGREVISION= 2
COMMENT= Lightweight Directory Access Protocol server suite
CONFLICTS+= openldap<2.3.23nb1
diff --git a/databases/openldap/distinfo b/databases/openldap/distinfo
index 47e822837fc..a2c26e96b5d 100644
--- a/databases/openldap/distinfo
+++ b/databases/openldap/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.94 2014/01/28 20:18:08 adam Exp $
+$NetBSD: distinfo,v 1.94.2.1 2014/05/09 09:18:38 spz Exp $
SHA1 (openldap-2.4.39.tgz) = 2b8e8401214867c361f7212e7058f95118b5bd6c
RMD160 (openldap-2.4.39.tgz) = da68043bd38e9d58811599d43bfdbc8f6c9b6f58
@@ -18,3 +18,4 @@ SHA1 (patch-contrib_slapd-modules_nops_slapo-nops.5) = f32352f19361b7e9aa5b038ae
SHA1 (patch-da) = 880b25a9266ee057f7269c5be46ef3c3fecf16b4
SHA1 (patch-dd) = 9c74118ff0b2232bda729c9917082fceef41dd16
SHA1 (patch-de) = be3833817205483b62cf3216b27f53a951621198
+SHA1 (patch-libraries_librewrite_session.c) = e698d168556750ea790c563d439dd2fd8c87038e
diff --git a/databases/openldap/patches/patch-libraries_librewrite_session.c b/databases/openldap/patches/patch-libraries_librewrite_session.c
new file mode 100644
index 00000000000..83b6ecdad83
--- /dev/null
+++ b/databases/openldap/patches/patch-libraries_librewrite_session.c
@@ -0,0 +1,24 @@
+$NetBSD: patch-libraries_librewrite_session.c,v 1.1.2.2 2014/05/09 09:18:38 spz Exp $
+
+Fix for CVE-2013-4449 taken from the OpenLDA GIT repository:
+
+http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=59688044386dfeee0c837a15133f4e878f1bb661
+
+--- libraries/librewrite/session.c.orig 2014-01-25 13:36:15.000000000 +0000
++++ libraries/librewrite/session.c 2014-05-09 09:03:51.000000000 +0100
+@@ -161,6 +161,7 @@
+ #ifdef USE_REWRITE_LDAP_PVT_THREADS
+ if ( session ) {
+ ldap_pvt_thread_mutex_lock( &session->ls_mutex );
++ session->ls_count++;
+ }
+ ldap_pvt_thread_rdwr_runlock( &info->li_cookies_mutex );
+ #endif /* USE_REWRITE_LDAP_PVT_THREADS */
+@@ -178,6 +179,7 @@
+ )
+ {
+ assert( session != NULL );
++ session->ls_count--;
+ ldap_pvt_thread_mutex_unlock( &session->ls_mutex );
+ }
+