aboutsummaryrefslogtreecommitdiff
path: root/package/openldap/0001-fix_cross_strip.patch
diff options
context:
space:
mode:
authorGravatar Francois Perrad <fperrad@gmail.com>2020-12-22 18:11:49 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2020-12-24 12:48:52 +0100
commit7345f5bdf9bd75866a4f609eef52115c2a5957a9 (patch)
tree64a0ae79e1a523a70838e239ed4af286526e7769 /package/openldap/0001-fix_cross_strip.patch
parent3d13c2d099007bcbd32f0f6a9dc1a17921c069b9 (diff)
downloadbuildroot-7345f5bdf9bd75866a4f609eef52115c2a5957a9.tar.gz
buildroot-7345f5bdf9bd75866a4f609eef52115c2a5957a9.tar.bz2
package/openldap: security bump to version 2.4.56
Fixes the following security issue: - CVE-2020-25692: A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. - CVE-2020-25709: Assertion failure in CSN normalization with invalid input - CVE-2020-25710: Assertion failure in CSN normalization with invalid input Signed-off-by: Francois Perrad <francois.perrad@gadz.org> [Peter: add CVE info] Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 09a565d9408f47e219972b0a71f3cbe0d801225c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/openldap/0001-fix_cross_strip.patch')
-rw-r--r--package/openldap/0001-fix_cross_strip.patch2
1 files changed, 1 insertions, 1 deletions
diff --git a/package/openldap/0001-fix_cross_strip.patch b/package/openldap/0001-fix_cross_strip.patch
index ed4964e44b..d9d6f9d505 100644
--- a/package/openldap/0001-fix_cross_strip.patch
+++ b/package/openldap/0001-fix_cross_strip.patch
@@ -44,7 +44,7 @@ diff -rupN openldap-2.4.40/clients/tools/Makefile.in openldap-2.4.40-br/clients/
diff -rupN openldap-2.4.40/configure.in openldap-2.4.40-br/configure.in
--- openldap-2.4.40/configure.in 2014-09-18 21:48:49.000000000 -0400
+++ openldap-2.4.40-br/configure.in 2015-01-16 15:50:48.874816786 -0500
-@@ -669,6 +669,15 @@ if test -z "${AR}"; then
+@@ -668,6 +668,15 @@ if test -z "${AR}"; then
fi
fi