Package: 389-ds-base / 1.4.2.4-1

Metadata

Package Version Patches format
389-ds-base 1.4.2.4-1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
fix saslpath.diff | (download)

configure.ac | 4 3 + 1 - 0 !
ldap/servers/slapd/ldaputil.c | 14 9 + 5 - 0 !
2 files changed, 12 insertions(+), 6 deletions(-)

---
fix systemctl path.diff | (download)

ldap/admin/src/scripts/start-dirsrv.in | 2 1 + 1 - 0 !
ldap/admin/src/scripts/status-dirsrv.in | 4 2 + 2 - 0 !
ldap/admin/src/scripts/stop-dirsrv.in | 4 2 + 2 - 0 !
3 files changed, 5 insertions(+), 5 deletions(-)

 fix the path to systemctl binary
CVE 2017 15135.patch | (download)

dirsrvtests/tests/suites/password/bz1525628_ct_memcmp_invalid_hash_test.py | 56 56 + 0 - 0 !
ldap/servers/plugins/pwdstorage/clear_pwd.c | 4 2 + 2 - 0 !
ldap/servers/plugins/pwdstorage/crypt_pwd.c | 4 2 + 2 - 0 !
ldap/servers/plugins/pwdstorage/md5_pwd.c | 4 2 + 2 - 0 !
ldap/servers/plugins/pwdstorage/sha_pwd.c | 4 2 + 2 - 0 !
ldap/servers/plugins/pwdstorage/smd5_pwd.c | 2 1 + 1 - 0 !
ldap/servers/slapd/ch_malloc.c | 36 31 + 5 - 0 !
ldap/servers/slapd/slapi-plugin.h | 2 1 + 1 - 0 !
8 files changed, 97 insertions(+), 15 deletions(-)

  slapi_ct_memcmp now access n1, n2 size
and will FAIL if they are not the same, but will still compare
n bytes, where n is the "longest" memory, to the first byte
of the other to prevent length disclosure of the shorter
value (generally the mis-migrated password)

https://bugzilla.redhat.com/show_bug.cgi?id=1525628

drop old man.diff | (download)

Makefile.am | 47 0 + 47 - 0 !
1 file changed, 47 deletions(-)

---