[Pkg-openldap-devel] [openldap] 01/01: Imported Debian patch 2.4.31-2+deb7u3

Ryan Tandy rtandy-guest at moszumanska.debian.org
Sat Jun 10 21:10:59 UTC 2017 

This is an automated email from the git hooks/post-receive script.

rtandy-guest pushed a commit to branch wheezy
in repository openldap.

commit 3b381cfc3f8c5bd11841c6bdcac53ab8cede1dc0
Author: Chris Lamb <lamby at debian.org>
Date:   Thu Jun 1 18:34:18 2017 +0100

    Imported Debian patch 2.4.31-2+deb7u3
---
 debian/changelog             |  9 +++++++++
 debian/patches/CVE-2017-9287 | 12 ++++++++++++
 debian/patches/series        |  1 +
 3 files changed, 22 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index e010ac5..1f54251 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+openldap (2.4.31-2+deb7u3) wheezy-security; urgency=high
+
+  * CVE-2017-9287: search.c was prone to a double free vulnerability. A user
+    with access to search the directory could crash slapd by issuing a search
+    including the "Paged Results" control with a page size of 0.
+    (Closes: #863563)
+
+ -- Chris Lamb <lamby at debian.org>  Thu, 01 Jun 2017 18:34:18 +0100
+
 openldap (2.4.31-2+deb7u2) wheezy; urgency=medium
 
   * Disable the back-mdb test suite on powerpc to work around back-mdb tests
diff --git a/debian/patches/CVE-2017-9287 b/debian/patches/CVE-2017-9287
new file mode 100644
index 0000000..588f44a
--- /dev/null
+++ b/debian/patches/CVE-2017-9287
@@ -0,0 +1,12 @@
+--- openldap-2.4.31.orig/servers/slapd/back-mdb/search.c
++++ openldap-2.4.31/servers/slapd/back-mdb/search.c
+@@ -832,7 +832,8 @@ loop_begin:
+ 			/* check size limit */
+ 			if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
+ 				if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) {
+-					mdb_entry_return( op, e );
++					if (e != base)
++						mdb_entry_return( op, e );
+ 					e = NULL;
+ 					send_paged_response( op, rs, &lastid, tentries );
+ 					goto done;
diff --git a/debian/patches/series b/debian/patches/series
index d40c06c..e98ca42 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
+CVE-2017-9287
 man-slapd 
 evolution-ntlm
 slapi-errorlog-file 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openldap/openldap.git

More information about the Pkg-openldap-devel mailing list