[phpldapadmin/el5] fix #748539 (CVE-2011-4075)
Dmitry Butskoy
buc at fedoraproject.org
Wed Oct 26 14:23:53 UTC 2011
commit 667710084fe7028f8228da6a20595057de2edf91
Author: Dmitry Butskoy <Dmitry at Butskoy.name>
Date: Wed Oct 26 18:23:24 2011 +0400
fix #748539 (CVE-2011-4075)
.gitignore | 1 +
phpldapadmin-1.0.1-masort.patch | 13 +++++++++++++
...config.patch => phpldapadmin-1.0.2-config.patch | 20 ++++++++++----------
phpldapadmin.spec | 10 ++++++++--
sources | 2 +-
5 files changed, 33 insertions(+), 13 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 7c90c2f..b2628ac 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
phpldapadmin-1.0.1.tar.gz
+/phpldapadmin-1.0.2.tar.gz
diff --git a/phpldapadmin-1.0.1-masort.patch b/phpldapadmin-1.0.1-masort.patch
new file mode 100644
index 0000000..81c0d6b
--- /dev/null
+++ b/phpldapadmin-1.0.1-masort.patch
@@ -0,0 +1,13 @@
+diff -Nrbu phpldapadmin-1.0.1/lib/functions.php phpldapadmin-1.0.1-OK/lib/functions.php
+--- phpldapadmin-1.0.1/lib/functions.php 2006-05-13 16:52:27.000000000 +0400
++++ phpldapadmin-1.0.1-OK/lib/functions.php 2011-10-26 18:05:53.000000000 +0400
+@@ -2518,6 +2518,9 @@
+ function masort(&$data,$sortby,$rev=0) {
+ if (DEBUG_ENABLED)
+ debug_log('masort(): Entered with (%s,%s,%s)',1,$data,$sortby,$rev);
++ # if the array to sort is null or empty, or if we have some nasty chars
++ if (! preg_match('/^[a-zA-Z0-9_]+(\([a-zA-Z0-9_,]*\))?$/',$sortby) || ! $data)
++ return;
+
+ static $sort_funcs = array();
+
diff --git a/phpldapadmin-1.0.1-config.patch b/phpldapadmin-1.0.2-config.patch
similarity index 79%
rename from phpldapadmin-1.0.1-config.patch
rename to phpldapadmin-1.0.2-config.patch
index 775816b..7e49d3b 100644
--- a/phpldapadmin-1.0.1-config.patch
+++ b/phpldapadmin-1.0.2-config.patch
@@ -1,9 +1,9 @@
-diff -Nrbu phpldapadmin-1.0.1/config/config.php phpldapadmin-1.0.1-OK/config/config.php
---- phpldapadmin-1.0.1/config/config.php 2006-09-19 18:16:12.000000000 +0400
-+++ phpldapadmin-1.0.1-OK/config/config.php 2006-09-19 18:31:56.000000000 +0400
-@@ -55,6 +55,11 @@
- // $config->custom->jpeg['tmpdir'] = "/tmp"; // Example for Unix systems
- # $config->custom->jpeg['tmpdir'] = "c:\\temp"; // Example for Windows systems
+diff -Nrbu phpldapadmin-1.0.2/config/config.php phpldapadmin-1.0.2-OK/config/config.php
+--- phpldapadmin-1.0.2/config/config.php 2011-10-26 18:16:01.000000000 +0400
++++ phpldapadmin-1.0.2-OK/config/config.php 2011-10-26 18:20:02.000000000 +0400
+@@ -69,6 +69,11 @@
+ /* Configure what objects are shown in left hand tree */
+ // $config->custom->appearance['tree_filter'] = '(objectclass=*)';
+// $config->custom->appearance['show_clear_password'] = false;
+
@@ -13,7 +13,7 @@ diff -Nrbu phpldapadmin-1.0.1/config/config.php phpldapadmin-1.0.1-OK/config/con
/*********************************************/
/* Define your LDAP servers in this section */
/*********************************************/
-@@ -64,7 +69,7 @@
+@@ -78,7 +83,7 @@
/* A convenient name that will appear in the tree viewer and throughout
phpLDAPadmin to identify this LDAP server to users. */
@@ -22,7 +22,7 @@ diff -Nrbu phpldapadmin-1.0.1/config/config.php phpldapadmin-1.0.1-OK/config/con
/* Examples:
'ldap.example.com',
-@@ -93,6 +98,7 @@
+@@ -107,6 +112,7 @@
encrypted using blowfish and the secret your specify above as
session['blowfish']. */
// $ldapservers->SetValue($i,'server','auth_type','cookie');
@@ -30,7 +30,7 @@ diff -Nrbu phpldapadmin-1.0.1/config/config.php phpldapadmin-1.0.1-OK/config/con
/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
'cookie' or 'session' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS BLANK. If
-@@ -162,6 +168,7 @@
+@@ -176,6 +182,7 @@
/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
blowfish, crypt or leave blank for now default algorithm. */
// $ldapservers->SetValue($i,'appearance','password_hash','md5');
@@ -38,7 +38,7 @@ diff -Nrbu phpldapadmin-1.0.1/config/config.php phpldapadmin-1.0.1-OK/config/con
/* If you specified 'cookie' or 'session' as the auth_type above, you can
optionally specify here an attribute to use when logging in. If you enter
-@@ -173,6 +180,7 @@
+@@ -187,6 +194,7 @@
specify 'string', in which case you can provide a string to use for logging
users in. See 'login_string' directly below. */
// $ldapservers->SetValue($i,'login','attr','dn');
diff --git a/phpldapadmin.spec b/phpldapadmin.spec
index 003edbf..00e0c8a 100644
--- a/phpldapadmin.spec
+++ b/phpldapadmin.spec
@@ -1,12 +1,13 @@
Name: phpldapadmin
Summary: Web-based tool for managing LDAP servers
-Version: 1.0.1
+Version: 1.0.2
Release: 1%{?dist}
Group: Applications/Internet
License: GPL
URL: http://phpldapadmin.sourceforge.net
Source: http://dl.sourceforge.net/sourceforge/phpldapadmin/phpldapadmin-%{version}.tar.gz
-Patch0: phpldapadmin-1.0.1-config.patch
+Patch0: phpldapadmin-1.0.2-config.patch
+Patch1: phpldapadmin-1.0.1-masort.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
@@ -37,6 +38,7 @@ access by remote web-clients.
cp config/config.php.example config/config.php
%patch0 -p1
+%patch1 -p1
%build
@@ -110,6 +112,10 @@ fi
%changelog
+* Wed Oct 26 2011 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.0.2-1
+- fix #748539 (CVE-2011-4075)
+- update to 1.0.2
+
* Tue Sep 19 2006 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.0.1-1
- upgrade to 1.0.1
- drop namingcontexts patch, no more needed for php >= 5.0.6
diff --git a/sources b/sources
index 3520238..33ea7dc 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1cfb80099229dd27090634a4781990b5 phpldapadmin-1.0.1.tar.gz
+316b917d8abe1b37603c49b61b068bd0 phpldapadmin-1.0.2.tar.gz
More information about the scm-commits
mailing list