[freeipa/f18] Require 389-base-base 1.3.0.5

Martin Kosek mkosek at fedoraproject.org
Tue Apr 2 14:51:57 UTC 2013 

commit fc066b006a7cc39c0cf452e37a45d40e2ef3ca55
Author: Martin Kosek <mkosek at redhat.com>
Date:   Tue Apr 2 16:15:25 2013 +0200

    Require 389-base-base 1.3.0.5
    
    Pulls the following fixes:
     - upgrade deadlock caused by DNA plugin reconfiguration
     - CVE-2013-1897: unintended information exposure when rootdse is
       enabled

 freeipa.spec |   11 +++++++++--
 1 files changed, 9 insertions(+), 2 deletions(-)
---
diff --git a/freeipa.spec b/freeipa.spec
index 3821ffb..01b7a97 100644
--- a/freeipa.spec
+++ b/freeipa.spec
@@ -15,7 +15,7 @@ distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
 
 Name:           freeipa
 Version:        3.1.3
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        The Identity, Policy and Audit system
 
 Group:          System Environment/Base
@@ -90,7 +90,7 @@ Requires: %{name}-python = %{version}-%{release}
 Requires: %{name}-client = %{version}-%{release}
 Requires: %{name}-admintools = %{version}-%{release}
 Requires: %{name}-server-selinux = %{version}-%{release}
-Requires: 389-ds-base >= 1.3.0
+Requires: 389-ds-base >= 1.3.0.5
 Requires: openldap-clients
 Requires: nss
 Requires: nss-tools
@@ -128,6 +128,7 @@ Requires: zip
 Requires: policycoreutils >= %{POLICYCOREUTILSVER}
 Requires: tar
 Requires(pre): certmonger >= 0.65
+Requires(pre): 389-ds-base >= 1.3.0.5
 
 # We have a soft-requires on bind. It is an optional part of
 # IPA but if it is configured we need a way to require versions
@@ -776,6 +777,12 @@ fi
 %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
 
 %changelog
+* Tue Apr  2 2013 Martin Kosek <mkosek at redhat.com> - 3.1.3-4
+- Require 389-base-base >= 1.3.0.5 to pull the following fixes:
+  - upgrade deadlock caused by DNA plugin reconfiguration
+  - CVE-2013-1897: unintended information exposure when
+    nsslapd-allow-anonymous-access is set to rootdse
+
 * Fri Mar 29 2013 Martin Kosek <mkosek at redhat.com> - 3.1.3-3
 - DoS when connecting with a missing username/dn (#928387)

More information about the scm-commits mailing list