GNU bug report logs - #46415
[PATCH] gnu: OpenLDAP: Update to 2.4.57 [security fixes].

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Wed, 10 Feb 2021 00:07:01 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Leo Famulari <leo <at> famulari.name>
To: 46415 <at> debbugs.gnu.org
Subject: [bug#46415] [PATCH] gnu: OpenLDAP: Update to 2.4.57 [security fixes].
Date: Tue,  9 Feb 2021 19:06:04 -0500

Fixes CVE-2020-{36221,36222,36223,36224,36225,36226,36226,36228,36229,36230}.

* gnu/packages/openldap.scm (openldap-2.4.57): New variable.
(openldap)[replacement]: New field.
---
 gnu/packages/openldap.scm | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm
index fb917882e7..c23a9f6c25 100644
--- a/gnu/packages/openldap.scm
+++ b/gnu/packages/openldap.scm
@@ -1,7 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015, 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
 ;;; Copyright © 2013 Andreas Enge <andreas <at> enge.fr>
-;;; Copyright © 2016 Leo Famulari <leo <at> famulari.name>
+;;; Copyright © 2016, 2021 Leo Famulari <leo <at> famulari.name>
 ;;; Copyright © 2017, 2018, 2019 Ricardo Wurmus <rekado <at> elephly.net>
 ;;; Copyright © 2018 Tobias Geerinckx-Rice <me <at> tobias.gr>
 ;;; Copyright © 2019 Mathieu Othacehe <m.othacehe <at> gmail.com>
@@ -61,6 +61,7 @@
 (define-public openldap
   (package
    (name "openldap")
+   (replacement openldap-2.4.57)
    (version "2.4.50")
    (source (origin
              (method url-fetch)
@@ -125,6 +126,27 @@
    (license openldap2.8)
    (home-page "https://www.openldap.org/")))
 
+(define-public openldap-2.4.57
+  (package
+    (inherit openldap)
+    (version "2.4.57")
+    (source (origin
+              (method url-fetch)
+              ;; See <http://www.openldap.org/software/download/> for a list of
+              ;; mirrors.
+              (uri (list (string-append
+                          "ftp://mirror.switch.ch/mirror/OpenLDAP/"
+                          "openldap-release/openldap-" version ".tgz")
+                         (string-append
+                          "https://www.openldap.org/software/download/OpenLDAP/"
+                          "openldap-release/openldap-" version ".tgz")
+                         (string-append
+                          "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/"
+                          "openldap-release/openldap-" version ".tgz")))
+              (sha256
+               (base32
+                "0nmlyqhc52v24b4awh914sczmvxbazgq2cnlycvb9dgcwvhlgfn7"))))))
+
 (define-public nss-pam-ldapd
   (package
     (name "nss-pam-ldapd")
-- 
2.30.0
This bug report was last modified 4 years and 179 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.