From 19e1f12ce420104451c16ab5412cb65cd8fe68cd Mon Sep 17 00:00:00 2001
From: Diego Nicola Barbato <dnbarbato@posteo.de>
Date: Fri, 7 Feb 2020 17:59:31 +0100
Subject: gnu: emacs-telega: Test Emacs environment on startup.

Print a more helpful error message when someone attempts to run Telega on an
incompatible Emacs (e.g a 32-bit Emacs without wide ints).

* gnu/packages/patches/emacs-telega-test-env.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/emacs-xyz.scm (emacs-telega)[source]: Use it.

Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
---
 gnu/packages/patches/emacs-telega-test-env.patch | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 gnu/packages/patches/emacs-telega-test-env.patch

(limited to 'gnu/packages/patches')

diff --git a/gnu/packages/patches/emacs-telega-test-env.patch b/gnu/packages/patches/emacs-telega-test-env.patch
new file mode 100644
index 0000000000..75fe2e12fc
--- /dev/null
+++ b/gnu/packages/patches/emacs-telega-test-env.patch
@@ -0,0 +1,14 @@
+Test Emacs environment on startup.
+
+Patch by Diego N. Barbato
+
+--- a/telega.el	2020-02-07 17:07:18.549970090 +0100
++++ b/telega.el	2020-02-07 17:10:08.383499765 +0100
+@@ -82,6 +82,7 @@
+   "Start telegramming.
+ If prefix ARG is given, then will not pop to telega root buffer."
+   (interactive "P")
++  (telega-test-env t)
+   (telega--create-hier)
+ 
+   (unless (telega-server-live-p)
-- 
cgit v1.2.3


From 0b25812872904d61024791778dae36636c52ded6 Mon Sep 17 00:00:00 2001
From: Efraim Flashner <efraim@flashner.co.il>
Date: Tue, 28 Apr 2020 22:52:20 +0300
Subject: gnu: openldap: Fix CVE-2020-12243.

* gnu/packages/openldap.scm (openldap)[replacement]: New field.
(openldap/fixed): New variable.
* gnu/packages/patches/openldap-CVE-2020-12243.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
---
 gnu/packages/patches/openldap-CVE-2020-12243.patch | 125 +++++++++++++++++++++
 1 file changed, 125 insertions(+)
 create mode 100644 gnu/packages/patches/openldap-CVE-2020-12243.patch

(limited to 'gnu/packages/patches')

