aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKai Kang <kai.kang@windriver.com>2015-10-15 10:21:04 +0800
committerMartin Jansa <Martin.Jansa@gmail.com>2015-10-23 12:53:23 +0200
commit2d1de436b198c4958e75c22942ba43cc06767fb2 (patch)
treedc90c083bcbb2c926e6447bfa60609d52902bcc0
parentc56ad520295692ba883f3d079ba835b252b2e144 (diff)
downloadmeta-openembedded-contrib-2d1de436b198c4958e75c22942ba43cc06767fb2.tar.gz
meta-openembedded-contrib-2d1de436b198c4958e75c22942ba43cc06767fb2.tar.bz2
meta-openembedded-contrib-2d1de436b198c4958e75c22942ba43cc06767fb2.zip
openldap: 2.4.41 -> 2.4.42
Upgrade phpmyadmin from 2.4.41 to 2.4.42. And backport patch from http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=6fe51a9 to fix CVE-2015-6908. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
-rw-r--r--meta-oe/recipes-support/openldap/openldap/openldap-fix-CVE-2015-6908.patch28
-rw-r--r--meta-oe/recipes-support/openldap/openldap_2.4.42.bb (renamed from meta-oe/recipes-support/openldap/openldap_2.4.41.bb)6
2 files changed, 32 insertions, 2 deletions
diff --git a/meta-oe/recipes-support/openldap/openldap/openldap-fix-CVE-2015-6908.patch b/meta-oe/recipes-support/openldap/openldap/openldap-fix-CVE-2015-6908.patch
new file mode 100644
index 0000000000..34c87cccf8
--- /dev/null
+++ b/meta-oe/recipes-support/openldap/openldap/openldap-fix-CVE-2015-6908.patch
@@ -0,0 +1,28 @@
+Upstream-Status: Backport
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+From 6fe51a9ab04fd28bbc171da3cf12f1c1040d6629 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Thu, 10 Sep 2015 00:37:32 +0100
+Subject: [PATCH 1/1] ITS#8240 remove obsolete assert
+
+---
+ libraries/liblber/io.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libraries/liblber/io.c b/libraries/liblber/io.c
+index 85c3e23..c05dcf8 100644
+--- a/libraries/liblber/io.c
++++ b/libraries/liblber/io.c
+@@ -679,7 +679,7 @@ done:
+ return (ber->ber_tag);
+ }
+
+- assert( 0 ); /* ber structure is messed up ?*/
++ /* invalid input */
+ return LBER_DEFAULT;
+ }
+
+--
+1.7.10.4
diff --git a/meta-oe/recipes-support/openldap/openldap_2.4.41.bb b/meta-oe/recipes-support/openldap/openldap_2.4.42.bb
index e4a928fefe..49fcb56bab 100644
--- a/meta-oe/recipes-support/openldap/openldap_2.4.41.bb
+++ b/meta-oe/recipes-support/openldap/openldap_2.4.42.bb
@@ -24,9 +24,11 @@ SRC_URI = "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${BP}.tgz \
file://initscript \
file://slapd.service \
file://thread_stub.patch \
+ file://openldap-fix-CVE-2015-6908.patch \
"
-SRC_URI[md5sum] = "3f1a4cea52827e18feaedfdc1634b5d0"
-SRC_URI[sha256sum] = "27856bb4a8b44feca2b326c309000e16a9dadd52362c8ab6eec6c67a43737f6e"
+
+SRC_URI[md5sum] = "47c8e2f283647a6105b8b0325257e922"
+SRC_URI[sha256sum] = "eeb7b0e2c5852bfd2650e83909bb6152835c0b862fab10b63954dc1bcbba8e63"
DEPENDS = "util-linux groff-native"