[Freeipa-devel] [PATCH] 399 Require 389-base-base 1.3.0.5

Tue, 02 Apr 2013 08:11:32 -0700 

Pulls the following fixes:
- upgrade deadlock caused by DNA plugin reconfiguration
- CVE-2013-1897: unintended information exposure when rootdse is
  enabled

https://fedorahosted.org/freeipa/ticket/3540


ACKed by Rob on IRC, pushed to master, ipa-3-1.

I will bump this Requires also for Fedora 18 and F19 build.

Martin

From 5f5d65b787a0cf96e8d45e052fa16afa9dcc264f Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Tue, 2 Apr 2013 16:25:46 +0200
Subject: [PATCH] Require 389-base-base 1.3.0.5

Pulls the following fixes:
- upgrade deadlock caused by DNA plugin reconfiguration
- CVE-2013-1897: unintended information exposure when rootdse is
  enabled

https://fedorahosted.org/freeipa/ticket/3540
---
 freeipa.spec.in | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/freeipa.spec.in b/freeipa.spec.in
index 665a6d7207042a5b0defd63186149fbf5684a096..5e844534dd3f3629b94fc868b9a09643c84846c5 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -88,7 +88,7 @@ Requires: %{name}-python = %{version}-%{release}
 Requires: %{name}-client = %{version}-%{release}
 Requires: %{name}-admintools = %{version}-%{release}
 Requires: %{name}-server-selinux = %{version}-%{release}
-Requires: 389-ds-base >= 1.3.0
+Requires: 389-ds-base >= 1.3.0.5
 Requires: openldap-clients
 Requires: nss
 Requires: nss-tools
@@ -139,6 +139,7 @@ Requires: zip
 Requires: policycoreutils >= %{POLICYCOREUTILSVER}
 Requires: tar
 Requires(pre): certmonger >= 0.65
+Requires(pre): 389-ds-base >= 1.3.0.5
 
 # We have a soft-requires on bind. It is an optional part of
 # IPA but if it is configured we need a way to require versions
@@ -782,6 +783,12 @@ fi
 %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
 
 %changelog
+* Tue Apr  2 2013 Martin Kosek <mko...@redhat.com> - 3.1.99-2
+- Require 389-base-base >= 1.3.0.5 to pull the following fixes:
+  - upgrade deadlock caused by DNA plugin reconfiguration
+  - CVE-2013-1897: unintended information exposure when
+    nsslapd-allow-anonymous-access is set to rootdse
+
 * Wed Mar 27 2013 Martin Kosek <mko...@redhat.com> - 3.1.99-2
 - Remove conflict with krb5-server > 1.11 as ipa-kdb is compatible
 - ipa-ldap-updater show produce errors only
-- 
1.8.1.4


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to