ds.git/lib/base/plist.cpp, branch bug515329.py Unnamed repository; edit this file to name it for gitweb. Resolves: #214533 2006-11-10T23:46:05+00:00 Noriko Hosoi nhosoi@redhat.com 2006-11-10T23:46:05+00:00 6679b0968981f8be7c33a7df2c30bb5146f3a6d3 Summary: configure needs to support --with-fhs (Comment #6) Changes: Added the following include next to the end of the copyright block. + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif + 
Summary: configure needs to support --with-fhs (Comment #6)
Changes: Added the following include next to the end of the copyright block.
+
+#ifdef HAVE_CONFIG_H
+#  include <config.h>
+#endif
+
Bug(s) fixed: 186280 2006-04-11T02:14:54+00:00 Rich Megginson rmeggins@redhat.com 2006-04-11T02:14:54+00:00 e8c67e58c2faa3e3f5d328a92391a5a6a4569620 Bug Description: ldapserver: Close potential security vulnerabilities in CGI code Reviewed by: Nathan, Noriko, and Pete (Thanks!) Fix Description: Clean up usage of sprintf, strcpy, fgets instead of gets, fixed buffer usage, etc., mostly in the CGI code and other user facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick to force it to check printf style varargs functions, to check the format string against the argument string, for type mismatches, missing arguments, and too many arguments. In the CGI form argument parsing code, we needed to be more careful about checking for bad input - good input is supposed to look like this: name=value&name=value&..... &name=value. I don't think the original code was checking properly for something like name&name=value. There was another place where we were not checking to see if a buffer had enough room before appending a string to it. I had to change a couple of functions to allow passing in the size of the buffer. Fixed some issues raised by Noriko and Nathan. Platforms tested: RHEL4 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none 
Bug Description: ldapserver: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan, Noriko, and Pete (Thanks!)
Fix Description: Clean up usage of sprintf, strcpy, fgets instead of
gets, fixed buffer usage, etc., mostly in the CGI code and other user
facing code (i.e. setup).  Also, Steve Grubb told me about a GCC trick
to force it to check printf style varargs functions, to check the format
string against the argument string, for type mismatches, missing
arguments, and too many arguments.
In the CGI form argument parsing code, we needed to be more careful
about checking for bad input - good input is supposed to look like this:
name=value&name=value&.....
&name=value.  I don't think the original code
was checking properly for something like name&name=value.
There was another place where we were not checking to see if a buffer
had enough room before appending a string to it.
I had to change a couple of functions to allow passing in the size of
the buffer.
Fixed some issues raised by Noriko and Nathan.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Fixed licensing typo 2005-04-19T22:07:54+00:00 Nathan Kinder nkinder@redhat.com 2005-04-19T22:07:54+00:00 5a8395d602f17c52bcbd14269317ee301d17be3c 






155068 - Added license to source files
2005-04-15T22:40:54+00:00

Nathan Kinder
nkinder@redhat.com

2005-04-15T22:40:54+00:00

413f26105f36dc486ea14f9dad7c1879b260d15f












149951 - Updated source code copyrights
2005-02-28T23:38:10+00:00

Nathan Kinder
nkinder@redhat.com

2005-02-28T23:38:10+00:00

606a96781b8bd30ff8331d04c7eed86c3963f7e7












Moving NSCP Directory Server from DirectoryBranch to TRUNK, initial drop. (foxworth)
2005-01-21T00:44:34+00:00

cvsadm
cvsadm

2005-01-21T00:44:34+00:00

b2093e3016027d6b5cf06b3f91f30769bfc099e2