diff options
| author |   Hitendra Prajapati <hprajapati@mvista.com> | 2023-07-10 11:23:02 +0530 |
|---|---|---|
| committer |   Armin Kuster <akuster808@gmail.com> | 2023-07-14 07:08:54 -0400 |
| commit | b5282ece919f016d91a1043769676efb02b4f0fb (patch) | |
| tree | 9203b990d53ef306403354d8ddd245e2b888bd11 | |
| parent | 2dd0c9db675b2abd546a3661ad65d27b03d61c71 (diff) | |
| download | meta-openembedded-contrib-b5282ece919f016d91a1043769676efb02b4f0fb.tar.gz | |
openldap: fix CVE-2021-27212 Assertion failure in slapd
Upstream-Status: Backport from https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
| -rw-r--r-- | meta-oe/recipes-support/openldap/openldap/CVE-2021-27212.patch | 31 | ||||
| -rw-r--r-- | meta-oe/recipes-support/openldap/openldap_2.4.57.bb | 1 |
2 files changed, 32 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/openldap/openldap/CVE-2021-27212.patch b/meta-oe/recipes-support/openldap/openldap/CVE-2021-27212.patch new file mode 100644 index 0000000000..c6bac80061 --- /dev/null +++ b/meta-oe/recipes-support/openldap/openldap/CVE-2021-27212.patch @@ -0,0 +1,31 @@ +From 9badb73425a67768c09bcaed1a9c26c684af6c30 Mon Sep 17 00:00:00 2001 +From: Howard Chu <hyc@openldap.org> +Date: Sat, 6 Feb 2021 20:52:06 +0000 +Subject: [PATCH] ITS#9454 fix issuerAndThisUpdateCheck + + +Signed-off-by: Howard Chu <hyc@openldap.org> + +Upstream-Status: Backport [https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30] +CVE: CVE-2021-27212 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + servers/slapd/schema_init.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c +index 31be115..8b1e255 100644 +--- a/servers/slapd/schema_init.c ++++ b/servers/slapd/schema_init.c +@@ -3900,6 +3900,8 @@ issuerAndThisUpdateCheck( + break; + } + } ++ if ( tu->bv_len < STRLENOF("YYYYmmddHHmmssZ") ) return LDAP_INVALID_SYNTAX; ++ + x.bv_val += tu->bv_len + 1; + x.bv_len -= tu->bv_len + 1; + +-- +2.25.1 + diff --git a/meta-oe/recipes-support/openldap/openldap_2.4.57.bb b/meta-oe/recipes-support/openldap/openldap_2.4.57.bb index 1e7e6b3d71..7c2ea7c452 100644 --- a/meta-oe/recipes-support/openldap/openldap_2.4.57.bb +++ b/meta-oe/recipes-support/openldap/openldap_2.4.57.bb @@ -26,6 +26,7 @@ SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/$ file://CVE-2022-29155.patch \ file://CVE-2023-2953-1.patch \ file://CVE-2023-2953-2.patch \ + file://CVE-2021-27212.patch \ " SRC_URI[md5sum] = "e3349456c3a66e5e6155be7ddc3f042c" SRC_URI[sha256sum] = "c7ba47e1e6ecb5b436f3d43281df57abeffa99262141aec822628bc220f6b45a" |