aboutsummaryrefslogtreecommitdiff
path: root/package/openldap/openldap.mk
diff options
context:
space:
mode:
authorGravatar Francois Perrad <fperrad@gmail.com>2020-12-22 18:11:49 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2020-12-24 12:48:52 +0100
commit7345f5bdf9bd75866a4f609eef52115c2a5957a9 (patch)
tree64a0ae79e1a523a70838e239ed4af286526e7769 /package/openldap/openldap.mk
parent3d13c2d099007bcbd32f0f6a9dc1a17921c069b9 (diff)
downloadbuildroot-7345f5bdf9bd75866a4f609eef52115c2a5957a9.tar.gz
buildroot-7345f5bdf9bd75866a4f609eef52115c2a5957a9.tar.bz2
package/openldap: security bump to version 2.4.56
Fixes the following security issue: - CVE-2020-25692: A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. - CVE-2020-25709: Assertion failure in CSN normalization with invalid input - CVE-2020-25710: Assertion failure in CSN normalization with invalid input Signed-off-by: Francois Perrad <francois.perrad@gadz.org> [Peter: add CVE info] Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 09a565d9408f47e219972b0a71f3cbe0d801225c) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/openldap/openldap.mk')
-rw-r--r--package/openldap/openldap.mk2
1 files changed, 1 insertions, 1 deletions
diff --git a/package/openldap/openldap.mk b/package/openldap/openldap.mk
index a9e71be595..e44c958c41 100644
--- a/package/openldap/openldap.mk
+++ b/package/openldap/openldap.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPENLDAP_VERSION = 2.4.50
+OPENLDAP_VERSION = 2.4.56
OPENLDAP_SOURCE = openldap-$(OPENLDAP_VERSION).tgz
OPENLDAP_SITE = https://www.openldap.org/software/download/OpenLDAP/openldap-release
OPENLDAP_LICENSE = OpenLDAP Public License