From unknown Thu Jun 19 14:03:05 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#40946 <40946@debbugs.gnu.org> To: bug#40946 <40946@debbugs.gnu.org> Subject: Status: [PATCH] gnu: OpenLDAP: Update to 2.4.50 [fixes CVE-2019-{13057, 13565}]. Reply-To: bug#40946 <40946@debbugs.gnu.org> Date: Thu, 19 Jun 2025 21:03:05 +0000 retitle 40946 [PATCH] gnu: OpenLDAP: Update to 2.4.50 [fixes CVE-2019-{1305= 7, 13565}]. reassign 40946 guix-patches submitter 40946 Leo Famulari severity 40946 normal tag 40946 patch thanks From debbugs-submit-bounces@debbugs.gnu.org Tue Apr 28 16:23:24 2020 Received: (at submit) by debbugs.gnu.org; 28 Apr 2020 20:23:24 +0000 Received: from localhost ([127.0.0.1]:41692 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jTWlE-0003EC-H6 for submit@debbugs.gnu.org; Tue, 28 Apr 2020 16:23:23 -0400 Received: from lists.gnu.org ([209.51.188.17]:55583) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jTWlC-0003E4-RP for submit@debbugs.gnu.org; Tue, 28 Apr 2020 16:23:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:39032) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jTWlB-0008KZ-Uu for guix-patches@gnu.org; Tue, 28 Apr 2020 16:23:18 -0400 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_PASS, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.90_1) (envelope-from ) id 1jTWl8-0008Hk-0q for guix-patches@gnu.org; Tue, 28 Apr 2020 16:23:17 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:56733) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jTWl7-0008Gv-DW for guix-patches@gnu.org; Tue, 28 Apr 2020 16:23:13 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 85BD55C019D; Tue, 28 Apr 2020 16:23:12 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Tue, 28 Apr 2020 16:23:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; s=mesmtp; bh=9owzCzaM8lGBX+qiwT+bHc/ 2PTeQzsJlm39vC1x9vfY=; b=yjEyEr0YkYavLOArn+ZVefw8V1h+cy+WhLxkgMB bFzWYJkyUphZHeX5fKKgebiifPgUm8TxQ4MmCQA+e4kVABWp9rZuMAphso19D+38 SvrSy/chu2Q3PSzWwmGibjnkEuFjte24Pwzhk64z4tdvmym9/MwhQRqUVz9fxkyw MJh4= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:date:from :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=9owzCzaM8lGBX+qiw T+bHc/2PTeQzsJlm39vC1x9vfY=; b=rUl+Sp4+N7m2Qr6w5ekBi5WgzdQzI/oMw TW05HvWKNrfJwtwJkGpZVOMEHLnnYCEua8mNMgPhQC0kBG/8n3UKYdn+G0fZo/AH ii9T8fBLDcbD6Rn+qTPx1bnI0wPu8o22Mgtb11gNXlXMkHSESMCPswwYG2CdaPu8 gy87IDXkl1/bj5XpHRvCifyMQ3E0A98r8AXq4O3Mo9s4wwH9gDuulOOupm0TzjRj ssfgPdVKXBvDmXasUl0rHp4DBJAvQZz8myYQYN8tR6WnCYqsMtPoRX5UUerGHlKj +76MgMINd4ELG+rFtzCqSsQFdZqswxN9Ory9F2SwtIFG1Srp45Hcg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedriedugddugeejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgggfestdekredtre dttdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhi rdhnrghmvgeqnecuffhomhgrihhnpehophgvnhhluggrphdrohhrghenucfkphepjeeird duvdegrddufeekrdeifeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgr ihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: Received: from jasmine.lan (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id DE7DA3065EC7 for ; Tue, 28 Apr 2020 16:23:11 -0400 (EDT) From: Leo Famulari To: guix-patches@gnu.org Subject: [PATCH] gnu: OpenLDAP: Update to 2.4.50 [fixes CVE-2019-{13057, 13565}]. Date: Tue, 28 Apr 2020 16:22:57 -0400 Message-Id: X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=66.111.4.25; envelope-from=leo@famulari.name; helo=out1-smtp.messagingengine.