pool/openldap2
SHA256
4
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openldap2/openldap-2.4.48.tgz
Michael Ströder d549f863e2 Accepting request 718342 from home:stroeder:branches:network:ldap 
- Update to upstream release 2.4.48 with security fixes:
  * CVE-2019-13057 (ITS#9038):
    rootdn of any db can assert any identity
  * CVE-2019-13565 (ITS#9052):
    Unauthorized access caused by incorrect handling of SASL SSF values
- Fix CVE-2017-17740 by disabling nops overlay not maintained by upstream
  (see also bsc#1073313, comment #36)
- Removed obsolete patches:
  * 0002-openldap-its8727-plug-ber-leaks.patch
  * 0017-Fix-segfault-in-nops.patch

Note that I disabled slapo-nops instead of rebasing 0017-Fix-segfault-in-nops.patch which is somewhat debatable. You can take it or leave it.

OBS-URL: https://build.opensuse.org/request/show/718342
OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=247
2019-07-25 12:39:20 +00:00

4 lines
132 B
Plaintext
Raw Blame History

version https://git-lfs.github.com/spec/v1
oid sha256:d9523ffcab5cd14b709fcf3cb4d04e8bc76bb8970113255f372bc74954c6074d
size 5704883
Reference in New Issue View Git Blame Copy Permalink