[oe-commits] [meta-openembedded] 26/73: openldap: 2.4.44 -> 2.4.45
git at git.openembedded.org
git at git.openembedded.org
Tue Aug 8 18:42:05 UTC 2017
This is an automated email from the git hooks/post-receive script.
martin_jansa pushed a commit to branch master-next
in repository meta-openembedded.
commit 7627581ffca19ab2e220a4f60c8359209d3bc2f0
Author: Huang Qiyu <huangqy.fnst at cn.fujitsu.com>
AuthorDate: Tue Jul 25 16:33:49 2017 +0800
openldap: 2.4.44 -> 2.4.45
1) Upgrade openldap from 2.4.44 to 2.4.45
2) Delete openldap-CVE-2017-9287.patch, since it is integrated upstream.
3) License checksum changed, since the copyright years were updated.
Signed-off-by: Huang Qiyu <huangqy.fnst at cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa at gmail.com>
---
.../openldap/openldap/openldap-CVE-2017-9287.patch | 30 ----------------------
.../{openldap_2.4.44.bb => openldap_2.4.45.bb} | 7 +++--
2 files changed, 3 insertions(+), 34 deletions(-)
diff --git a/meta-oe/recipes-support/openldap/openldap/openldap-CVE-2017-9287.patch b/meta-oe/recipes-support/openldap/openldap/openldap-CVE-2017-9287.patch
deleted file mode 100644
index 93e9243..0000000
--- a/meta-oe/recipes-support/openldap/openldap/openldap-CVE-2017-9287.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From e0e65f309dc0eb5582387acf1b2c2b5b3955f6b6 Mon Sep 17 00:00:00 2001
-From: Ryan Tandy <ryan at nardis.ca>
-Date: Wed, 17 May 2017 20:07:39 -0700
-Subject: [PATCH] Fix double free of search base with page size 0
-
-CVE: CVE-2017-9287
-Upstream-Status: Submitted
-
-Signed-off-by: Fan Xin <fan.xin at jp.fujitsu.com>
----
- servers/slapd/back-mdb/search.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/servers/slapd/back-mdb/search.c b/servers/slapd/back-mdb/search.c
-index 009939d..d0db918 100644
---- a/servers/slapd/back-mdb/search.c
-+++ b/servers/slapd/back-mdb/search.c
-@@ -1066,7 +1066,8 @@ notfound:
- /* check size limit */
- if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
- if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) {
-- mdb_entry_return( op, e );
-+ if (e != base)
-+ mdb_entry_return( op, e );
- e = NULL;
- send_paged_response( op, rs, &lastid, tentries );
- goto done;
---
-2.1.4
-
diff --git a/meta-oe/recipes-support/openldap/openldap_2.4.44.bb b/meta-oe/recipes-support/openldap/openldap_2.4.45.bb
similarity index 97%
rename from meta-oe/recipes-support/openldap/openldap_2.4.44.bb
rename to meta-oe/recipes-support/openldap/openldap_2.4.45.bb
index 2d3cfc0..adbf8ce 100644
--- a/meta-oe/recipes-support/openldap/openldap_2.4.44.bb
+++ b/meta-oe/recipes-support/openldap/openldap_2.4.45.bb
@@ -9,7 +9,7 @@ HOMEPAGE = "http://www.OpenLDAP.org/license.html"
# basically BSD. opensource.org does not record this license
# at present (so it is apparently not OSI certified).
LICENSE = "OpenLDAP"
-LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c933fba6d89fda89f58df1e086e3f2e7 \
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=25fd3721960f39128cd15a749fd21139 \
file://LICENSE;md5=153d07ef052c4a37a8fac23bc6031972 \
"
SECTION = "libs"
@@ -25,11 +25,10 @@ SRC_URI = "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${BP}.tgz \
file://slapd.service \
file://thread_stub.patch \
file://openldap-CVE-2015-3276.patch \
- file://openldap-CVE-2017-9287.patch \
"
-SRC_URI[md5sum] = "693ac26de86231f8dcae2b4e9d768e51"
-SRC_URI[sha256sum] = "d7de6bf3c67009c95525dde3a0212cc110d0a70b92af2af8e3ee800e81b88400"
+SRC_URI[md5sum] = "00ff8301277cdfd0af728a6927042a13"
+SRC_URI[sha256sum] = "cdd6cffdebcd95161a73305ec13fc7a78e9707b46ca9f84fb897cd5626df3824"
DEPENDS = "util-linux groff-native"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list