New branch '389-ds-base-1.3.3.10-CVE-2015-1854' available with the following commits: commit 81b56c2e129c42e1b94024aeabe71f1b3ade1e6a Author: Noriko Hosoi nhosoi@redhat.com Date: Tue Apr 28 10:16:17 2015 -0700
bump version to 1.3.3.10
commit 886ae7eb6f5bace39105129098833f828d617855 Author: Thierry Bordaz tbordaz@redhat.com Date: Tue Apr 14 16:24:44 2015 +0200
CVE-2015-1854 389ds-base: access control bypass with modrdn
Bug Description: 47553 fix checks the write right access only if the RDN is modified. This allows to rename entries even if the authenticated user is not allowed of that.
Fix Description: Roll back a wrong optimization that tested the write access only if RDN value was changed.
https://fedorahosted.org/389/ticket/47553
Reviewed by: ?
Platforms tested: F17 (upstream test)
Flag Day: no
Doc impact: no
(cherry picked from commit 44e5c0998bdf7dcb167e8472713ff393b776e4e3)
Conflicts: dirsrvtests/tickets/ticket47553_single_aci_test.py
389-commits@lists.fedoraproject.org