Bug 177694

Summary: CVE-2006-0150 auth_ldap format string issue
Product: [Retired] Fedora Legacy Reporter: David Eisenstein <deisenst>
Component: auth_ldapAssignee: Fedora Legacy Bugs <bugs>
Status: CLOSED ERRATA QA Contact:
Severity: urgent Docs Contact:
Priority: medium    
Version: rhl7.3CC: pekkas
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: i386   
OS: Linux   
URL: http://www.digitalarmaments.com/2006090173928420.html
Whiteboard: impact=critical, rh73, LEGACY
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-02-28 00:52:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Proposed Test Update Notification Message none

Description David Eisenstein 2006-01-12 22:12:34 UTC 
On 2006-01-10, Red Hat issued RHSA-2006:0179 for this issue.  The Red Hat
Security Response Team rated this issue as having a critical security impact.

    http://rhn.redhat.com/errata/RHSA-2006-0179.html

This only affects RHL 7.3, as the auth_ldap package is not part of any later
RH or Fedora distros.

References:

   CVE-2006-0150  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0150>
   BID 16177:     <http://www.securityfocus.com/bid/16177>

+++ This bug was initially created as a clone of Bug #177421 +++

auth_ldap format string issue

Improper use of the ap_log_rerror function was discovered in
auth_ldap.  This issue could allow a remote attacker to execute
arbitrary code.

http://www.digitalarmaments.com/2006090173928420.html

<<snip>>
Comment 1 David Eisenstein 2006-01-18 21:04:38 UTC 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here is a RHL 7.3 package to QA:

	      SHA1SUM				     Package
2fdfb8deb43cefdd62dd9fc88dee08f0ee9df917  auth_ldap-1.6.0-4.2.legacy.src.rpm

at:

http://fedoralegacy.org/contrib/auth_ldap/auth_ldap-1.6.0-4.2.legacy.src.rpm

Changelog:

* Wed Jan 18 2006 David Eisenstein <deisenst at gtw.net> 1.6.0-4.2.legacy
- - Add BuildRequires: apache, openldap, mm, mm-devel

* Wed Jan 18 2006 David Eisenstein <deisenst at gtw.net> 1.6.0-4.1.legacy
- - Add patch (forward-ported from RHEL2.1's patch) for CVE-2006-0150,
  format string vulnerability.	Bugzilla Bug #177694.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFDzq31xou1V/j9XZwRAibEAKCWvyTpt6Nxk55mElUWade2LjehMwCeLFn0
h3MuKDGZ4wDfeY7elZf3DpI=
=7+s1
-----END PGP SIGNATURE-----
Comment 2 Pekka Savola 2006-01-20 10:44:57 UTC 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
QA w/ rpm-build-compare.sh:
 - source integrity good
 - spec file changes minimal
 - patch matches RHEL21
 
+PUBLISH RHL73
 
2fdfb8deb43cefdd62dd9fc88dee08f0ee9df917  auth_ldap-1.6.0-4.2.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
 
iD8DBQFD0MAfGHbTkzxSL7QRAjqvAJ9rjsMvKZQZfrQYN2dtNR6FCv7k8gCgoN6d
JXBRud9twIIISUoeQbmqr5U=
=O/Y8
-----END PGP SIGNATURE-----
Comment 3 David Eisenstein 2006-01-21 04:04:27 UTC 
Thanks, Pekka!  :-)
Comment 4 David Eisenstein 2006-01-22 08:10:07 UTC 
Created attachment 123539 [details]
Proposed Test Update Notification Message

I have built on jane:
  * auth_ldap-1.6.0-4.2.legacy for RedHat Linux 7.3
   (/var/tmp/mach/redhat-73-i386-updates/auth_ldap-1.6.0-4.2.legacy)

Attached is a proposed Test Update Notification text.  Please let me know if
there is anything wrong with it.  Thanks.
Comment 5 Marc Deslauriers 2006-01-24 23:29:41 UTC 
Packages were pushed to updates-testing
Comment 6 Pekka Savola 2006-02-14 06:29:08 UTC 
New policy: automatic accept after two weeks if no negative feedback.
Comment 7 Pekka Savola 2006-02-27 06:41:53 UTC 
Timeout over.
Comment 8 Marc Deslauriers 2006-02-28 00:52:46 UTC 
Packages were released.