aboutsummaryrefslogtreecommitdiff
path: root/package/openldap/0002-fix-bignum.patch
diff options
context:
space:
mode:
authorGravatar Francois Perrad <fperrad@gmail.com>2020-12-22 18:11:49 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2020-12-24 12:48:52 +0100
commit7345f5bdf9bd75866a4f609eef52115c2a5957a9 (patch)
tree64a0ae79e1a523a70838e239ed4af286526e7769 /package/openldap/0002-fix-bignum.patch
parent3d13c2d099007bcbd32f0f6a9dc1a17921c069b9 (diff)
downloadbuildroot-7345f5bdf9bd75866a4f609eef52115c2a5957a9.tar.gz
buildroot-7345f5bdf9bd75866a4f609eef52115c2a5957a9.tar.bz2
package/openldap: security bump to version 2.4.56
Fixes the following security issue: - CVE-2020-25692: A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. - CVE-2020-25709: Assertion failure in CSN normalization with invalid input - CVE-2020-25710: Assertion failure in CSN normalization with invalid input Signed-off-by: Francois Perrad <francois.perrad@gadz.org> [Peter: add CVE info] Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 09a565d9408f47e219972b0a71f3cbe0d801225c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/openldap/0002-fix-bignum.patch')
-rw-r--r--package/openldap/0002-fix-bignum.patch4
1 files changed, 2 insertions, 2 deletions
diff --git a/package/openldap/0002-fix-bignum.patch b/package/openldap/0002-fix-bignum.patch
index d3dc88fc37..159ea8e228 100644
--- a/package/openldap/0002-fix-bignum.patch
+++ b/package/openldap/0002-fix-bignum.patch
@@ -15,7 +15,7 @@ Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
diff -durN openldap-2.4.40.orig/configure openldap-2.4.40/configure
--- openldap-2.4.40.orig/configure 2014-09-19 03:48:49.000000000 +0200
+++ openldap-2.4.40/configure 2015-01-25 18:44:54.216879362 +0100
-@@ -23478,7 +23478,7 @@
+@@ -23431,7 +23431,7 @@
if test "$ac_cv_header_openssl_bn_h" = "yes" &&
test "$ac_cv_header_openssl_crypto_h" = "yes" &&
@@ -27,7 +27,7 @@ diff -durN openldap-2.4.40.orig/configure openldap-2.4.40/configure
diff -durN openldap-2.4.40.orig/configure.in openldap-2.4.40/configure.in
--- openldap-2.4.40.orig/configure.in 2014-09-19 03:48:49.000000000 +0200
+++ openldap-2.4.40/configure.in 2015-01-25 18:44:37.628676446 +0100
-@@ -2367,7 +2367,7 @@
+@@ -2383,7 +2383,7 @@
AC_CHECK_HEADERS(openssl/crypto.h)
if test "$ac_cv_header_openssl_bn_h" = "yes" &&
test "$ac_cv_header_openssl_crypto_h" = "yes" &&