Fix CVE-2025-24898

(cherry picked from commit 7ff722cdfac8f38b86c5d497164e24fbca1d246d)
2025-02-06 14:49:35 +08:00 · 2025-02-06 14:49:35 +08:00 · 43a5950c3a
commit 43a5950c3a
parent 7aee636f46
2 changed files with 42 additions and 1 deletions
--- a/389-ds-base.spec
+++ b/389-ds-base.spec
@ -6,7 +6,7 @@ ExcludeArch:   i686
 Name:          389-ds-base
 Summary:       Base 389 Directory Server
 Version:       3.1.1
-Release:       4
+Release:       5
 License:       GPLv3+
 URL:           https://www.port389.org
 Source0:       https://releases.pagure.org/389-ds-base/389-ds-base-%{version}.tar.bz2
@ -17,6 +17,8 @@ Source2:       389-ds-base-devel.README
 Patch0:        fix-dsidm-posixgroup-get_dn-fails-with-search_ext.patch
 Patch1:        remove-where-cockpit_present-is-called.patch
 Patch2:        fix-dsidm-role-subtree-status-fails-with-TypeError.patch
 # https://github.com/sfackler/rust-openssl/commit/f014afb230de4d77bc79dea60e7e58c2f47b60f2
 Patch3:        CVE-2025-24898.patch
 BuildRequires: nspr-devel nss-devel >= 3.34 perl-generators openldap-devel libdb-devel cyrus-sasl-devel icu
 BuildRequires: libicu-devel pcre-devel cracklib-devel gcc-c++ net-snmp-devel lm_sensors-devel bzip2-devel
@ -326,6 +328,9 @@ exit 0
 %{_mandir}/*/*
 %changelog
 * Thu Feb 06 2025 yaoxin <1024769339@qq.com> - 3.1.1-5
 - Fix CVE-2025-24898
 * Fri Nov 29 2024 wangkai <13474090681@163.com> - 3.1.1-4
 - Fix typo sucessfully
--- a/CVE-2025-24898.patch
+++ b/CVE-2025-24898.patch