forked from pool/openldap2
dc3d146869
to fix CVE-2015-6908. (bsc#945582) - Introduce patch 0011-Enforce-minimum-DH-size-of-1024.patch to address weak DH size vulnerability (bsc#937766) - Introduce patch 0010-Revert-Revert-ITS-8240-remove-obsolete-assert.patch to fix CVE-2015-6908. (bsc#945582) - Introduce patch 0011-Enforce-minimum-DH-size-of-1024.patch to address weak DH size vulnerability (bsc#937766) OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=143
28 lines
715 B
Diff
28 lines
715 B
Diff
From 844ee7df820fa397249ce76984d2e7094746cd93 Mon Sep 17 00:00:00 2001
|
|
From: Howard Chu <hyc@symas.com>
|
|
Date: Sat, 12 Sep 2015 22:18:22 +0100
|
|
Subject: [PATCH] Revert "Revert "ITS#8240 remove obsolete assert""
|
|
|
|
We have never documented our use of assert, so can't expect
|
|
builders to do the right thing.
|
|
This reverts commit 55dd4d3275d24c5190fdfada8dfae0320628b993.
|
|
|
|
The commit fixes CVE-2015-6908.
|
|
|
|
diff --git a/libraries/liblber/io.c b/libraries/liblber/io.c
|
|
index 85c3e23..c05dcf8 100644
|
|
--- a/libraries/liblber/io.c
|
|
+++ b/libraries/liblber/io.c
|
|
@@ -679,7 +679,7 @@ done:
|
|
return (ber->ber_tag);
|
|
}
|
|
|
|
- assert( 0 ); /* ber structure is messed up ?*/
|
|
+ /* invalid input */
|
|
return LBER_DEFAULT;
|
|
}
|
|
|
|
--
|
|
2.6.3
|
|
|