main/openldap: upgrade to 2.4.28

2 files changed, 3 insertions, 60 deletions

diff --git a/main/openldap/APKBUILD b/main/openldap/APKBUILD
index 6a1ac2f8c8..6f84d48a9b 100644
--- a/main/openldap/APKBUILD
+++ b/main/openldap/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=openldap
-pkgver=2.4.26
-pkgrel=4
+pkgver=2.4.28
+pkgrel=0
 pkgdesc="LDAP Server"
 url="http://www.openldap.org/"
 arch="all"
@@ -17,7 +17,6 @@ install="$pkgname.pre-install $pkgname.post-install"
 source="ftp://ftp.$pkgname.org/pub/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tgz
 	openldap-2.4-ppolicy.patch
 	openldap-2.4.11-libldap_r.patch
-	cve-2011-4079.patch
 	slapd.initd
 	slapd.confd
 	slurpd.initd
@@ -112,10 +111,9 @@ meta() {	_backend meta; }
 monitor() {	_backend monitor; }
 
 
-md5sums="f36f3086031dd56ae94f722ffae8df5e  openldap-2.4.26.tgz
+md5sums="196023e552eeb259e048edcd61a9645b  openldap-2.4.28.tgz
 2524e490ba334a760fa57057c16da7a9  openldap-2.4-ppolicy.patch
 d19d0502f046078ecd737e29e7552fa8  openldap-2.4.11-libldap_r.patch
-967d86fbfdbf9054b722f23323751fc9  cve-2011-4079.patch
 a729bf553d12b4a9fbda0ff5202a0443  slapd.initd
 b672311fca605c398240cd37a2ae080a  slapd.confd
 fa5ce0005ef5f1160b6ff126f97aaa1a  slurpd.initd"
diff --git a/main/openldap/cve-2011-4079.patch b/main/openldap/cve-2011-4079.patch
deleted file mode 100644
index 94a453d9c6..0000000000
--- a/main/openldap/cve-2011-4079.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-one-byte buffer overflow in slapd
-
-Resolves: #749324 (CVE-2011-4079)
-Upstream ITS: #7059
-Upstream commits: d0dd861 5072387
-Author: Howard Chu <hyc@openldap.org>
-
-diff -u
---- a/servers/slapd/schema_init.c
-+++ b/servers/slapd/schema_init.c
-@@ -1852,12 +1852,12 @@ UTF8StringNormalize(
- 		}
- 		nvalue.bv_val[nvalue.bv_len] = '\0';
- 
--	} else {
-+	} else if ( tmp.bv_len )  {
- 		/* string of all spaces is treated as one space */
- 		nvalue.bv_val[0] = ' ';
- 		nvalue.bv_val[1] = '\0';
- 		nvalue.bv_len = 1;
--	}
-+	}	/* should never be entered with 0-length val */
- 
- 	*normalized = nvalue;
- 	return LDAP_SUCCESS;
-@@ -2331,13 +2331,18 @@ postalAddressNormalize(
- 	}
- 	lines[l].bv_len = &val->bv_val[c] - lines[l].bv_val;
- 
--	normalized->bv_len = l;
-+	normalized->bv_len = c = l;
- 
--	for ( l = 0; !BER_BVISNULL( &lines[l] ); l++ ) {
-+	for ( l = 0; l <= c; l++ ) {
- 		/* NOTE: we directly normalize each line,
- 		 * without unescaping the values, since the special
- 		 * values '\24' ('$') and '\5C' ('\') are not affected
- 		 * by normalization */
-+		if ( !lines[l].bv_len ) {
-+			nlines[l].bv_len = 0;
-+			nlines[l].bv_val = NULL;
-+			continue;
-+		}
- 		rc = UTF8StringNormalize( usage, NULL, xmr, &lines[l], &nlines[l], ctx );
- 		if ( rc != LDAP_SUCCESS ) {
- 			rc = LDAP_INVALID_SYNTAX;
-@@ -2350,7 +2355,7 @@ postalAddressNormalize(
- 	normalized->bv_val = slap_sl_malloc( normalized->bv_len + 1, ctx );
- 
- 	p = normalized->bv_val;
--	for ( l = 0; !BER_BVISNULL( &nlines[l] ); l++ ) {
-+	for ( l = 0; l <= c ; l++ ) {
- 		p = lutil_strbvcopy( p, &nlines[l] );
- 		*p++ = '$';
- 	}