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/04/28 14:24:53 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.25 X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.4 (--) * gnu/packages/openldap.scm (openldap)[replacement]: Use openldap-2.4.50. (openldap/fixed): Replace with ... (openldap-2.4.50): ... new variable. * gnu/packages/patches/openldap-CVE-2020-12243.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/openldap.scm | 16 ++- .../patches/openldap-CVE-2020-12243.patch | 125 ------------------ 3 files changed, 11 insertions(+), 131 deletions(-) delete mode 100644 gnu/packages/patches/openldap-CVE-2020-12243.patch diff --git a/gnu/local.mk b/gnu/local.mk index 67bf04547c..9426ee30a0 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1276,7 +1276,6 @@ dist_patch_DATA = \ %D%/packages/patches/opencv-rgbd-aarch64-test-fix.patch \ %D%/packages/patches/openfoam-4.1-cleanup.patch \ %D%/packages/patches/openjdk-10-idlj-reproducibility.patch \ - %D%/packages/patches/openldap-CVE-2020-12243.patch \ %D%/packages/patches/openmpi-mtl-priorities.patch \ %D%/packages/patches/openocd-nrf52.patch \ %D%/packages/patches/openssl-runpath.patch \ diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm index aa51520654..53c57e846f 100644 --- a/gnu/packages/openldap.scm +++ b/gnu/packages/openldap.scm @@ -58,8 +58,8 @@ (define-public openldap (package - (replacement openldap/fixed) (name "openldap") + (replacement openldap-2.4.50) (version "2.4.47") (source (origin (method url-fetch) @@ -112,12 +112,18 @@ (license openldap2.8) (home-page "https://www.openldap.org/"))) -(define openldap/fixed +(define openldap-2.4.50 (package (inherit openldap) - (source - (origin (inherit (package-source openldap)) - (patches (search-patches "openldap-CVE-2020-12243.patch")))))) + (version "2.4.50") + (source (origin + (method url-fetch) + (uri (string-append "https://www.openldap.org/software/download/" + "OpenLDAP/openldap-release/openldap-" version + ".tgz")) + (sha256 + (base32 + "1f46nlfwmys110j36sifm7ah8m8f3s10c3vaiikmmigmifapvdaw")))))) (define-public nss-pam-ldapd (package diff --git a/gnu/packages/patches/openldap-CVE-2020-12243.patch b/gnu/packages/patches/openldap-CVE-2020-12243.patch deleted file mode 100644 index 6321998198..0000000000 --- a/gnu/packages/patches/openldap-CVE-2020-12243.patch +++ /dev/null @@ -1,125 +0,0 @@ -From 98464c11df8247d6a11b52e294ba5dd4f0380440 Mon Sep 17 00:00:00 2001 -From: Howard Chu -Date: Thu, 16 Apr 2020 01:08:19 +0100 -Subject: [PATCH] ITS#9202 limit depth of nested filters - -Using a hardcoded limit for now; no reasonable apps -should ever run into it. ---- - servers/slapd/filter.c | 41 ++++++++++++++++++++++++++++++++--------- - 1 file changed, 32 insertions(+), 9 deletions(-) - -diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c -index 3252cf2a7..ed57bbd7b 100644 ---- a/servers/slapd/filter.c -+++ b/servers/slapd/filter.c -@@ -37,11 +37,16 @@ - const Filter *slap_filter_objectClass_pres; - const struct berval *slap_filterstr_objectClass_pres; - -+#ifndef SLAPD_MAX_FILTER_DEPTH -+#define SLAPD_MAX_FILTER_DEPTH 5000 -+#endif -+ - static int get_filter_list( - Operation *op, - BerElement *ber, - Filter **f, -- const char **text ); -+ const char **text, -+ int depth ); - - static int get_ssa( - Operation *op, -@@ -80,12 +85,13 @@ filter_destroy( void ) - return; - } - --int --get_filter( -+static int -+get_filter0( - Operation *op, - BerElement *ber, - Filter **filt, -- const char **text ) -+ const char **text, -+ int depth ) - { - ber_tag_t tag; - ber_len_t len; -@@ -126,6 +132,11 @@ get_filter( - * - */ - -+ if( depth > SLAPD_MAX_FILTER_DEPTH ) { -+ *text = "filter nested too deeply"; -+ return SLAPD_DISCONNECT; -+ } -+ - tag = ber_peek_tag( ber, &len ); - - if( tag == LBER_ERROR ) { -@@ -221,7 +232,7 @@ get_filter( - - case LDAP_FILTER_AND: - Debug( LDAP_DEBUG_FILTER, "AND\n", 0, 0, 0 ); -- err = get_filter_list( op, ber, &f.f_and, text ); -+ err = get_filter_list( op, ber, &f.f_and, text, depth+1 ); - if ( err != LDAP_SUCCESS ) { - break; - } -@@ -234,7 +245,7 @@ get_filter( - - case LDAP_FILTER_OR: - Debug( LDAP_DEBUG_FILTER, "OR\n", 0, 0, 0 ); -- err = get_filter_list( op, ber, &f.f_or, text ); -+ err = get_filter_list( op, ber, &f.f_or, text, depth+1 ); - if ( err != LDAP_SUCCESS ) { - break; - } -@@ -248,7 +259,7 @@ get_filter( - case LDAP_FILTER_NOT: - Debug( LDAP_DEBUG_FILTER, "NOT\n", 0, 0, 0 ); - (void) ber_skip_tag( ber, &len ); -- err = get_filter( op, ber, &f.f_not, text ); -+ err = get_filter0( op, ber, &f.f_not, text, depth+1 ); - if ( err != LDAP_SUCCESS ) { - break; - } -@@ -311,10 +322,22 @@ get_filter( - return( err ); - } - -+int -+get_filter( -+ Operation *op, -+ BerElement *ber, -+ Filter **filt, -+ const char **text ) -+{ -+ return get_filter0( op, ber, filt, text, 0 ); -+} -+ -+ - static int - get_filter_list( Operation *op, BerElement *ber, - Filter **f, -- const char **text ) -+ const char **text, -+ int depth ) - { - Filter **new; - int err; -@@ -328,7 +351,7 @@ get_filter_list( Operation *op, BerElement *ber, - tag != LBER_DEFAULT; - tag = ber_next_element( ber, &len, last ) ) - { -- err = get_filter( op, ber, new, text ); -+ err = get_filter0( op, ber, new, text, depth ); - if ( err != LDAP_SUCCESS ) - return( err ); - new = &(*new)->f_next; --- -2.26.2 - -- 2.26.2 From debbugs-submit-bounces@debbugs.gnu.org Tue Apr 28 17:48:45 2020 Received: (at 40946) by debbugs.gnu.org; 28 Apr 2020 21:48:45 +0000 Received: from localhost ([127.0.0.1]:41799 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jTY5t-0005tc-KK for submit@debbugs.gnu.org; Tue, 28 Apr 2020 17:48:45 -0400 Received: from wout5-smtp.messagingengine.com ([64.147.123.21]:60501) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jTY5o-0005tJ-Io for 40946@debbugs.gnu.org; Tue, 28 Apr 2020 17:48:44 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id BA65684B; Tue, 28 Apr 2020 17:48:34 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 28 Apr 2020 17:48:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h= from:to:subject:in-reply-to:references:date:message-id :mime-version:content-type; s=fm2; bh=Hzw/l56u6xOppCjCzY9N9h2qxB QMSuuaeLU21r4kyGw=; b=mGdLxJ6Q2JFlF185xO9ISj1PeM+QRmmF2tmUjl5g+u xEXAJaFHAqYtqk7v+Lem5oA+V4I7KudbNzy4t5ZDIgyTiWW/a0ZneKV7qxkv7YBW