Merge pull request #102359 from mweinelt/openldap

[staging] openldap: add patch to fix unauthenticated nullptr dereference in slapd
2020-11-01 18:43:32 +01:00 · 2020-11-01 18:43:32 +01:00 · b7ef4d7dda
parent d64f4d03d5 307abd9eae
commit b7ef4d7dda
1 changed files with 10 additions and 0 deletions
--- a/pkgs/development/libraries/openldap/default.nix
+++ b/pkgs/development/libraries/openldap/default.nix
@ -8,6 +8,16 @@ stdenv.mkDerivation rec {
    sha256 = "0qmy2jkk6v9iqwrsdsn8s7lwzaplr01a2mgf21r6nl66lig7g47l";
  };

+  patches = [
+    (fetchurl {
+      # Fix a null-ptr dereference for unauthenticated packet in slapd
+      # NO CVE yet
+      # https://bugs.openldap.org/show_bug.cgi?id=9370
+      url = "https://git.openldap.org/openldap/openldap/-/commit/4c774220a752bf8e3284984890dc0931fe73165d.patch";
+      sha256 = "1vkbb6szscnhch5zzf6iq104l3dkwd50rih8jk9y0s2vgyz76mil";
+    })
+  ];
+
  # TODO: separate "out" and "bin"
  outputs = [ "out" "dev" "man" "devdoc" ];