Request 718342: Submit openldap2 - openSUSE Build Service

This request supersedes: request 718338 (Show diff)

Overview

Request 718342 accepted

- Update to upstream release 2.4.48 with security fixes:
* CVE-2019-13057 (ITS#9038):
rootdn of any db can assert any identity
* CVE-2019-13565 (ITS#9052):
Unauthorized access caused by incorrect handling of SASL SSF values
- Fix CVE-2017-17740 by disabling nops overlay not maintained by upstream
(see also bsc#1073313, comment #36)
- Removed obsolete patches:
* 0002-openldap-its8727-plug-ber-leaks.patch
* 0017-Fix-segfault-in-nops.patch

Note that I disabled slapo-nops instead of rebasing 0017-Fix-segfault-in-nops.patch which is somewhat debatable. You can take it or leave it.

Created by stroeder almost 5 years ago
In state accepted
Package maintainers: jengelh and jmcdough
Supersedes 718338

Submit openldap2

Comments for request 718342 0
Comments for request 718338 1

Login required, please login in order to comment

Michael Ströder (stroeder) - almost 5 years ago

author

Note that I disabled slapo-nops instead of rebasing 0017-Fix-segfault-in-nops.patch which is somewhat debatable. You can take it or leave it.

Login required, please login in order to comment

Request History

stroeder created request almost 5 years ago

- Update to upstream release 2.4.48 with security fixes:
* CVE-2019-13057 (ITS#9038):
rootdn of any db can assert any identity
* CVE-2019-13565 (ITS#9052):
Unauthorized access caused by incorrect handling of SASL SSF values
- Fix CVE-2017-17740 by disabling nops overlay not maintained by upstream
(see also bsc#1073313, comment #36)
- Removed obsolete patches:
* 0002-openldap-its8727-plug-ber-leaks.patch
* 0017-Fix-segfault-in-nops.patch

Note that I disabled slapo-nops instead of rebasing 0017-Fix-segfault-in-nops.patch which is somewhat debatable. You can take it or leave it.

stroeder accepted request almost 5 years ago

openSUSE Build Service is sponsored by