LskxXgLqO7hhLQbcDNQRZ0NugomfqPZB1GedJHZaKAh6ItUsprVyEhJ5cpbLIJoD xgrg3OrN0eLwZRivgcJooUB1JpuS2WCPqLBBOoCHBHnwsDPC+9VA7VjIVLTqmVF5 zxfYqlOciiwoxvuciLyprCJGBRPouFiKUJtjEodsg+XowvEE04bKTgbcvokDDOZC O+EyqaTp9k8kFrNFBmBLyw+tTYxoHWl9tPp/9rXNj7gw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=Hzw/l5 6u6xOppCjCzY9N9h2qxBQMSuuaeLU21r4kyGw=; b=iypP4+ZMPkf1cZAitibQzR Um2wzEdH+zVLVcwsCnbJHsg77LcNdNSR9I5jnMdcRFdDVmquusQMrndhxtdbMliz fJ0S3A+1jKWcAcxhNv3ReayiIdjPBWq2QS0n4bgIHbWjRWgj0ost89pV5Per/KXI B5PiTNzx7syNSR6NMqyeqeGME9QlVtWzklHW010FZL1jv3tEkI7hGtND5AhxxyrN lgecuYUtTA+UoOFfDogOQKQpshDCd6VbFQnd2lYrR/DVU4h6vM8RVD9AlXHEpxlr E8RjEL2fwNKRXWE5p/cP7q7PedatiMISyveYGg3qs6bgqjcxl73OX6ArLhCRSOWQ == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedriedvgddtudcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhephffvufgjfhffkfggtgesghdtreertd dttdenucfhrhhomhepofgrrhhiuhhsuceurghkkhgvuceomhgsrghkkhgvsehfrghsthhm rghilhdrtghomheqnecukfhppeekgedrvddtvddrieekrdejheenucevlhhushhtvghruf hiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmsggrkhhkvgesfhgrshhtmhgr ihhlrdgtohhm X-ME-Proxy: Received: from localhost (ti0006q161-2604.bb.online.no [84.202.68.75]) by mail.messagingengine.com (Postfix) with ESMTPA id 059D93280064; Tue, 28 Apr 2020 17:48:33 -0400 (EDT) From: Marius Bakke To: Leo Famulari , 40946@debbugs.gnu.org Subject: Re: [bug#40946] [PATCH] gnu: OpenLDAP: Update to 2.4.50 [fixes CVE-2019-{13057, 13565}]. In-Reply-To: References: Date: Tue, 28 Apr 2020 23:48:32 +0200 Message-ID: <87k11z5ljj.fsf@devup.no> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 40946 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain Leo Famulari writes: > * gnu/packages/openldap.scm (openldap)[replacement]: Use openldap-2.4.50. > (openldap/fixed): Replace with ... > (openldap-2.4.50): ... new variable. > * gnu/packages/patches/openldap-CVE-2020-12243.patch: Delete file. > * gnu/local.mk (dist_patch_DATA): Remove it. LGTM, assuming there are no ABI changes since 2.4.47. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAl6opLAACgkQoqBt8qM6 VPoDjwf/TTHfJHVA9n02eBFXJRIbD7UEzaC4wXhzG+K+euRUGa/3uq9FhH50LZQP qfjrsQvbtQC/oytiFDBTiGREFWvtAhAqaQWDfM99hcBXkoMoI6ZJGcxq/HuRjlVx 7jC7fWTch900C5/vMz/BZWFU6Lg/3cYb/BrawZUh9tHgpfZ//tLW9laDryubKXWP 6XBZvGhfTH3XNo/IgIyxleKut1rSXso25BtWmHwOX9nQOhOYsaVcknP5362g49LP 9ClWzIF0ia4g47OS1VSBybwIiIwBepIw7REIinxzLSJEBUAMIpVmhaWtOE2SsOUd 7jv/RytLlMRLYAduzN1ztzDv1FF5gg== =CPkD -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 29 13:49:32 2020 Received: (at 40946-done) by debbugs.gnu.org; 29 Apr 2020 17:49:32 +0000 Received: from localhost ([127.0.0.1]:44453 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jTqpw-0000Dp-AU for submit@debbugs.gnu.org; Wed, 29 Apr 2020 13:49:32 -0400 Received: from wout3-smtp.messagingengine.com ([64.147.123.19]:55883) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jTqpr-0000DY-I3 for 40946-done@debbugs.gnu.org; Wed, 29 Apr 2020 13:49:31 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.west.internal (Postfix) with ESMTP id 6C41441A; Wed, 29 Apr 2020 13:49:21 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Wed, 29 Apr 2020 13:49:21 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=kySl+ItBPELplPr8KgZhNLNb