summaryrefslogtreecommitdiffstats
path: root/main/openldap
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2012-01-02 10:06:42 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2012-01-02 10:06:42 +0000
commitdbee1f2c9e8313343fa945194cb0d230bad8892c (patch)
treef8da89f03be446f573089d95ae686e701082946f /main/openldap
parent431dfa4619c52a2fff537fb997dbe8b8e44f2f03 (diff)
parentdaafae5c7c194f4d3ba052691a043da06c294a46 (diff)
downloadaports-dbee1f2c9e8313343fa945194cb0d230bad8892c.tar.bz2
aports-dbee1f2c9e8313343fa945194cb0d230bad8892c.tar.xz
Merge branch 'master' of ssh://dev.alpinelinux.org/home/fcolista/cgit/aports-fcolista
Diffstat (limited to 'main/openldap')
-rw-r--r--main/openldap/APKBUILD9
-rw-r--r--main/openldap/cve-2011-4079.patch55
2 files changed, 4 insertions, 60 deletions
diff --git a/main/openldap/APKBUILD b/main/openldap/APKBUILD
index cb50dd92e..6f84d48a9 100644
--- a/main/openldap/APKBUILD
+++ b/main/openldap/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=openldap
-pkgver=2.4.26
-pkgrel=3
+pkgver=2.4.28
+pkgrel=0
pkgdesc="LDAP Server"
url="http://www.openldap.org/"
arch="all"
@@ -17,7 +17,6 @@ install="$pkgname.pre-install $pkgname.post-install"
source="ftp://ftp.$pkgname.org/pub/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tgz
openldap-2.4-ppolicy.patch
openldap-2.4.11-libldap_r.patch
- cve-2011-4079.patch
slapd.initd
slapd.confd
slurpd.initd
@@ -59,6 +58,7 @@ build () {
--enable-shell=mod \
--enable-sock=mod \
--enable-sql=mod \
+ --enable-overlays=mod \
--with-tls=openssl \
--with-cyrus-sasl \
|| return 1
@@ -111,10 +111,9 @@ meta() { _backend meta; }
monitor() { _backend monitor; }
-md5sums="f36f3086031dd56ae94f722ffae8df5e openldap-2.4.26.tgz
+md5sums="196023e552eeb259e048edcd61a9645b openldap-2.4.28.tgz
2524e490ba334a760fa57057c16da7a9 openldap-2.4-ppolicy.patch
d19d0502f046078ecd737e29e7552fa8 openldap-2.4.11-libldap_r.patch
-967d86fbfdbf9054b722f23323751fc9 cve-2011-4079.patch
a729bf553d12b4a9fbda0ff5202a0443 slapd.initd
b672311fca605c398240cd37a2ae080a slapd.confd
fa5ce0005ef5f1160b6ff126f97aaa1a slurpd.initd"
diff --git a/main/openldap/cve-2011-4079.patch b/main/openldap/cve-2011-4079.patch
deleted file mode 100644
index 94a453d9c..000000000
--- a/main/openldap/cve-2011-4079.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-one-byte buffer overflow in slapd
-
-Resolves: #749324 (CVE-2011-4079)
-Upstream ITS: #7059
-Upstream commits: d0dd861 5072387
-Author: Howard Chu <hyc@openldap.org>
-
-diff -u
---- a/servers/slapd/schema_init.c
-+++ b/servers/slapd/schema_init.c
-@@ -1852,12 +1852,12 @@ UTF8StringNormalize(
- }
- nvalue.bv_val[nvalue.bv_len] = '\0';
-
-- } else {
-+ } else if ( tmp.bv_len ) {
- /* string of all spaces is treated as one space */
- nvalue.bv_val[0] = ' ';
- nvalue.bv_val[1] = '\0';
- nvalue.bv_len = 1;
-- }
-+ } /* should never be entered with 0-length val */
-
- *normalized = nvalue;
- return LDAP_SUCCESS;
-@@ -2331,13 +2331,18 @@ postalAddressNormalize(
- }
- lines[l].bv_len = &val->bv_val[c] - lines[l].bv_val;
-
-- normalized->bv_len = l;
-+ normalized->bv_len = c = l;
-
-- for ( l = 0; !BER_BVISNULL( &lines[l] ); l++ ) {
-+ for ( l = 0; l <= c; l++ ) {
- /* NOTE: we directly normalize each line,
- * without unescaping the values, since the special
- * values '\24' ('$') and '\5C' ('\') are not affected
- * by normalization */
-+ if ( !lines[l].bv_len ) {
-+ nlines[l].bv_len = 0;
-+ nlines[l].bv_val = NULL;
-+ continue;
-+ }
- rc = UTF8StringNormalize( usage, NULL, xmr, &lines[l], &nlines[l], ctx );
- if ( rc != LDAP_SUCCESS ) {
- rc = LDAP_INVALID_SYNTAX;
-@@ -2350,7 +2355,7 @@ postalAddressNormalize(
- normalized->bv_val = slap_sl_malloc( normalized->bv_len + 1, ctx );
-
- p = normalized->bv_val;
-- for ( l = 0; !BER_BVISNULL( &nlines[l] ); l++ ) {
-+ for ( l = 0; l <= c ; l++ ) {
- p = lutil_strbvcopy( p, &nlines[l] );
- *p++ = '$';
- }