package/openldap: security bump to version 2.4.48
authorSørensen, Stefan <Stefan.Sorensen@spectralink.com>
Tue, 27 Aug 2019 11:00:27 +0000 (11:00 +0000)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 27 Aug 2019 21:19:40 +0000 (23:19 +0200)
Security fixes:
CVE-2019-13057: Fixed slapd to restrict rootDN proxyauthz to its own databases
CVE-2019-13565: Fixed slapd to initialize SASL SSF per connection

Full changelog:
https://www.openldap.org/lists/openldap-announce/201907/msg00001.html

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
[Peter: fix sha256 hash line]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/openldap/openldap.hash
package/openldap/openldap.mk

index 0b33b8d724153f53647d45e3d439145cbbe93b71..9ea1e7a55d6ae341da137eff49b6fa48360d7bb9 100644 (file)
@@ -1,7 +1,7 @@
-# From http://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.47.md5
-md5 e508f97bfd778fec7799f286e5c07176  openldap-2.4.47.tgz
-# From http://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.47.sha1
-sha1 c59d52dd75f7d1c7b02f83725da36c322d439674  openldap-2.4.47.tgz
+# From http://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.48.md5
+md5 0729a0711fe096831dedc159e0bbe73f  openldap-2.4.48.tgz
+# From http://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.48.sha1
+sha1 c1984e80f6db038b317bf931866adb38e5537dcd  openldap-2.4.48.tgz
 # Locally computed
-sha256 f54c5877865233d9ada77c60c0f69b3e0bfd8b1b55889504c650047cc305520b  openldap-2.4.47.tgz
+sha256 d9523ffcab5cd14b709fcf3cb4d04e8bc76bb8970113255f372bc74954c6074d  openldap-2.4.48.tgz
 sha256 310fe25c858a9515fc8c8d7d1f24a67c9496f84a91e0a0e41ea9975b1371e569  LICENSE
index 9dbab731c3ae677b117d62d689dbbea2eb94cfa0..4417bb659be627d09844c115f8911d6858649526 100644 (file)
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-OPENLDAP_VERSION = 2.4.47
+OPENLDAP_VERSION = 2.4.48
 OPENLDAP_SOURCE = openldap-$(OPENLDAP_VERSION).tgz
 OPENLDAP_SITE = http://www.openldap.org/software/download/OpenLDAP/openldap-release
 OPENLDAP_LICENSE = OpenLDAP Public License