fix CVE-2020-25692
This commit is contained in:
guoxiaoqi
parent
658511e808
commit
0cfd7a6b1b
29
CVE-2020-25692.patch
Normal file
29
CVE-2020-25692.patch
Normal file
@ -0,0 +1,29 @@
|
||||
From 4c774220a752bf8e3284984890dc0931fe73165d Mon Sep 17 00:00:00 2001
|
||||
From: Howard Chu <hyc@openldap.org>
|
||||
Date: Mon, 19 Oct 2020 14:03:41 +0100
|
||||
Subject: [PATCH] ITS#9370 check for equality rule on old_rdn
|
||||
|
||||
Just skip normalization if there's no equality rule. We accept
|
||||
DNs without equality rules already.
|
||||
|
||||
Signed-off-by: guoxiaoqi <guoxiaoqi2@huawei.com>
|
||||
---
|
||||
servers/slapd/modrdn.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/servers/slapd/modrdn.c b/servers/slapd/modrdn.c
|
||||
index c73dd8d..a229755 100644
|
||||
--- a/servers/slapd/modrdn.c
|
||||
+++ b/servers/slapd/modrdn.c
|
||||
@@ -505,7 +505,7 @@ slap_modrdn2mods(
|
||||
mod_tmp->sml_values = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) );
|
||||
ber_dupbv( &mod_tmp->sml_values[0], &old_rdn[d_cnt]->la_value );
|
||||
mod_tmp->sml_values[1].bv_val = NULL;
|
||||
- if( desc->ad_type->sat_equality->smr_normalize) {
|
||||
+ if( desc->ad_type->sat_equality && desc->ad_type->sat_equality->smr_normalize) {
|
||||
mod_tmp->sml_nvalues = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) );
|
||||
(void) (*desc->ad_type->sat_equality->smr_normalize)(
|
||||
SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
Name: openldap
|
||||
Version: 2.4.50
|
||||
Release: 3
|
||||
Release: 4
|
||||
Summary: LDAP support libraries
|
||||
License: OpenLDAP
|
||||
URL: https://www.openldap.org/
|
||||
@ -43,6 +43,7 @@ Patch22: bugfix-openldap-ITS9160-OOM-Handing.patch
|
||||
Patch23: bugfix-openldap-fix-implicit-function-declaration.patch
|
||||
Patch24: bugfix-openldap-ITS-8650-Fix-Debug-usage-to-follow-RE24-format.patch
|
||||
Patch25: CVE-2020-15719.patch
|
||||
Patch26: CVE-2020-25692.patch
|
||||
|
||||
BuildRequires: cyrus-sasl-devel openssl-devel krb5-devel unixODBC-devel
|
||||
BuildRequires: glibc-devel libtool libtool-ltdl-devel groff perl-interpreter perl-devel perl-generators perl-ExtUtils-Embed
|
||||
@ -133,6 +134,7 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
|
||||
%patch23 -p1
|
||||
%patch24 -p1
|
||||
%patch25 -p1
|
||||
%patch26 -p1
|
||||
|
||||
ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
|
||||
mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
|
||||
@ -415,6 +417,12 @@ popd
|
||||
%doc ltb-project-openldap-ppolicy-check-password-1.1/README.check_pwd
|
||||
|
||||
%changelog
|
||||
* Mon Dec 14 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.4.50-4
|
||||
- Type:cves
|
||||
- ID:CVE-2020-25692
|
||||
- SUG:restart
|
||||
- DESC:fix CVE-2020-25692
|
||||
|
||||
* Wed Aug 05 2020 lunankun<lunankun@huawei.com> - 2.4.50-3
|
||||
- Type:cves
|
||||
- ID:CVE-2020-15719
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user