[phpldapadmin/el4] fix #748539 (CVE-2011-4075)

Dmitry Butskoy buc at fedoraproject.org
Wed Oct 26 14:39:50 UTC 2011 

commit 3d1caf0c56ac4b3873e83d479cc46fdbc65b4ed4
Author: Dmitry Butskoy <Dmitry at Butskoy.name>
Date:   Wed Oct 26 18:39:14 2011 +0400

    fix #748539 (CVE-2011-4075)

 .gitignore                                         |    1 +
 ...nfig.patch => phpldapadmin-0.9.8.5-config.patch |   18 +++++++++---------
 phpldapadmin-0.9.8.5-masort.patch                  |   14 ++++++++++++++
 phpldapadmin.spec                                  |   10 ++++++++--
 sources                                            |    2 +-
 5 files changed, 33 insertions(+), 12 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 69aaf01..db22521 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 phpldapadmin-0.9.7.1.tar.gz
+/phpldapadmin-0.9.8.5.tar.gz
diff --git a/phpldapadmin-0.9.7.2-config.patch b/phpldapadmin-0.9.8.5-config.patch
similarity index 82%
rename from phpldapadmin-0.9.7.2-config.patch
rename to phpldapadmin-0.9.8.5-config.patch
index ec5b1e2..161dbfb 100644
--- a/phpldapadmin-0.9.7.2-config.patch
+++ b/phpldapadmin-0.9.8.5-config.patch
@@ -1,7 +1,7 @@
-diff -Nrbu phpldapadmin-0.9.7.2/config/config.php phpldapadmin-0.9.7.2-OK/config/config.php
---- phpldapadmin-0.9.7.2/config/config.php	2005-11-15 19:29:18.000000000 +0300
-+++ phpldapadmin-0.9.7.2-OK/config/config.php	2005-11-15 19:29:06.000000000 +0300
-@@ -34,6 +34,9 @@
+diff -Nrbu phpldapadmin-0.9.8.5/config/config.php phpldapadmin-0.9.8.5-OK/config/config.php
+--- phpldapadmin-0.9.8.5/config/config.php	2011-10-26 18:29:01.000000000 +0400
++++ phpldapadmin-0.9.8.5-OK/config/config.php	2011-10-26 18:31:00.000000000 +0400
+@@ -39,6 +39,9 @@
  /* Useful important configuration overrides  */
  /*********************************************/
  
@@ -9,9 +9,9 @@ diff -Nrbu phpldapadmin-0.9.7.2/config/config.php phpldapadmin-0.9.7.2-OK/config
 +#  $config->custom->appearance['show_clear_password'] = true;
 +
  /* If you are asked to put pla in debug mode, this is how you do it: */
- #  $config->custom->debug['level'] = 2;
+ #  $config->custom->debug['level'] = 255;
  #  $config->custom->debug['syslog'] = true;
-@@ -64,7 +67,7 @@
+@@ -69,7 +72,7 @@
  
  /* A convenient name that will appear in the tree viewer and throughout
     phpLDAPadmin to identify this LDAP server to users. */
@@ -20,7 +20,7 @@ diff -Nrbu phpldapadmin-0.9.7.2/config/config.php phpldapadmin-0.9.7.2-OK/config
  
  /* Examples:
     'ldap.example.com',
-@@ -93,6 +96,7 @@
+@@ -98,6 +101,7 @@
     encrypted using blowfish and the secret your specify above as
     session['blowfish']. */
  // $ldapservers->SetValue($i,'server','auth_type','cookie');
@@ -28,7 +28,7 @@ diff -Nrbu phpldapadmin-0.9.7.2/config/config.php phpldapadmin-0.9.7.2-OK/config
  
  /* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
     'cookie' or 'session' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS BLANK. If
-@@ -118,6 +122,7 @@
+@@ -123,6 +127,7 @@
  /* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
     blowfish, crypt or leave blank for now default algorithm. */
  // $ldapservers->SetValue($i,'appearance','password_hash','md5');
@@ -36,7 +36,7 @@ diff -Nrbu phpldapadmin-0.9.7.2/config/config.php phpldapadmin-0.9.7.2-OK/config
  
  /* If you specified 'cookie' or 'session' as the auth_type above, you can
     optionally specify here an attribute to use when logging in. If you enter
-@@ -129,6 +134,7 @@
+@@ -134,6 +139,7 @@
     specify 'string', in which case you can provide a string to use for logging
     users in. See 'login_string' directly below. */
  // $ldapservers->SetValue($i,'login','attr','dn');
diff --git a/phpldapadmin-0.9.8.5-masort.patch b/phpldapadmin-0.9.8.5-masort.patch
new file mode 100644
index 0000000..684a3ec
--- /dev/null
+++ b/phpldapadmin-0.9.8.5-masort.patch
@@ -0,0 +1,14 @@
+diff -Nrbu phpldapadmin-0.9.8.5/lib/functions.php phpldapadmin-0.9.8.5-OK/lib/functions.php
+--- phpldapadmin-0.9.8.5/lib/functions.php	2008-11-28 17:21:37.000000000 +0300
++++ phpldapadmin-0.9.8.5-OK/lib/functions.php	2011-10-26 18:33:47.000000000 +0400
+@@ -2563,6 +2563,10 @@
+ 	if (DEBUG_ENABLED)
+ 		debug_log('masort(): Entered with (%s,%s,%s)',1,$data,$sortby,$rev);
+ 
++	# if the array to sort is null or empty, or if we have some nasty chars
++	if (! preg_match('/^[a-zA-Z0-9_]+(\([a-zA-Z0-9_,]*\))?$/',$sortby) || ! $data)
++	       return;
++
+ 	static $sort_funcs = array();
+ 
+ 	if (empty($sort_funcs[$sortby])) {
diff --git a/phpldapadmin.spec b/phpldapadmin.spec
index 3b2f8b1..4908968 100644
--- a/phpldapadmin.spec
+++ b/phpldapadmin.spec
@@ -1,13 +1,14 @@
 Name: phpldapadmin
 Summary: Web-based tool for managing LDAP servers
-Version: 0.9.8.3
+Version: 0.9.8.5
 Release: 1%{?dist}
 Group: Applications/Internet
 License: GPL
 URL: http://phpldapadmin.sourceforge.net
 Source: http://dl.sourceforge.net/sourceforge/phpldapadmin/phpldapadmin-%{version}.tar.gz
 Patch1: phpldapadmin-0.9.7.1-namingcontexts.patch
-Patch2: phpldapadmin-0.9.7.2-config.patch
+Patch2: phpldapadmin-0.9.8.5-config.patch
+Patch3: phpldapadmin-0.9.8.5-masort.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildArch: noarch
@@ -39,6 +40,7 @@ cp config/config.php.example config/config.php
 
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 
 %build
@@ -112,6 +114,10 @@ fi
 
 
 %changelog
+* Wed Oct 26 2011 Dmitry Butskoy <Dmitry at Butskoy.name> - 0.9.8.5-1
+- fix #748539 (CVE-2011-4075)
+- update to 0.9.8.5
+
 * Mon May 15 2006 Dmitry Butskoy <Dmitry at Butskoy.name> - 0.9.8.3-1
 - update to 0.9.8.3
 
diff --git a/sources b/sources
index 3211b84..68e7038 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1bb495a36cee3582dc0957880118d3ec  phpldapadmin-0.9.8.3.tar.gz
+a323d6815e5a560c5cd03614d33d7e8d  phpldapadmin-0.9.8.5.tar.gz

More information about the scm-commits mailing list