nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gnu: openldap: Fix CVE-2017-9287. 

* gnu/packages/patches/openldap-CVE-2017-9287.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/openldap.scm (openldap)[replacement]: New field.
(openldap/fixed): New variable.
master
Leo Famulari 2017-05-30 18:04:11 -04:00
parent 8e33bc1816
commit b0415c0361
No known key found for this signature in database
GPG Key ID: 2646FA30BACA7F08
3 changed files with 48 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
gnu/local.mk
View File

@ -863,6 +863,7 @@ dist_patch_DATA = \
%D%/packages/patches/openexr-missing-samples.patch \
%D%/packages/patches/openjpeg-CVE-2016-9850-CVE-2016-9851.patch \
%D%/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch \
%D%/packages/patches/openldap-CVE-2017-9287.patch \
%D%/packages/patches/openocd-nrf52.patch \
%D%/packages/patches/openssl-runpath.patch \
%D%/packages/patches/openssl-1.1.0-c-rehash-in.patch \

10
gnu/packages/openldap.scm
View File

@ -31,6 +31,7 @@
#:use-module (gnu packages linux)
#:use-module (gnu packages python)
#:use-module (gnu packages tls)
#:use-module (gnu packages)
#:use-module ((guix licenses) #:select (openldap2.8 lgpl2.1+))
#:use-module (guix packages)
#:use-module (guix download)
@ -39,6 +40,7 @@
(define-public openldap
(package
(name "openldap")
(replacement openldap/fixed)
(version "2.4.44")
(source (origin
(method url-fetch)
@ -79,6 +81,14 @@
(license openldap2.8)
(home-page "http://www.openldap.org/")))
(define openldap/fixed
(package
(inherit openldap)
(source
(origin
(inherit (package-source openldap))
(patches (search-patches "openldap-CVE-2017-9287.patch"))))))
(define-public nss-pam-ldapd
(package
(name "nss-pam-ldapd")

37
gnu/packages/patches/openldap-CVE-2017-9287.patch Normal file
View File

@ -0,0 +1,37 @@
Fix CVE-2017-9287:
https://www.openldap.org/its/?findid=8655
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9287
Patch copied from upstream source repository:
https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e
From 0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e Mon Sep 17 00:00:00 2001
From: Ryan Tandy <ryan@nardis.ca>
Date: Wed, 17 May 2017 20:07:39 -0700
Subject: [PATCH] ITS#8655 fix double free on paged search with pagesize 0
Fixes a double free when a search includes the Paged Results control
with a page size of 0 and the search base matches the filter.
---
servers/slapd/back-mdb/search.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/servers/slapd/back-mdb/search.c b/servers/slapd/back-mdb/search.c
index 301d1a498c..43442aa242 100644
--- a/servers/slapd/back-mdb/search.c
+++ b/servers/slapd/back-mdb/search.c
@@ -1066,7 +1066,8 @@ notfound:
/* check size limit */
if ( get_pagedresults(op) > SLAP_CONTROL_IGNORED ) {
if ( rs->sr_nentries >= ((PagedResultsState *)op->o_pagedresults_state)->ps_size ) {
- mdb_entry_return( op, e );
+ if (e != base)
+ mdb_entry_return( op, e );
e = NULL;
send_paged_response( op, rs, &lastid, tentries );
goto done;
--
2.13.0