diff --git a/gnu/packages/patches/openldap-CVE-2020-12243.patch b/gnu/packages/patches/openldap-CVE-2020-12243.patch
new file mode 100644
index 0000000000..6321998198
--- /dev/null
+++ b/gnu/packages/patches/openldap-CVE-2020-12243.patch
@@ -0,0 +1,125 @@
+From 98464c11df8247d6a11b52e294ba5dd4f0380440 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Thu, 16 Apr 2020 01:08:19 +0100
+Subject: [PATCH] ITS#9202 limit depth of nested filters
+
+Using a hardcoded limit for now; no reasonable apps
+should ever run into it.
+---
+ servers/slapd/filter.c | 41 ++++++++++++++++++++++++++++++++---------
+ 1 file changed, 32 insertions(+), 9 deletions(-)
+
+diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c
+index 3252cf2a7..ed57bbd7b 100644
+--- a/servers/slapd/filter.c
++++ b/servers/slapd/filter.c
+@@ -37,11 +37,16 @@
+ const Filter *slap_filter_objectClass_pres;
+ const struct berval *slap_filterstr_objectClass_pres;
+ 
++#ifndef SLAPD_MAX_FILTER_DEPTH
++#define SLAPD_MAX_FILTER_DEPTH	5000
++#endif
++
+ static int	get_filter_list(
+ 	Operation *op,
+ 	BerElement *ber,
+ 	Filter **f,
+-	const char **text );
++	const char **text,
++	int depth );
+ 
+ static int	get_ssa(
+ 	Operation *op,
+@@ -80,12 +85,13 @@ filter_destroy( void )
+ 	return;
+ }
+ 
+-int
+-get_filter(
++static int
++get_filter0(
+ 	Operation *op,
+ 	BerElement *ber,
+ 	Filter **filt,
+-	const char **text )
++	const char **text,
++	int depth )
+ {
+ 	ber_tag_t	tag;
+ 	ber_len_t	len;
+@@ -126,6 +132,11 @@ get_filter(
+ 	 *
+ 	 */
+ 
++	if( depth > SLAPD_MAX_FILTER_DEPTH ) {
++		*text = "filter nested too deeply";
++		return SLAPD_DISCONNECT;
++	}
++
+ 	tag = ber_peek_tag( ber, &len );
+ 
+ 	if( tag == LBER_ERROR ) {
+@@ -221,7 +232,7 @@ get_filter(
+ 
+ 	case LDAP_FILTER_AND:
+ 		Debug( LDAP_DEBUG_FILTER, "AND\n", 0, 0, 0 );
+-		err = get_filter_list( op, ber, &f.f_and, text );
++		err = get_filter_list( op, ber, &f.f_and, text, depth+1 );
+ 		if ( err != LDAP_SUCCESS ) {
+ 			break;
+ 		}
+@@ -234,7 +245,7 @@ get_filter(
+ 
+ 	case LDAP_FILTER_OR:
+ 		Debug( LDAP_DEBUG_FILTER, "OR\n", 0, 0, 0 );
+-		err = get_filter_list( op, ber, &f.f_or, text );
++		err = get_filter_list( op, ber, &f.f_or, text, depth+1 );
+ 		if ( err != LDAP_SUCCESS ) {
+ 			break;
+ 		}
+@@ -248,7 +259,7 @@ get_filter(
+ 	case LDAP_FILTER_NOT:
+ 		Debug( LDAP_DEBUG_FILTER, "NOT\n", 0, 0, 0 );
+ 		(void) ber_skip_tag( ber, &len );
+-		err = get_filter( op, ber, &f.f_not, text );
++		err = get_filter0( op, ber, &f.f_not, text, depth+1 );
+ 		if ( err != LDAP_SUCCESS ) {
+ 			break;
+ 		}
+@@ -311,10 +322,22 @@ get_filter(
+ 	return( err );
+ }
+ 
++int
++get_filter(
++	Operation *op,
++	BerElement *ber,
++	Filter **filt,
++	const char **text )
++{
++	return get_filter0( op, ber, filt, text, 0 );
++}
++
++
+ static int
+ get_filter_list( Operation *op, BerElement *ber,
+ 	Filter **f,
+-	const char **text )
++	const char **text,
++	int depth )
+ {
+ 	Filter		**new;
+ 	int		err;
+@@ -328,7 +351,7 @@ get_filter_list( Operation *op, BerElement *ber,
+ 		tag != LBER_DEFAULT;
+ 		tag = ber_next_element( ber, &len, last ) )
+ 	{
+-		err = get_filter( op, ber, new, text );
++		err = get_filter0( op, ber, new, text, depth );
+ 		if ( err != LDAP_SUCCESS )
+ 			return( err );
+ 		new = &(*new)->f_next;
+-- 
+2.26.2
+
-- 
cgit v1.2.3


From f224a8bb79cc3c9e5960227ffea5524eb666d34a Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Tue, 28 Apr 2020 15:59:16 -0400
Subject: gnu: OpenLDAP: Update to 2.4.50 [fixes CVE-2019-{13057,13565}].

* gnu/packages/openldap.scm (openldap)[replacement]: Use openldap-2.4.50.
(openldap/fixed): Replace with ...
(openldap-2.4.50): ... new variable.
* gnu/packages/patches/openldap-CVE-2020-12243.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/packages/patches/openldap-CVE-2020-12243.patch | 125 ---------------------
 1 file changed, 125 deletions(-)
 delete mode 100644 gnu/packages/patches/openldap-CVE-2020-12243.patch

