diff options
Diffstat (limited to 'meta-oe/recipes-support/openldap/openldap-2.4.40/0001-ITS-8027-require-non-empty-AttributeList.patch')
-rw-r--r-- | meta-oe/recipes-support/openldap/openldap-2.4.40/0001-ITS-8027-require-non-empty-AttributeList.patch | 30 |
1 files changed, 0 insertions, 30 deletions
diff --git a/meta-oe/recipes-support/openldap/openldap-2.4.40/0001-ITS-8027-require-non-empty-AttributeList.patch b/meta-oe/recipes-support/openldap/openldap-2.4.40/0001-ITS-8027-require-non-empty-AttributeList.patch deleted file mode 100644 index 91c2178c3f..0000000000 --- a/meta-oe/recipes-support/openldap/openldap-2.4.40/0001-ITS-8027-require-non-empty-AttributeList.patch +++ /dev/null @@ -1,30 +0,0 @@ -From c32e74763f77675b9e144126e375977ed6dc562c Mon Sep 17 00:00:00 2001 -From: Howard Chu <hyc@openldap.org> -Date: Mon, 19 Jan 2015 22:25:53 +0000 -Subject: [PATCH] ITS#8027 require non-empty AttributeList - -Upstream-Status: Backup - -Fix the CVE: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1545 - ---- - servers/slapd/overlays/deref.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/servers/slapd/overlays/deref.c b/servers/slapd/overlays/deref.c -index 9420e3e..05aa890 100644 ---- a/servers/slapd/overlays/deref.c -+++ b/servers/slapd/overlays/deref.c -@@ -183,7 +183,8 @@ deref_parseCtrl ( - ber_len_t cnt = sizeof(struct berval); - ber_len_t off = 0; - -- if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR ) -+ if ( ber_scanf( ber, "{m{M}}", &derefAttr, &attributes, &cnt, off ) == LBER_ERROR -+ || !cnt ) - { - rs->sr_text = "Dereference control: derefSpec decoding error"; - rs->sr_err = LDAP_PROTOCOL_ERROR; --- -1.9.1 - |