From 787c85092f97b33967b3b30e9c96f8faadf633dc0b00086c8bf59a1d24900c7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lars=20M=C3=BCller?= Date: Wed, 16 Dec 2015 13:15:26 +0000 Subject: [PATCH 1/2] - Update to 1.1.24. + fix LDAP \00 search expression attack DoS; CVE-2015-3223; (bso#11325) + fix remote read memory exploit in LDB; CVE-2015-5330; (bso#11599) + move ldb_(un)pack_data into ldb_module.h for testing + fix installation of _ldb_text.py + fix propagation of LDB errors through TDB + fix bug triggered by having an empty message in database during search OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/ldb?expand=0&rev=90 --- ldb-1.1.23.tar.asc | 11 ----------- ldb-1.1.23.tar.gz | 3 --- ldb-1.1.24.tar.asc | 11 +++++++++++ ldb-1.1.24.tar.gz | 3 +++ ldb.changes | 11 +++++++++++ ldb.spec | 14 +++++++------- 6 files changed, 32 insertions(+), 21 deletions(-) delete mode 100644 ldb-1.1.23.tar.asc delete mode 100644 ldb-1.1.23.tar.gz create mode 100644 ldb-1.1.24.tar.asc create mode 100644 ldb-1.1.24.tar.gz diff --git a/ldb-1.1.23.tar.asc b/ldb-1.1.23.tar.asc deleted file mode 100644 index ac1f990..0000000 --- a/ldb-1.1.23.tar.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iQEcBAABAgAGBQJWPKt1AAoJEEeTkWETCEAl+6oH/R5jor1G2qouI52wI/s50luD -kaS7AGLTN4owtLXkyGuWs9XEV3VFyFN0uGQOUFYTkRlqw3gOVD4DvvWJb9xPjlkf -sNNSCCpcLu1hmoPiy5Tvh6sjustbx1cuAn6jjsYRT81L+qPY4qbGYrqh2BsV9Nxk -MzI1KT3ax1u0jdRj+mYfT2vO3ZibuIVjUaQb9OTMhy8syMP2XAj8taHj7qekWlZz -TuBfhBmf+LCY8TnIhpSDRusg+CajjsFylWeb1Gb5sBrDtfYq2KLT8qpvZB/G4o93 -A7wCqqZ9a3hdY46pqAD0a3z4qUAiNM64IgNXIESYswxvF/oagB4NPToGSuFVny4= -=yfFU ------END PGP SIGNATURE----- diff --git a/ldb-1.1.23.tar.gz b/ldb-1.1.23.tar.gz deleted file mode 100644 index 6de54ec..0000000 --- a/ldb-1.1.23.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8f8b2f7f04b24c847d088a091e6a2261ac6c7810fc711f553d3b61a3dee39559 -size 1258249 diff --git a/ldb-1.1.24.tar.asc b/ldb-1.1.24.tar.asc new file mode 100644 index 0000000..84c4c82 --- /dev/null +++ b/ldb-1.1.24.tar.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQEcBAABAgAGBQJWaWI5AAoJEEeTkWETCEAl9ykH+wR1+bh5+Mdzet2DYtvzN38Q +0XRvKsSnfrSX5lJYM5JGboGbyZ1vmeD0t1HB5ffqNeBdRIS54m6hn/rbHnNoX4nP +umsYHnY4iAffOn1KkE0tKPPCpc5584dDTVo/FoMtjWc6cYA25Zr9czuaqlcOiflh +ygDR3O3oq1aN7d+AOhiy5iUVttUZ3Tj7fJB3O4HkdDxCmXDrCIvqzUsYw4vjmzxB +J0bmrweQJM7ueSpJgCtBpQdaRk6jkQsoDaXqlxIG/aOe6c2wsE2r3UwleLYNsGJV +2cQM/HeufsuiXBbNeB1fEBTgFzeRc49H/gXF6P5tJS/NC+An++3/MjeiyVLSCBk= +=X5Bb +-----END PGP SIGNATURE----- diff --git a/ldb-1.1.24.tar.gz b/ldb-1.1.24.tar.gz new file mode 100644 index 0000000..bba9eac --- /dev/null +++ b/ldb-1.1.24.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:45e9f52473f0d013f0ea090cce35d6836a6e67e8d4dcdd7077dabdf8b1314b21 +size 1258405 diff --git a/ldb.changes b/ldb.changes index 55008f5..5d2ddcc 100644 --- a/ldb.changes +++ b/ldb.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Thu Dec 10 16:10:32 UTC 2015 - lmuelle@suse.com + +- Update to 1.1.24. + + fix LDAP \00 search expression attack DoS; CVE-2015-3223; (bso#11325) + + fix remote read memory exploit in LDB; CVE-2015-5330; (bso#11599) + + move ldb_(un)pack_data into ldb_module.h for testing + + fix installation of _ldb_text.py + + fix propagation of LDB errors through TDB + + fix bug triggered by having an empty message in database during search + ------------------------------------------------------------------- Wed Nov 11 17:53:45 UTC 2015 - lmuelle@suse.com diff --git a/ldb.spec b/ldb.spec index 6f1e4f5..d3118a2 100644 --- a/ldb.spec +++ b/ldb.spec @@ -24,9 +24,9 @@ %define with_python3 0 %endif -%define talloc_version 2.1.4 -%define tdb_version 1.3.7 -%define tevent_version 0.9.25 +%define talloc_version 2.1.5 +%define tdb_version 1.3.8 +%define tevent_version 0.9.26 Name: ldb BuildRequires: docbook-xsl-stylesheets @@ -50,13 +50,13 @@ BuildRequires: python3-devel %define build_make_smp_mflags %{?jobs:-j%jobs} %endif Url: http://ldb.samba.org/ -Version: 1.1.23 +Version: 1.1.24 Release: 0 Summary: An LDAP-like embedded database License: GPL-3.0+ Group: System/Libraries -Source: http://download.samba.org/pub/ldb/ldb-%{version}.tar.gz -Source1: http://download.samba.org/pub/ldb/ldb-%{version}.tar.asc +Source: https://download.samba.org/pub/ldb/ldb-%{version}.tar.gz +Source1: https://download.samba.org/pub/ldb/ldb-%{version}.tar.asc Source2: ldb.keyring Source4: baselibs.conf BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -193,7 +193,7 @@ doxygen Doxyfile rm -f apidocs/man/man3/_*_ldb-%{version}_include_.3 %check -%ifnarch ppc64 +%ifnarch ppc64 s390x LD_LIBRARY_PATH="bin/shared:bin/shared/private" \ LDB_MODULES_PATH="bin/modules" \ %{__make} test From 64df0f89d7bb1591788794ac0c9ccbf06ae08a160f31b66b1fe7692e68e55b4e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lars=20M=C3=BCller?= Date: Wed, 16 Dec 2015 15:18:13 +0000 Subject: [PATCH 2/2] Use https for the Url line too OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/ldb?expand=0&rev=91 --- ldb.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldb.spec b/ldb.spec index d3118a2..bb29a3f 100644 --- a/ldb.spec +++ b/ldb.spec @@ -49,7 +49,7 @@ BuildRequires: python3-devel %else %define build_make_smp_mflags %{?jobs:-j%jobs} %endif -Url: http://ldb.samba.org/ +Url: https://ldb.samba.org/ Version: 1.1.24 Release: 0 Summary: An LDAP-like embedded database