Hi, attached is a patch for an NMU fixing this bug. It will be also archived on: http://people.debian.org/~nion/nmu-diff/openldap2.3-2.4.7-6_2.4.7-6.1.patch
Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
diff -u openldap2.3-2.4.7/debian/patches/series openldap2.3-2.4.7/debian/patches/series
--- openldap2.3-2.4.7/debian/patches/series
+++ openldap2.3-2.4.7/debian/patches/series
@@ -15,0 +16 @@
+CVE-2008-0658
diff -u openldap2.3-2.4.7/debian/changelog openldap2.3-2.4.7/debian/changelog
--- openldap2.3-2.4.7/debian/changelog
+++ openldap2.3-2.4.7/debian/changelog
@@ -1,3 +1,12 @@
+openldap2.3 (2.4.7-6.1) unstable; urgency=high
+
+ * Non-maintainer upload by security team.
+ * Fix possible remote denial of service vulnerability in the BDB backend
+ via a modrdn operation with a NOOP control
+ (CVE-2008-0658; Closes: #465875).
+
+ -- Nico Golde <[EMAIL PROTECTED]> Tue, 04 Mar 2008 14:34:44 +0100
+
openldap2.3 (2.4.7-6) unstable; urgency=low
[ Updated debconf translations ]
only in patch2:
unchanged:
--- openldap2.3-2.4.7.orig/debian/patches/CVE-2008-0658
+++ openldap2.3-2.4.7/debian/patches/CVE-2008-0658
@@ -0,0 +1,12 @@
+diff -Nurad openldap2.3-2.4.7.orig/servers/slapd/back-bdb/modrdn.c openldap2.3-2.4.7/servers/slapd/back-bdb/modrdn.c
+--- openldap2.3-2.4.7.orig/servers/slapd/back-bdb/modrdn.c 2008-03-04 14:32:49.000000000 +0100
++++ openldap2.3-2.4.7/servers/slapd/back-bdb/modrdn.c 2008-03-04 14:33:25.000000000 +0100
+@@ -737,6 +737,8 @@
+ } else {
+ rs->sr_err = LDAP_X_NO_OPERATION;
+ ltid = NULL;
++ /* Only free attrs if they were dup'd. */
++ if ( dummy.e_attrs == e->e_attrs ) dummy.e_attrs = NULL;
+ goto return_results;
+ }
+
pgpqb5XKSdI4A.pgp
Description: PGP signature
