[arch-commits] Commit in openldap/trunk (01-CVE-2015-6908.patch PKGBUILD)

Sébastien Luttringer seblu at archlinux.org
Sat Sep 12 13:13:01 UTC 2015 

    Date: Saturday, September 12, 2015 @ 15:13:01
  Author: seblu
Revision: 245992

upgpkg: openldap 2.4.42-2

- security fix: FS#46265

Added:
  openldap/trunk/01-CVE-2015-6908.patch
Modified:
  openldap/trunk/PKGBUILD

------------------------+
 01-CVE-2015-6908.patch |   25 +++++++++++++++++++++++++
 PKGBUILD               |    8 +++++---
 2 files changed, 30 insertions(+), 3 deletions(-)

Added: 01-CVE-2015-6908.patch
===================================================================
--- 01-CVE-2015-6908.patch	                        (rev 0)
+++ 01-CVE-2015-6908.patch	2015-09-12 13:13:01 UTC (rev 245992)
@@ -0,0 +1,25 @@
+From 6fe51a9ab04fd28bbc171da3cf12f1c1040d6629 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc at openldap.org>
+Date: Thu, 10 Sep 2015 00:37:32 +0100
+Subject: [PATCH] ITS#8240 remove obsolete assert
+
+---
+ libraries/liblber/io.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libraries/liblber/io.c b/libraries/liblber/io.c
+index 85c3e23..c05dcf8 100644
+--- a/libraries/liblber/io.c
++++ b/libraries/liblber/io.c
+@@ -679,7 +679,7 @@ done:
+ 		return (ber->ber_tag);
+ 	}
+ 
+-	assert( 0 ); /* ber structure is messed up ?*/
++	/* invalid input */
+ 	return LBER_DEFAULT;
+ }
+ 
+-- 
+1.7.10.4
+

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2015-09-12 12:35:46 UTC (rev 245991)
+++ PKGBUILD	2015-09-12 13:13:01 UTC (rev 245992)
@@ -4,7 +4,7 @@
 pkgbase=openldap
 pkgname=('openldap' 'libldap')
 pkgver=2.4.42
-pkgrel=1
+pkgrel=2
 arch=('i686' 'x86_64')
 url="http://www.openldap.org/"
 license=('custom')
@@ -11,12 +11,13 @@
 makedepends=('libltdl' 'libsasl' 'e2fsprogs' 'util-linux' 'chrpath' 'unixodbc')
 options=('!makeflags' 'emptydirs')
 source=(ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${pkgbase}-${pkgver}.tgz
-        slapd.service openldap.tmpfiles openldap.sysusers openldap-ntlm.patch)
+        slapd.service openldap.tmpfiles openldap.sysusers openldap-ntlm.patch 01-CVE-2015-6908.patch)
 sha1sums=('ec03e061bfdb2e6a90827855cf77a72cb3f89cf4'
           '2441815efbfa01ad7a1d39068e5503b53d1d04b0'
           '1f68bd85fb50595c4e916db164d8e90e0c6e21ee'
           '2bf64351c32b0bf0a70663bd42de22910998b795'
-          'e4afd9f1c810ef4c4cd8fe1101dfe5887f2b7eef')
+          'e4afd9f1c810ef4c4cd8fe1101dfe5887f2b7eef'
+          '008cb2c9b66a7b031e23eee85a1954d57432e338')
 
 # see http://www.openldap.org/faq/data/cache/756.html
 # there's no proper backend support for anything apart from
@@ -26,6 +27,7 @@
 prepare() {
   cd ${pkgbase}-${pkgver}
   patch -p1 -i "${srcdir}"/openldap-ntlm.patch
+  patch -p1 -i "${srcdir}"/01-CVE-2015-6908.patch
   sed -i 's|-m 644 $(LIBRARY)|-m 755 $(LIBRARY)|' libraries/{liblber,libldap,libldap_r}/Makefile.in
   sed -i 's|#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"|#define LDAPI_SOCK LDAP_DIRSEP "run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"|' include/ldap_defaults.h
   sed -i 's|%LOCALSTATEDIR%/run|/run/openldap|' servers/slapd/slapd.{conf,ldif}

More information about the arch-commits mailing list