[oe] [meta-oe][PATCH 1/2] openldap: 2.4.41 -> 2.4.42

Thu Oct 15 02:21:04 UTC 2015

From: Kai Kang <kai.kang at windriver.com>

Upgrade phpmyadmin from 2.4.41 to 2.4.42. And backport patch from

http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=6fe51a9

to fix CVE-2015-6908.

Signed-off-by: Kai Kang <kai.kang at windriver.com>
---
 .../openldap/openldap-fix-CVE-2015-6908.patch      | 28 ++++++++++++++++++++++
 .../{openldap_2.4.41.bb => openldap_2.4.42.bb}     |  6 +++--
 2 files changed, 32 insertions(+), 2 deletions(-)
 create mode 100644 meta-oe/recipes-support/openldap/openldap/openldap-fix-CVE-2015-6908.patch
 rename meta-oe/recipes-support/openldap/{openldap_2.4.41.bb => openldap_2.4.42.bb} (98%)

diff --git a/meta-oe/recipes-support/openldap/openldap/openldap-fix-CVE-2015-6908.patch b/meta-oe/recipes-support/openldap/openldap/openldap-fix-CVE-2015-6908.patch
new file mode 100644
index 0000000..34c87cc
--- /dev/null
+++ b/meta-oe/recipes-support/openldap/openldap/openldap-fix-CVE-2015-6908.patch
@@ -0,0 +1,28 @@
+Upstream-Status: Backport
+
+Signed-off-by: Kai Kang <kai.kang at windriver.com>
+---
+From 6fe51a9ab04fd28bbc171da3cf12f1c1040d6629 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc at openldap.org>
+Date: Thu, 10 Sep 2015 00:37:32 +0100
+Subject: [PATCH 1/1] ITS#8240 remove obsolete assert
+
+---
+ libraries/liblber/io.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libraries/liblber/io.c b/libraries/liblber/io.c
+index 85c3e23..c05dcf8 100644
+--- a/libraries/liblber/io.c
++++ b/libraries/liblber/io.c
+@@ -679,7 +679,7 @@ done:
+ 		return (ber->ber_tag);
+ 	}
+ 
+-	assert( 0 ); /* ber structure is messed up ?*/
++	/* invalid input */
+ 	return LBER_DEFAULT;
+ }
+ 
+-- 
+1.7.10.4
diff --git a/meta-oe/recipes-support/openldap/openldap_2.4.41.bb b/meta-oe/recipes-support/openldap/openldap_2.4.42.bb
similarity index 98%
rename from meta-oe/recipes-support/openldap/openldap_2.4.41.bb
rename to meta-oe/recipes-support/openldap/openldap_2.4.42.bb
index e4a928f..49fcb56 100644
--- a/meta-oe/recipes-support/openldap/openldap_2.4.41.bb
+++ b/meta-oe/recipes-support/openldap/openldap_2.4.42.bb
@@ -24,9 +24,11 @@ SRC_URI = "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${BP}.tgz \
     file://initscript \
     file://slapd.service \
     file://thread_stub.patch \
+    file://openldap-fix-CVE-2015-6908.patch \
 "
-SRC_URI[md5sum] = "3f1a4cea52827e18feaedfdc1634b5d0"
-SRC_URI[sha256sum] = "27856bb4a8b44feca2b326c309000e16a9dadd52362c8ab6eec6c67a43737f6e"
+
+SRC_URI[md5sum] = "47c8e2f283647a6105b8b0325257e922"
+SRC_URI[sha256sum] = "eeb7b0e2c5852bfd2650e83909bb6152835c0b862fab10b63954dc1bcbba8e63"
 
 DEPENDS = "util-linux groff-native"
 
-- 
2.6.1


