|
|
@@ -16,7 +16,7 @@ Summary: The configuration files, libraries and documentation for OpenLDAP.
|
|
|
Summary(ja): OpenLDAP の設定ファイル,ライブラリ,ドキュメント.
|
|
|
Name: openldap
|
|
|
Version: 2.4.40
|
|
|
-Release: 1%{?_dist_release}
|
|
|
+Release: 2%{?_dist_release}
|
|
|
License: OpenLDAP
|
|
|
Group: System Environment/Libraries
|
|
|
URL: http://www.openldap.org/
|
|
|
@@ -64,6 +64,10 @@ Patch305: MigrationTools-45-noaliases.patch
|
|
|
|
|
|
# security fixes
|
|
|
|
|
|
+# CVE-2015-1545
|
|
|
+Patch1000: its8027.patch
|
|
|
+# CVE-2015-1546
|
|
|
+Patch1001: its8046.patch
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
|
BuildRequires: autoconf, automake, libtool >= 2.2.6a
|
|
|
@@ -227,7 +231,9 @@ pushd openldap-%{version}
|
|
|
%patch10 -p1 -b .multilib
|
|
|
|
|
|
# security
|
|
|
-# no patch.
|
|
|
+%patch1000 -p1 -b .CVE-2015-1545
|
|
|
+%patch1001 -p1 -b .CVE-2015-1546
|
|
|
+
|
|
|
|
|
|
libtoolize --force --copy
|
|
|
popd
|
|
|
@@ -694,6 +700,9 @@ fi
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
+* Fri Mar 6 2015 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.40-2
|
|
|
+- added patch1000,1001 to fix CVE-2015-1545,1546.
|
|
|
+
|
|
|
* Sat Feb 28 2015 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.40-1
|
|
|
- new upstream release.
|
|
|
|
tomop