Bug 177694
Summary: | CVE-2006-0150 auth_ldap format string issue | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] Fedora Legacy | Reporter: | David Eisenstein <deisenst> | ||||
Component: | auth_ldap | Assignee: | Fedora Legacy Bugs <bugs> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | urgent | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | rhl7.3 | CC: | pekkas | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | i386 | ||||||
OS: | Linux | ||||||
URL: | http://www.digitalarmaments.com/2006090173928420.html | ||||||
Whiteboard: | impact=critical, rh73, LEGACY | ||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2006-02-28 00:52:46 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
David Eisenstein
2006-01-12 22:12:34 UTC
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here is a RHL 7.3 package to QA: SHA1SUM Package 2fdfb8deb43cefdd62dd9fc88dee08f0ee9df917 auth_ldap-1.6.0-4.2.legacy.src.rpm at: http://fedoralegacy.org/contrib/auth_ldap/auth_ldap-1.6.0-4.2.legacy.src.rpm Changelog: * Wed Jan 18 2006 David Eisenstein <deisenst at gtw.net> 1.6.0-4.2.legacy - - Add BuildRequires: apache, openldap, mm, mm-devel * Wed Jan 18 2006 David Eisenstein <deisenst at gtw.net> 1.6.0-4.1.legacy - - Add patch (forward-ported from RHEL2.1's patch) for CVE-2006-0150, format string vulnerability. Bugzilla Bug #177694. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFDzq31xou1V/j9XZwRAibEAKCWvyTpt6Nxk55mElUWade2LjehMwCeLFn0 h3MuKDGZ4wDfeY7elZf3DpI= =7+s1 -----END PGP SIGNATURE----- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 QA w/ rpm-build-compare.sh: - source integrity good - spec file changes minimal - patch matches RHEL21 +PUBLISH RHL73 2fdfb8deb43cefdd62dd9fc88dee08f0ee9df917 auth_ldap-1.6.0-4.2.legacy.src.rpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFD0MAfGHbTkzxSL7QRAjqvAJ9rjsMvKZQZfrQYN2dtNR6FCv7k8gCgoN6d JXBRud9twIIISUoeQbmqr5U= =O/Y8 -----END PGP SIGNATURE----- Thanks, Pekka! :-) Created attachment 123539 [details]
Proposed Test Update Notification Message
I have built on jane:
* auth_ldap-1.6.0-4.2.legacy for RedHat Linux 7.3
(/var/tmp/mach/redhat-73-i386-updates/auth_ldap-1.6.0-4.2.legacy)
Attached is a proposed Test Update Notification text. Please let me know if
there is anything wrong with it. Thanks.
Packages were pushed to updates-testing New policy: automatic accept after two weeks if no negative feedback. Timeout over. Packages were released. |