(limited to 'gnu/packages/patches')

diff --git a/gnu/packages/patches/openldap-CVE-2020-12243.patch b/gnu/packages/patches/openldap-CVE-2020-12243.patch
deleted file mode 100644
index 6321998198..0000000000
--- a/gnu/packages/patches/openldap-CVE-2020-12243.patch
+++ /dev/null
@@ -1,125 +0,0 @@
-From 98464c11df8247d6a11b52e294ba5dd4f0380440 Mon Sep 17 00:00:00 2001
-From: Howard Chu <hyc@openldap.org>
-Date: Thu, 16 Apr 2020 01:08:19 +0100
-Subject: [PATCH] ITS#9202 limit depth of nested filters
-
-Using a hardcoded limit for now; no reasonable apps
-should ever run into it.
----
- servers/slapd/filter.c | 41 ++++++++++++++++++++++++++++++++---------
- 1 file changed, 32 insertions(+), 9 deletions(-)
-
-diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c
-index 3252cf2a7..ed57bbd7b 100644
---- a/servers/slapd/filter.c
-+++ b/servers/slapd/filter.c
-@@ -37,11 +37,16 @@
- const Filter *slap_filter_objectClass_pres;
- const struct berval *slap_filterstr_objectClass_pres;
- 
-+#ifndef SLAPD_MAX_FILTER_DEPTH
-+#define SLAPD_MAX_FILTER_DEPTH	5000
-+#endif
-+
- static int	get_filter_list(
- 	Operation *op,
- 	BerElement *ber,
- 	Filter **f,
--	const char **text );
-+	const char **text,
-+	int depth );
- 
- static int	get_ssa(
- 	Operation *op,
-@@ -80,12 +85,13 @@ filter_destroy( void )
- 	return;
- }
- 
--int
--get_filter(
-+static int
-+get_filter0(
- 	Operation *op,
- 	BerElement *ber,
- 	Filter **filt,
--	const char **text )
-+	const char **text,
-+	int depth )
- {
- 	ber_tag_t	tag;
- 	ber_len_t	len;
-@@ -126,6 +132,11 @@ get_filter(
- 	 *
- 	 */
- 
-+	if( depth > SLAPD_MAX_FILTER_DEPTH ) {
-+		*text = "filter nested too deeply";
-+		return SLAPD_DISCONNECT;
-+	}
-+
- 	tag = ber_peek_tag( ber, &len );
- 
- 	if( tag == LBER_ERROR ) {
-@@ -221,7 +232,7 @@ get_filter(
- 
- 	case LDAP_FILTER_AND:
- 		Debug( LDAP_DEBUG_FILTER, "AND\n", 0, 0, 0 );
--		err = get_filter_list( op, ber, &f.f_and, text );
-+		err = get_filter_list( op, ber, &f.f_and, text, depth+1 );
- 		if ( err != LDAP_SUCCESS ) {
- 			break;
- 		}
-@@ -234,7 +245,7 @@ get_filter(
- 
- 	case LDAP_FILTER_OR:
- 		Debug( LDAP_DEBUG_FILTER, "OR\n", 0, 0, 0 );
--		err = get_filter_list( op, ber, &f.f_or, text );
-+		err = get_filter_list( op, ber, &f.f_or, text, depth+1 );
- 		if ( err != LDAP_SUCCESS ) {
- 			break;
- 		}
-@@ -248,7 +259,7 @@ get_filter(
- 	case LDAP_FILTER_NOT:
- 		Debug( LDAP_DEBUG_FILTER, "NOT\n", 0, 0, 0 );
- 		(void) ber_skip_tag( ber, &len );
--		err = get_filter( op, ber, &f.f_not, text );
-+		err = get_filter0( op, ber, &f.f_not, text, depth+1 );
- 		if ( err != LDAP_SUCCESS ) {
- 			break;
- 		}
-@@ -311,10 +322,22 @@ get_filter(
- 	return( err );
- }
- 
-+int
-+get_filter(
-+	Operation *op,
-+	BerElement *ber,
-+	Filter **filt,
-+	const char **text )
-+{
-+	return get_filter0( op, ber, filt, text, 0 );
-+}
-+
-+
- static int
- get_filter_list( Operation *op, BerElement *ber,
- 	Filter **f,
--	const char **text )
-+	const char **text,
-+	int depth )
- {
- 	Filter		**new;
- 	int		err;
-@@ -328,7 +351,7 @@ get_filter_list( Operation *op, BerElement *ber,
- 		tag != LBER_DEFAULT;
- 		tag = ber_next_element( ber, &len, last ) )
- 	{
--		err = get_filter( op, ber, new, text );
-+		err = get_filter0( op, ber, new, text, depth );
- 		if ( err != LDAP_SUCCESS )
- 			return( err );
- 		new = &(*new)->f_next;
--- 
-2.26.2
-
-- 
cgit v1.2.3