From f224a8bb79cc3c9e5960227ffea5524eb666d34a Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 28 Apr 2020 15:59:16 -0400 Subject: gnu: OpenLDAP: Update to 2.4.50 [fixes CVE-2019-{13057,13565}]. * gnu/packages/openldap.scm (openldap)[replacement]: Use openldap-2.4.50. (openldap/fixed): Replace with ... (openldap-2.4.50): ... new variable. * gnu/packages/patches/openldap-CVE-2020-12243.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/packages/openldap.scm | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'gnu/packages/openldap.scm') diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm index aa51520654..53c57e846f 100644 --- a/gnu/packages/openldap.scm +++ b/gnu/packages/openldap.scm @@ -58,8 +58,8 @@ (define-public openldap (package - (replacement openldap/fixed) (name "openldap") + (replacement openldap-2.4.50) (version "2.4.47") (source (origin (method url-fetch) @@ -112,12 +112,18 @@ (license openldap2.8) (home-page "https://www.openldap.org/"))) -(define openldap/fixed +(define openldap-2.4.50 (package (inherit openldap) - (source - (origin (inherit (package-source openldap)) - (patches (search-patches "openldap-CVE-2020-12243.patch")))))) + (version "2.4.50") + (source (origin + (method url-fetch) + (uri (string-append "https://www.openldap.org/software/download/" + "OpenLDAP/openldap-release/openldap-" version + ".tgz")) + (sha256 + (base32 + "1f46nlfwmys110j36sifm7ah8m8f3s10c3vaiikmmigmifapvdaw")))))) (define-public nss-pam-ldapd (package -- cgit v1.2.3