NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/openldap: security bump to version 2.4.57

Browse Source 
Fixes the following security issues:

- CVE-2020-36221: An integer underflow was discovered in OpenLDAP before
  2.4.57 leading to slapd crashes in the Certificate Exact Assertion
  processing, resulting in denial of service (schema_init.c
  serialNumberAndIssuerCheck).

- CVE-2020-36222: A flaw was discovered in OpenLDAP before 2.4.57 leading to
  an assertion failure in slapd in the saslAuthzTo validation, resulting in
  denial of service.

- CVE-2020-36223: A flaw was discovered in OpenLDAP before 2.4.57 leading to
  a slapd crash in the Values Return Filter control handling, resulting in
  denial of service (double free and out-of-bounds read).

- CVE-2020-36224: A flaw was discovered in OpenLDAP before 2.4.57 leading to
  an invalid pointer free and slapd crash in the saslAuthzTo processing,
  resulting in denial of service.

- CVE-2020-36225: A flaw was discovered in OpenLDAP before 2.4.57 leading to
  a double free and slapd crash in the saslAuthzTo processing, resulting in
  denial of service.

- CVE-2020-36226: A flaw was discovered in OpenLDAP before 2.4.57 leading to
  a memch->bv_len miscalculation and slapd crash in the saslAuthzTo
  processing, resulting in denial of service.

- CVE-2020-36227: A flaw was discovered in OpenLDAP before 2.4.57 leading to
  an infinite loop in slapd with the cancel_extop Cancel operation,
  resulting in denial of service.

- CVE-2020-36228: An integer underflow was discovered in OpenLDAP before
  2.4.57 leading to a slapd crash in the Certificate List Exact Assertion
  processing, resulting in denial of service.

- CVE-2020-36229: A flaw was discovered in ldap_X509dn2bv in OpenLDAP before
  2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring,
  resulting in denial of service.

- CVE-2020-36230: A flaw was discovered in OpenLDAP before 2.4.57 leading in
  an assertion failure in slapd in the X.509 DN parsing in decode.c
  ber_next_element, resulting in denial of service.

https://www.openldap.org/software/release/changes.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 46c4c9684d)
[Peter: mark as security bump, add CVE info]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine 2021-01-24 20:11:14 +01:00 committed by Peter Korsgaard
parent a1d3dd8421
commit 3b72c7f8d9
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
package/openldap/openldap.hash
View File

@ -1,7 +1,7 @@
# From https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.56.md5
md5 82a7dcf7aeaf95fdad16017c0ed9983a openldap-2.4.56.tgz
# From https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.56.sha1
sha1 4c617b87bd50ef8d071e7deb7525af79b08d4910 openldap-2.4.56.tgz
# From https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.57.md5
md5 e3349456c3a66e5e6155be7ddc3f042c openldap-2.4.57.tgz
# From https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.57.sha1
sha1 1cffa70a3ea8545948041fd113f8f53bc24d6d87 openldap-2.4.57.tgz
# Locally computed
sha256 25520e0363c93f3bcb89802a4aa3db33046206039436e0c7c9262db5a61115e0 openldap-2.4.56.tgz
sha256 c7ba47e1e6ecb5b436f3d43281df57abeffa99262141aec822628bc220f6b45a openldap-2.4.57.tgz
sha256 310fe25c858a9515fc8c8d7d1f24a67c9496f84a91e0a0e41ea9975b1371e569 LICENSE

2
package/openldap/openldap.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
OPENLDAP_VERSION = 2.4.56
OPENLDAP_VERSION = 2.4.57
OPENLDAP_SOURCE = openldap-$(OPENLDAP_VERSION).tgz
OPENLDAP_SITE = https://www.openldap.org/software/download/OpenLDAP/openldap-release
OPENLDAP_LICENSE = OpenLDAP Public License