Commit 0c87e4a7 authored by Leonardo Arena's avatar Leonardo Arena
Browse files

main/openldap: fix ber_get_next denial of service (CVE-2015-6908)

http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240
(cherry picked from commit 4041a223)
parent b12e6474
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=openldap
pkgver=2.4.35
pkgrel=2
pkgrel=3
pkgdesc="LDAP Server"
url="http://www.openldap.org/"
arch="all"
......@@ -21,6 +21,8 @@ source="ftp://ftp.$pkgname.org/pub/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tg
openldap-2.4.11-libldap_r.patch
CVE-2015-1545.patch
CVE-2015-1546.patch
CVE-2015-6908.patch
slapd.initd
slapd.confd
slurpd.initd
......@@ -133,6 +135,7 @@ md5sums="cd75d82ca89fb0280cba66ca6bd97448 openldap-2.4.35.tgz
d19d0502f046078ecd737e29e7552fa8 openldap-2.4.11-libldap_r.patch
b7f994678db068bbe186ce92c73fb060 CVE-2015-1545.patch
09f2be28af8aaf2883446c85d854cfe8 CVE-2015-1546.patch
2df05f886ad96db4da8098078b3f8ae4 CVE-2015-6908.patch
41d45b9ed59037dcdf640e395ace113c slapd.initd
b672311fca605c398240cd37a2ae080a slapd.confd
fa5ce0005ef5f1160b6ff126f97aaa1a slurpd.initd"
......@@ -141,6 +144,7 @@ sha256sums="16100374c147df0d82a5c52ca60da5eca1a5ea8b5a187467d40a78e3691e9eeb op
3310a89d38bc39e6eb4333799d475411b274482b8bccab212b3edfd4385db70e openldap-2.4.11-libldap_r.patch
32d423d6b6bb8b16980de98f9ed1de581673c3a63de3a9b7d4841c2b037d27c1 CVE-2015-1545.patch
07d6feebc366c14e42b5027239e12d5ec2981714b6a61a1365981c20d9fd87de CVE-2015-1546.patch
6950a117365046be3c4f5a1b45557ac2d1df0201d354889b0d7be26dc517e31c CVE-2015-6908.patch
726efdbaceb1b907bb085b7996222a0bc83610730c5d6b9646b062e09f2ef964 slapd.initd
1ccb8a3b78b65b125b24779dd065cf8000e2d5e4da267bb0a892e730edd2055d slapd.confd
9cfe54485585a1bd74dd167c27ad9e60a5dec7351b6a64804749f253bb6cfbad slurpd.initd"
......@@ -149,6 +153,7 @@ sha512sums="b39232b4bab7ecb0ae14961adaa555590ca24ecbaeb3d94ea251e2de3bf7425ce364
44d97efb25d4f39ab10cd5571db43f3bfa7c617a5bb087085ae16c0298aca899b55c8742a502121ba743a73e6d77cd2056bc96cee63d6d0862dabc8fb5574357 openldap-2.4.11-libldap_r.patch
56394c12b08862843ab7d4a76f5c7f13eaecb2d9717a9571d792c1aa7b77e5b2267525c7d7ecdb646beac736ca437b9f10a17cb18fd54e9f9f2a5d02904cfafa CVE-2015-1545.patch
9eb54e63fecc7ad59bf710803a7da275ea1de069d1a27d56ee01417d33035d90d89ab9903de82154f625c796145c1056d5a52ad8bfb8238c7ab5304c413fd25b CVE-2015-1546.patch
f3d0a844aeea4215d5ce09df2d444b3a29cb43ffeca0d05ba29f72cb3666dd5dfb350467e8003b600e1a93990978b249c4756ad531c34bf538fa7e917d8ee9e5 CVE-2015-6908.patch
723fb2546ac8a3672240139d4b7ec5041be961990fd8385171a53c737436d6307dc05671fcd190dd5e3b3ee21967a2a632ec8852fe84519fdea0c7f535c598ee slapd.initd
8290769b63b3a5863622de2deb9269a0711ba5f4a225eb230d7c5097937b9d4e8cf5a998ee99232824e2335ae1b6e0114357b61c9611bc2460ebd195d12eabae slapd.confd
69ee0d739d8c8c1cb2478d5c864f703cba215d0ceb399da941c0ebc91e7de87a4d99172670686a84a98e57bde94837777a8066d27f79b6b8bf4bcd72336ce775 slurpd.initd"
From: Howard Chu <hyc@symas.com>
Date: Sat, 12 Sep 2015 21:18:22 +0000 (+0100)
Subject: Revert "Revert "ITS#8240 remove obsolete assert""
X-Git-Url: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff_plain;h=844ee7df820fa397249ce76984d2e7094746cd93;hp=55dd4d3275d24c5190fdfada8dfae0320628b993
Revert "Revert "ITS#8240 remove obsolete assert""
We have never documented our use of assert, so can't expect
builders to do the right thing.
This reverts commit 55dd4d3275d24c5190fdfada8dfae0320628b993.
---
diff --git a/libraries/liblber/io.c b/libraries/liblber/io.c
index 85c3e23..c05dcf8 100644
--- a/libraries/liblber/io.c
+++ b/libraries/liblber/io.c
@@ -679,7 +679,7 @@ done:
return (ber->ber_tag);
}
- assert( 0 ); /* ber structure is messed up ?*/
+ /* invalid input */
return LBER_DEFAULT;
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment