diff options
author | Leonardo Arena <rnalrd@alpinelinux.org> | 2012-01-02 10:06:42 +0000 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2012-01-02 10:06:42 +0000 |
commit | dbee1f2c9e8313343fa945194cb0d230bad8892c (patch) | |
tree | f8da89f03be446f573089d95ae686e701082946f /main/openldap | |
parent | 431dfa4619c52a2fff537fb997dbe8b8e44f2f03 (diff) | |
parent | daafae5c7c194f4d3ba052691a043da06c294a46 (diff) | |
download | aports-dbee1f2c9e8313343fa945194cb0d230bad8892c.tar.bz2 aports-dbee1f2c9e8313343fa945194cb0d230bad8892c.tar.xz |
Merge branch 'master' of ssh://dev.alpinelinux.org/home/fcolista/cgit/aports-fcolista
Diffstat (limited to 'main/openldap')
-rw-r--r-- | main/openldap/APKBUILD | 9 | ||||
-rw-r--r-- | main/openldap/cve-2011-4079.patch | 55 |
2 files changed, 4 insertions, 60 deletions
diff --git a/main/openldap/APKBUILD b/main/openldap/APKBUILD index cb50dd92e..6f84d48a9 100644 --- a/main/openldap/APKBUILD +++ b/main/openldap/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=openldap -pkgver=2.4.26 -pkgrel=3 +pkgver=2.4.28 +pkgrel=0 pkgdesc="LDAP Server" url="http://www.openldap.org/" arch="all" @@ -17,7 +17,6 @@ install="$pkgname.pre-install $pkgname.post-install" source="ftp://ftp.$pkgname.org/pub/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tgz openldap-2.4-ppolicy.patch openldap-2.4.11-libldap_r.patch - cve-2011-4079.patch slapd.initd slapd.confd slurpd.initd @@ -59,6 +58,7 @@ build () { --enable-shell=mod \ --enable-sock=mod \ --enable-sql=mod \ + --enable-overlays=mod \ --with-tls=openssl \ --with-cyrus-sasl \ || return 1 @@ -111,10 +111,9 @@ meta() { _backend meta; } monitor() { _backend monitor; } -md5sums="f36f3086031dd56ae94f722ffae8df5e openldap-2.4.26.tgz +md5sums="196023e552eeb259e048edcd61a9645b openldap-2.4.28.tgz 2524e490ba334a760fa57057c16da7a9 openldap-2.4-ppolicy.patch d19d0502f046078ecd737e29e7552fa8 openldap-2.4.11-libldap_r.patch -967d86fbfdbf9054b722f23323751fc9 cve-2011-4079.patch a729bf553d12b4a9fbda0ff5202a0443 slapd.initd b672311fca605c398240cd37a2ae080a slapd.confd fa5ce0005ef5f1160b6ff126f97aaa1a slurpd.initd" diff --git a/main/openldap/cve-2011-4079.patch b/main/openldap/cve-2011-4079.patch deleted file mode 100644 index 94a453d9c..000000000 --- a/main/openldap/cve-2011-4079.patch +++ /dev/null @@ -1,55 +0,0 @@ -one-byte buffer overflow in slapd - -Resolves: #749324 (CVE-2011-4079) -Upstream ITS: #7059 -Upstream commits: d0dd861 5072387 -Author: Howard Chu <hyc@openldap.org> - -diff -u ---- a/servers/slapd/schema_init.c -+++ b/servers/slapd/schema_init.c -@@ -1852,12 +1852,12 @@ UTF8StringNormalize( - } - nvalue.bv_val[nvalue.bv_len] = '\0'; - -- } else { -+ } else if ( tmp.bv_len ) { - /* string of all spaces is treated as one space */ - nvalue.bv_val[0] = ' '; - nvalue.bv_val[1] = '\0'; - nvalue.bv_len = 1; -- } -+ } /* should never be entered with 0-length val */ - - *normalized = nvalue; - return LDAP_SUCCESS; -@@ -2331,13 +2331,18 @@ postalAddressNormalize( - } - lines[l].bv_len = &val->bv_val[c] - lines[l].bv_val; - -- normalized->bv_len = l; -+ normalized->bv_len = c = l; - -- for ( l = 0; !BER_BVISNULL( &lines[l] ); l++ ) { -+ for ( l = 0; l <= c; l++ ) { - /* NOTE: we directly normalize each line, - * without unescaping the values, since the special - * values '\24' ('$') and '\5C' ('\') are not affected - * by normalization */ -+ if ( !lines[l].bv_len ) { -+ nlines[l].bv_len = 0; -+ nlines[l].bv_val = NULL; -+ continue; -+ } - rc = UTF8StringNormalize( usage, NULL, xmr, &lines[l], &nlines[l], ctx ); - if ( rc != LDAP_SUCCESS ) { - rc = LDAP_INVALID_SYNTAX; -@@ -2350,7 +2355,7 @@ postalAddressNormalize( - normalized->bv_val = slap_sl_malloc( normalized->bv_len + 1, ctx ); - - p = normalized->bv_val; -- for ( l = 0; !BER_BVISNULL( &nlines[l] ); l++ ) { -+ for ( l = 0; l <= c ; l++ ) { - p = lutil_strbvcopy( p, &nlines[l] ); - *p++ = '$'; - } |