Add patch from OpenLDAP GIT repository to fix CVE-2013-4449 (SA55238).

author: tron <tron> 2014-05-09 08:12:00 +0000
committer: tron <tron> 2014-05-09 08:12:00 +0000
commit: 6026550fbc4225124e71cbf3637d92537740dddd (patch)
tree: 9883bfae70a7eb367ec17b16c20765073533f9c1 /databases
parent: fd44db745f3390e0c08d70128f2e6dbc8920a174 (diff)
download: pkgsrc-6026550fbc4225124e71cbf3637d92537740dddd.tar.gz
3 files changed, 28 insertions, 3 deletions
diff --git a/databases/openldap-server/Makefile b/databases/openldap-server/Makefile
index 514e64ef103..5249d09b6e1 100644
--- a/databases/openldap-server/Makefile
+++ b/databases/openldap-server/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.40 2014/03/25 22:36:58 asau Exp $
+# $NetBSD: Makefile,v 1.41 2014/05/09 08:12:00 tron Exp $
 
 PKGNAME=	${DISTNAME:S/-/-server-/}
-PKGREVISION=	1
+PKGREVISION=	2
 COMMENT=	Lightweight Directory Access Protocol server suite
 
 CONFLICTS+=	openldap<2.3.23nb1
diff --git a/databases/openldap/distinfo b/databases/openldap/distinfo
index 47e822837fc..4e5207e5515 100644
--- a/databases/openldap/distinfo
+++ b/databases/openldap/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.94 2014/01/28 20:18:08 adam Exp $
+$NetBSD: distinfo,v 1.95 2014/05/09 08:12:00 tron Exp $
 
 SHA1 (openldap-2.4.39.tgz) = 2b8e8401214867c361f7212e7058f95118b5bd6c
 RMD160 (openldap-2.4.39.tgz) = da68043bd38e9d58811599d43bfdbc8f6c9b6f58
@@ -18,3 +18,4 @@ SHA1 (patch-contrib_slapd-modules_nops_slapo-nops.5) = f32352f19361b7e9aa5b038ae
 SHA1 (patch-da) = 880b25a9266ee057f7269c5be46ef3c3fecf16b4
 SHA1 (patch-dd) = 9c74118ff0b2232bda729c9917082fceef41dd16
 SHA1 (patch-de) = be3833817205483b62cf3216b27f53a951621198
+SHA1 (patch-libraries_librewrite_session.c) = e698d168556750ea790c563d439dd2fd8c87038e
diff --git a/databases/openldap/patches/patch-libraries_librewrite_session.c b/databases/openldap/patches/patch-libraries_librewrite_session.c
new file mode 100644
index 00000000000..905861bc43d
--- /dev/null
+++ b/databases/openldap/patches/patch-libraries_librewrite_session.c
@@ -0,0 +1,24 @@
+$NetBSD: patch-libraries_librewrite_session.c,v 1.1 2014/05/09 08:12:00 tron Exp $
+
+Fix for CVE-2013-4449 taken from the OpenLDA GIT repository:
+
+http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=59688044386dfeee0c837a15133f4e878f1bb661
+
+--- libraries/librewrite/session.c.orig	2014-01-25 13:36:15.000000000 +0000
++++ libraries/librewrite/session.c	2014-05-09 09:03:51.000000000 +0100
+@@ -161,6 +161,7 @@
+ #ifdef USE_REWRITE_LDAP_PVT_THREADS
+ 	if ( session ) {
+ 		ldap_pvt_thread_mutex_lock( &session->ls_mutex );
++		session->ls_count++;
+ 	}
+ 	ldap_pvt_thread_rdwr_runlock( &info->li_cookies_mutex );
+ #endif /* USE_REWRITE_LDAP_PVT_THREADS */
+@@ -178,6 +179,7 @@
+ )
+ {
+ 	assert( session != NULL );
++	session->ls_count--;
+ 	ldap_pvt_thread_mutex_unlock( &session->ls_mutex );
+ }
+
author	tron <tron>	2014-05-09 08:12:00 +0000
committer	tron <tron>	2014-05-09 08:12:00 +0000
commit	6026550fbc4225124e71cbf3637d92537740dddd (patch)
tree	9883bfae70a7eb367ec17b16c20765073533f9c1 /databases
parent	fd44db745f3390e0c08d70128f2e6dbc8920a174 (diff)
download	pkgsrc-6026550fbc4225124e71cbf3637d92537740dddd.tar.gz