aboutsummaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-support/openldap/openldap
AgeCommit message (Collapse)Author
2018-10-26openldap: Reproducibility: Remove user, hostname, pwd from version stringdouglas.royds
This updated patch also sets the date and time strings to the SOURCE_DATE_EPOCH. The WHOWHERE string will now be set to simply "openldap" in the case that a SOURCE_DATE_EPOCH is set. Upstream-Status: Submitted [https://www.openldap.org/its/index.cgi/Incoming?id=8928] Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-10-09openldap: Reproducibility: Remove user, hostname, pwd from version stringdouglas.royds
Upstream-Status: Pending Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-07-03openldap: upgrade 2.4.45 -> 2.4.46changqing.li@windriver.com
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2017-08-13openldap: 2.4.44 -> 2.4.45Huang Qiyu
1) Upgrade openldap from 2.4.44 to 2.4.45 2) Delete openldap-CVE-2017-9287.patch, since it is integrated upstream. 3) License checksum changed, since the copyright years were updated. Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2017-06-14openldap: Fix CVE-2017-9287fan.xin
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. Patch reference: http://www.openldap.org/its/?findid=8655 Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2016-09-19openldap: fix CVE-2015-3276Li Wang
the patch comes from: https://bugzilla.redhat.com/show_bug.cgi?id=1238322 https://bugzilla.redhat.com/attachment.cgi?id=1055640 The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2015-12-18openldap: upgrade to 2.4.43fan.xin
1. Upgrade openldap from 2.4.42 to 2.4.43 2. Delete patch file openldap-fix-CVE-2015-6908.patch because the bug(ITS#8240) has been fixed in OpenLDAP 2.4.43 http://www.openldap.org/software/release/changes.html Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2015-10-23openldap: 2.4.41 -> 2.4.42Kai Kang
Upgrade phpmyadmin from 2.4.41 to 2.4.42. And backport patch from http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=6fe51a9 to fix CVE-2015-6908. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2015-07-30openldap: upgrade 2.4.40 -> 2.4.41Li xin
1) Dropped backported patches(commit-id): -0001-ITS-8027-require-non-empty-AttributeList.patch(c32e747) -0001-ITS-8046-fix-vrFilter_free.patch(2f1a2dd) 2) Update the checksum of COPYRIGHT,since the date in it has been changed, but the LICENSE has not been changed. Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-09-24 19:37:12 +0000