GNU bug report logs -
#46415
[PATCH] gnu: OpenLDAP: Update to 2.4.57 [security fixes].
Previous Next
Reported by: Leo Famulari <leo <at> famulari.name>
Date: Wed, 10 Feb 2021 00:07:01 UTC
Severity: normal
Tags: patch
Done: Leo Famulari <leo <at> famulari.name>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Thu, 11 Feb 2021 15:03:38 -0500
with message-id <YCWNmkGgaT2QN90R <at> jasmine.lan>
and subject line Re: [bug#46415] [PATCH] gnu: OpenLDAP: Update to 2.4.57 [security fixes].
has caused the debbugs.gnu.org bug report #46415,
regarding [PATCH] gnu: OpenLDAP: Update to 2.4.57 [security fixes].
to be marked as done.
(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)
--
46415: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=46415
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
Fixes CVE-2020-{36221,36222,36223,36224,36225,36226,36226,36228,36229,36230}.
* gnu/packages/openldap.scm (openldap-2.4.57): New variable.
(openldap)[replacement]: New field.
---
gnu/packages/openldap.scm | 24 +++++++++++++++++++++++-
1 file changed, 23 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm
index fb917882e7..c23a9f6c25 100644
--- a/gnu/packages/openldap.scm
+++ b/gnu/packages/openldap.scm
@@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015, 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
;;; Copyright © 2013 Andreas Enge <andreas <at> enge.fr>
-;;; Copyright © 2016 Leo Famulari <leo <at> famulari.name>
+;;; Copyright © 2016, 2021 Leo Famulari <leo <at> famulari.name>
;;; Copyright © 2017, 2018, 2019 Ricardo Wurmus <rekado <at> elephly.net>
;;; Copyright © 2018 Tobias Geerinckx-Rice <me <at> tobias.gr>
;;; Copyright © 2019 Mathieu Othacehe <m.othacehe <at> gmail.com>
@@ -61,6 +61,7 @@
(define-public openldap
(package
(name "openldap")
+ (replacement openldap-2.4.57)
(version "2.4.50")
(source (origin
(method url-fetch)
@@ -125,6 +126,27 @@
(license openldap2.8)
(home-page "https://www.openldap.org/")))
+(define-public openldap-2.4.57
+ (package
+ (inherit openldap)
+ (version "2.4.57")
+ (source (origin
+ (method url-fetch)
+ ;; See <http://www.openldap.org/software/download/> for a list of
+ ;; mirrors.
+ (uri (list (string-append
+ "ftp://mirror.switch.ch/mirror/OpenLDAP/"
+ "openldap-release/openldap-" version ".tgz")
+ (string-append
+ "https://www.openldap.org/software/download/OpenLDAP/"
+ "openldap-release/openldap-" version ".tgz")
+ (string-append
+ "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/"
+ "openldap-release/openldap-" version ".tgz")))
+ (sha256
+ (base32
+ "0nmlyqhc52v24b4awh914sczmvxbazgq2cnlycvb9dgcwvhlgfn7"))))))
+
(define-public nss-pam-ldapd
(package
(name "nss-pam-ldapd")
--
2.30.0
[Message part 3 (message/rfc822, inline)]
[Message part 4 (text/plain, inline)]
On Thu, Feb 11, 2021 at 09:21:14PM +0200, Efraim Flashner wrote:
> On Thu, Feb 11, 2021 at 02:18:57PM -0500, Leo Famulari wrote:
> > On Thu, Feb 11, 2021 at 01:15:08PM +0200, Efraim Flashner wrote:
> > > I assume you've tested it out? Looks good to me. I assume there's no way
> > > to inherit the list of URLs from openldap to openldap/fixed and still
> > > have it download the correct version.
> >
> > I tested that it builds but I don't have a way to test LDAP
> > functionality.
>
> I meant I assumed you tested it built and grafted correctly, as best as
> we can tell.
Yeah. Thanks for review! Pushed as a18492118cc73bee9a2e6424363e3e072572f52e
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 4 years and 179 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.