Bump version to 2.4.46-20
Resolves: RHEL-35538 - Fix OpenSSL channel binding digest
This commit is contained in:
parent
24a390ba08
commit
9820cbeebe
18
openldap-cbinding-fix-openssl-digest.patch
Normal file
18
openldap-cbinding-fix-openssl-digest.patch
Normal file
@ -0,0 +1,18 @@
|
||||
diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
|
||||
index 6f27168..eb7b97c 100644
|
||||
--- a/libraries/libldap/tls_o.c
|
||||
+++ b/libraries/libldap/tls_o.c
|
||||
@@ -862,7 +862,12 @@ tlso_session_endpoint( tls_session *sess, struct berval *buf, int is_server )
|
||||
return 0;
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||
- md = EVP_get_digestbynid( X509_get_signature_nid( cert ));
|
||||
+ {
|
||||
+ int mdnid;
|
||||
+ if ( !OBJ_find_sigid_algs( X509_get_signature_nid( cert ), &mdnid, NULL ))
|
||||
+ return 0;
|
||||
+ md = EVP_get_digestbynid( mdnid );
|
||||
+ }
|
||||
#else
|
||||
md = EVP_get_digestbynid(OBJ_obj2nid( cert->sig_alg->algorithm ));
|
||||
#endif
|
@ -5,7 +5,7 @@
|
||||
|
||||
Name: openldap
|
||||
Version: 2.4.46
|
||||
Release: 19%{?dist}
|
||||
Release: 20%{?dist}
|
||||
Summary: LDAP support libraries
|
||||
License: OpenLDAP
|
||||
URL: http://www.openldap.org/
|
||||
@ -58,8 +58,9 @@ Patch61: openldap-cbinding-Convert-test077-to-LDIF-config.patch
|
||||
Patch62: openldap-cbinding-Update-keys-to-RSA-4096.patch
|
||||
Patch63: openldap-add-TLS_REQSAN-option.patch
|
||||
Patch64: openldap-change-TLS_REQSAN-default-to-TRY.patch
|
||||
Patch65: 0001-ITS-9904-ldap_url_parsehosts-check-for-strdup-failur.patch
|
||||
Patch66: 0001-ITS-9904-ldif_open_url-check-for-ber_strdup-failure.patch
|
||||
Patch65: openldap-cbinding-fix-openssl-digest.patch
|
||||
Patch66: 0001-ITS-9904-ldap_url_parsehosts-check-for-strdup-failur.patch
|
||||
Patch67: 0001-ITS-9904-ldif_open_url-check-for-ber_strdup-failure.patch
|
||||
|
||||
# check-password module specific patches
|
||||
Patch90: check-password-makefile.patch
|
||||
@ -157,6 +158,7 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
|
||||
%patch64 -p1
|
||||
%patch65 -p1
|
||||
%patch66 -p1
|
||||
%patch67 -p1
|
||||
|
||||
# build smbk5pwd with other overlays
|
||||
ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
|
||||
@ -526,6 +528,10 @@ exit 0
|
||||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Wed Jul 3 2024 Simon Pichugin <spichugi@redhat.com> - 2.4.46-20
|
||||
- Bump version to 2.4.46-20
|
||||
- Resolves: RHEL-35538 - Fix OpenSSL channel binding digest
|
||||
|
||||
* Tue Apr 30 2024 Simon Pichugin <spichugi@redhat.com> - 2.4.46-19
|
||||
- Bump version to 2.4.46-19
|
||||
- Resolves: RHEL-34283 - openldap: null pointer dereference in ber_memalloc_x function
|
||||
|
Loading…
Reference in New Issue
Block a user