mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 16:27:27 +00:00
openldap: fix CVE-2021-27212 Assertion failure in slapd
Upstream-Status: Backport from https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
committed by
Armin Kuster
parent
2dd0c9db67
commit
b5282ece91
@@ -0,0 +1,31 @@
|
|||||||
|
From 9badb73425a67768c09bcaed1a9c26c684af6c30 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Howard Chu <hyc@openldap.org>
|
||||||
|
Date: Sat, 6 Feb 2021 20:52:06 +0000
|
||||||
|
Subject: [PATCH] ITS#9454 fix issuerAndThisUpdateCheck
|
||||||
|
|
||||||
|
|
||||||
|
Signed-off-by: Howard Chu <hyc@openldap.org>
|
||||||
|
|
||||||
|
Upstream-Status: Backport [https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30]
|
||||||
|
CVE: CVE-2021-27212
|
||||||
|
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
|
||||||
|
---
|
||||||
|
servers/slapd/schema_init.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
|
||||||
|
index 31be115..8b1e255 100644
|
||||||
|
--- a/servers/slapd/schema_init.c
|
||||||
|
+++ b/servers/slapd/schema_init.c
|
||||||
|
@@ -3900,6 +3900,8 @@ issuerAndThisUpdateCheck(
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+ if ( tu->bv_len < STRLENOF("YYYYmmddHHmmssZ") ) return LDAP_INVALID_SYNTAX;
|
||||||
|
+
|
||||||
|
x.bv_val += tu->bv_len + 1;
|
||||||
|
x.bv_len -= tu->bv_len + 1;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.25.1
|
||||||
|
|
||||||
@@ -26,6 +26,7 @@ SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/$
|
|||||||
file://CVE-2022-29155.patch \
|
file://CVE-2022-29155.patch \
|
||||||
file://CVE-2023-2953-1.patch \
|
file://CVE-2023-2953-1.patch \
|
||||||
file://CVE-2023-2953-2.patch \
|
file://CVE-2023-2953-2.patch \
|
||||||
|
file://CVE-2021-27212.patch \
|
||||||
"
|
"
|
||||||
SRC_URI[md5sum] = "e3349456c3a66e5e6155be7ddc3f042c"
|
SRC_URI[md5sum] = "e3349456c3a66e5e6155be7ddc3f042c"
|
||||||
SRC_URI[sha256sum] = "c7ba47e1e6ecb5b436f3d43281df57abeffa99262141aec822628bc220f6b45a"
|
SRC_URI[sha256sum] = "c7ba47e1e6ecb5b436f3d43281df57abeffa99262141aec822628bc220f6b45a"
|
||||||
|
|||||||
Reference in New Issue
Block a user