uRPjIFeNLZIZ1fxvD7A=; b=l2NfTS76IS47w2ai13oFu5bvkXlXkTH4lwgVfap3 RB9lixaJsm//sAZOaDOwugTQHldPGPsPOPM647k7XfrOy+znZ5E7IB7QTNL1UjSi Uxse/o0uC2cI4KP4fKDsS2qNNaKlaafoprKsoM9Li3rBQfJnaRr9E2ec4u9AO8lA e8Q= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=kySl+I tBPELplPr8KgZhNLNbuRPjIFeNLZIZ1fxvD7A=; b=xRAfavrfMTy55iCCxgSSm1 FXJ8NWhYmMOwzFWKgwS7AMB6cJ7DRZcuzF3ke2iG+bzJhIQFUiwSCqfkaRTKU9VP oabIuqmwW7rkhMsXC30bcAvUMzC0/o/RGDnD6JqlvcEuYWpKmP9xmVJFv07hml3R Qu2vL0i5+jNTjI3qd3hAa+QoFWco1PEZsV0P6mut2NR9c67aP52d7NJg62XwVbCO wbKo8qCnzzEaRqhQdkmXVvfeS8bGLV/7HjB7221YFKinNBT+yUr/rnW6RnDBQuuD 1TsG920DhznZQOnHvTJgefdxKF1ZQLTuKAC8sXcdAOmCJbGwbcxnJhXjZwLG6PRw == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrieefgdduudeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvffukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefnvghoucfh rghmuhhlrghrihcuoehlvghosehfrghmuhhlrghrihdrnhgrmhgvqeenucggtffrrghtth gvrhhnpedukeevgeetkeeltefgiedtjefgjeekffduteehvdfhueekudelieekjeefheff teenucfkphepjeeirdduvdegrddufeekrdeifeenucevlhhushhtvghrufhiiigvpedtne curfgrrhgrmhepmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 817D53065ED1; Wed, 29 Apr 2020 13:49:20 -0400 (EDT) Date: Wed, 29 Apr 2020 13:49:18 -0400 From: Leo Famulari To: Marius Bakke Subject: Re: [bug#40946] [PATCH] gnu: OpenLDAP: Update to 2.4.50 [fixes CVE-2019-{13057, 13565}]. Message-ID: <20200429174918.GA25738@jasmine.lan> References: <87k11z5ljj.fsf@devup.no> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="PNTmBPCT7hxwcZjr" Content-Disposition: inline In-Reply-To: <87k11z5ljj.fsf@devup.no> X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 40946-done Cc: 40946-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --PNTmBPCT7hxwcZjr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 28, 2020 at 11:48:32PM +0200, Marius Bakke wrote: > Leo Famulari writes: >=20 > > * gnu/packages/openldap.scm (openldap)[replacement]: Use openldap-2.4.5= 0. > > (openldap/fixed): Replace with ... > > (openldap-2.4.50): ... new variable. > > * gnu/packages/patches/openldap-CVE-2020-12243.patch: Delete file. > > * gnu/local.mk (dist_patch_DATA): Remove it. >=20 > LGTM, assuming there are no ABI changes since 2.4.47. Pushed as f224a8bb79cc3c9e5960227ffea5524eb666d34a --PNTmBPCT7hxwcZjr Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAl6pvh4ACgkQJkb6MLrK fwg3Ng//X0rrGbAbIExxLO5X/Dl8bECPR8QMKJz01BynT2g+PbttppRrbUQTB4x/ 9e/OzgLUNgVDxAXQYDMJiLRp14U5q7UcmRSGjRQjZA2G811zxqocV01P2LBhWw2n DcvvBOcHhXffdtvq16LX/gGhNxoba4nb8R1tm2Px6+8natTx+7K7Bl5C1yX5XZAW Cc831Pcqlr7rOGiA7grrsnqCO2wJ3+fZmJ46kaDFeS7bJFUdY/XS04vgpMvjgBhS 6i2x/mKQQo+2a9qolV/5ugJnQp4lPy4aV0l+Fru0bN3j4D6D8fQlqTuW9axHA1k0 2NgU9EE0TEti2i67eiRt1qGj3AYYke/qJWzOsUXJhpuCeJr6YnI3F/4+vRhPlj+C sTnhSi+F+BPUF96U5LREPekL8uQMZHs9siL160mEovvMrHj/Raj9f7pr59PtVNCg +tju989Xx0CwYkQl6VtHBGT/WI0WxZUD2nlk3bFr/6RjknnPRiWSqCIJG+NuEaHO 6SEjpeRJXz2VHhJPfLIz+h5ztUZeHvxLtqXITYccuV3MP7zGMXsMa7L6OKIC276P vuxKS/9c85SJbasl4ZsSZLaDDXwvzx/RnNnvqsTQDimGvZj2HyN8BisgvmGYr8TY lS5fnCQ3lCBOx62JYd8b35+tU88iTWZL9TkVUeViSIR/grBHTwQ= =33OG -----END PGP SIGNATURE----- --PNTmBPCT7hxwcZjr-- From unknown Thu Jun 19 14:03:05 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Thu, 28 May 2020 11:24:05 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator