|
@@ -16,7 +16,7 @@ Summary: The configuration files, libraries and documentation for OpenLDAP.
|
|
|
Summary(ja): OpenLDAP の設定ファイル,ライブラリ,ドキュメント.
|
|
Summary(ja): OpenLDAP の設定ファイル,ライブラリ,ドキュメント.
|
|
|
Name: openldap
|
|
Name: openldap
|
|
|
Version: 2.4.23
|
|
Version: 2.4.23
|
|
|
-Release: 2%{?_dist_release}
|
|
+Release: 3%{?_dist_release}
|
|
|
License: OpenLDAP
|
|
License: OpenLDAP
|
|
|
Group: System Environment/Libraries
|
|
Group: System Environment/Libraries
|
|
|
%if %{stable}
|
|
%if %{stable}
|
|
@@ -59,6 +59,13 @@ Patch304: MigrationTools-46-schema.patch
|
|
|
Patch305: MigrationTools-45-noaliases.patch
|
|
Patch305: MigrationTools-45-noaliases.patch
|
|
|
|
|
|
|
|
# security fixes
|
|
# security fixes
|
|
|
|
|
+## from CentOS 6.3; openldap 2.4.23-26.el6_3.2
|
|
|
|
|
+Patch1112: openldap-cve-ppolicy-forward-updates.patch
|
|
|
|
|
+Patch1113: openldap-cve-ndb-bind-rootdn.patch
|
|
|
|
|
+Patch1141: openldap-cve-relay-rwm-translucent.patch
|
|
|
|
|
+Patch1144: openldap-cve-nss-cipher-suite-ignored.patch
|
|
|
|
|
+## based CentOS 6.3; openldap 2.4.23-26.el6_3.2
|
|
|
|
|
+Patch1145: openldap-VineLinux-cve-nss-default-cipher-suite-always-selected.patch
|
|
|
|
|
|
|
|
URL: http://www.openldap.org/
|
|
URL: http://www.openldap.org/
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
@@ -222,6 +229,11 @@ pushd openldap-%{version}
|
|
|
%patch9 -p1 -b .smbk5pwd
|
|
%patch9 -p1 -b .smbk5pwd
|
|
|
%patch10 -p1 -b .multilib
|
|
%patch10 -p1 -b .multilib
|
|
|
# security
|
|
# security
|
|
|
|
|
+%patch1112 -p1 -b .cve-ppolicy-forward-updates
|
|
|
|
|
+%patch1113 -p1 -b .cve-ndb-bind-rootdn
|
|
|
|
|
+%patch1141 -p1 -b .cve-relay-rwm-translucent
|
|
|
|
|
+%patch1144 -p1 -b .cve-nss-cipher-suite-ignored
|
|
|
|
|
+%patch1145 -p2 -b .cve-VineLinux-nss-default-cipher-suite-always-selected
|
|
|
|
|
|
|
|
libtoolize --force --copy
|
|
libtoolize --force --copy
|
|
|
popd
|
|
popd
|
|
@@ -601,7 +613,7 @@ fi
|
|
|
%attr(0640,root,ldap) %config(noreplace) %{_sysconfdir}/openldap/slapd.conf
|
|
%attr(0640,root,ldap) %config(noreplace) %{_sysconfdir}/openldap/slapd.conf
|
|
|
%attr(0640,root,ldap) %{_sysconfdir}/openldap/DB_CONFIG.example
|
|
%attr(0640,root,ldap) %{_sysconfdir}/openldap/DB_CONFIG.example
|
|
|
%attr(0755,root,root) %dir %{_sysconfdir}/openldap/schema
|
|
%attr(0755,root,root) %dir %{_sysconfdir}/openldap/schema
|
|
|
-%attr(0644,root,root) %dir %{_sysconfdir}/openldap/schema/README*
|
|
+%attr(0644,root,root) %{_sysconfdir}/openldap/schema/README*
|
|
|
%attr(0644,root,root) %config %{_sysconfdir}/sysconfig/ldap
|
|
%attr(0644,root,root) %config %{_sysconfdir}/sysconfig/ldap
|
|
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.schema*
|
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.schema*
|
|
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.ldif
|
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.ldif
|
|
@@ -688,6 +700,17 @@ fi
|
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
%changelog
|
|
|
|
|
+* Sun Dec 9 2012 IWAI, Masaharu <iwai@alib.jp> 2.4.23-3
|
|
|
|
|
+- SECURITY FIX, #2501
|
|
|
|
|
+ - patches from CentOS 6.3; openldap 2.4.23-26.el6_3.2
|
|
|
|
|
+ - CVE-2011-1024: add openldap-cve-ppolicy-forward-updates.patch (Patch1112)
|
|
|
|
|
+ - CVE-2011-1025: add openldap-cve-ndb-bind-rootdn.patch (Patch1113)
|
|
|
|
|
+ - CVE-2012-1164: add openldap-cve-relay-rwm-translucent.patch (Patch1141)
|
|
|
|
|
+ - CVE-2012-2668: add openldap-cve-nss-cipher-suite-ignored.patch (Patch1144)
|
|
|
|
|
+ - patch based CentOS 6.3; openldap 2.4.23-26.el6_3.2
|
|
|
|
|
+ - CVE-2012-2668: add openldap-cve-nss-default-cipher-suite-always-selected.patch (Patch1145)
|
|
|
|
|
+- fix document file path for servers sub package
|
|
|
|
|
+
|
|
|
* Sat Apr 9 2011 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.4.23-2
|
|
* Sat Apr 9 2011 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.4.23-2
|
|
|
- added --with-odbc=unixodbc to configure
|
|
- added --with-odbc=unixodbc to configure
|
|
|
|
|
|
iwaim