svn commit: r397021 - in branches/2015Q3/net/openldap24-server: . files

Tue Sep 15 20:13:06 UTC 2015

Author: delphij
Date: Tue Sep 15 20:13:05 2015
New Revision: 397021
URL: https://svnweb.freebsd.org/changeset/ports/397021

Log:
  MFH r391124,395815,396354,396731:
  
  Update to 2.4.42 and apply upstream fix for CVE-2015-6908.
  
  Obtained from:  OpenLDAP git 6fe51a9ab04fd28bbc171da3cf12f1c1040d6629
  Security:       CVE-2015-6908
  Approved by:	ports-secteam

Added:
  branches/2015Q3/net/openldap24-server/files/patch-CVE-2015-6908
     - copied unchanged from r396731, head/net/openldap24-server/files/patch-CVE-2015-6908
Deleted:
  branches/2015Q3/net/openldap24-server/files/patch-ITS8027
  branches/2015Q3/net/openldap24-server/files/patch-ITS8046
Modified:
  branches/2015Q3/net/openldap24-server/Makefile
  branches/2015Q3/net/openldap24-server/distinfo
Directory Properties:
  branches/2015Q3/   (props changed)

Modified: branches/2015Q3/net/openldap24-server/Makefile
==============================================================================

--- branches/2015Q3/net/openldap24-server/Makefile	Tue Sep 15 20:05:01 2015	(r397020)
+++ branches/2015Q3/net/openldap24-server/Makefile	Tue Sep 15 20:13:05 2015	(r397021)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=		openldap
-DISTVERSION=		2.4.40
+DISTVERSION=		2.4.42
 PORTREVISION=		${OPENLDAP_PORTREVISION}
 CATEGORIES=		net databases
 MASTER_SITES=		ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \
@@ -59,9 +59,9 @@ BROKEN=			incompatible OpenLDAP version:
 .endif
 
 PORTREVISION_CLIENT=	1
-PORTREVISION_SERVER=	4
+PORTREVISION_SERVER=	1
 OPENLDAP_SHLIB_MAJOR=	2
-OPENLDAP_SHLIB_MINOR=	10.3
+OPENLDAP_SHLIB_MINOR=	10.5
 OPENLDAP_MAJOR=		${DISTVERSION:R}
 
 OPTIONS_DEFINE=		DEBUG FETCH GSSAPI
@@ -560,6 +560,10 @@ post-install:
 		${MKDIR} ${STAGEDIR}${DOCSDIR}/$${dir}; \
 		${INSTALL_DATA} ${WRKSRC}/doc/$${dir}/* ${STAGEDIR}${DOCSDIR}/$${dir}; \
 	done
+	@for prog in ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapurl ldapwhoami; do\
+		${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/$${prog}; \
+	done
+
 	@for library in lber ldap ldap_r; do \
 		${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/lib$${library}-${OPENLDAP_MAJOR}.so.${OPENLDAP_SHLIB_MAJOR}; \
 	done

Modified: branches/2015Q3/net/openldap24-server/distinfo
==============================================================================
--- branches/2015Q3/net/openldap24-server/distinfo	Tue Sep 15 20:05:01 2015	(r397020)
+++ branches/2015Q3/net/openldap24-server/distinfo	Tue Sep 15 20:13:05 2015	(r397021)
@@ -1,2 +1,2 @@
-SHA256 (openldap-2.4.40.tgz) = d12611a5c25b6499293c2bb7b435dc2b174db73e83f5a8cb7e34f2ce5fa6dadb
-SIZE (openldap-2.4.40.tgz) = 5641865
+SHA256 (openldap-2.4.42.tgz) = eeb7b0e2c5852bfd2650e83909bb6152835c0b862fab10b63954dc1bcbba8e63
+SIZE (openldap-2.4.42.tgz) = 5645925

Copied: branches/2015Q3/net/openldap24-server/files/patch-CVE-2015-6908 (from r396731, head/net/openldap24-server/files/patch-CVE-2015-6908)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2015Q3/net/openldap24-server/files/patch-CVE-2015-6908	Tue Sep 15 20:13:05 2015	(r397021, copy of r396731, head/net/openldap24-server/files/patch-CVE-2015-6908)
@@ -0,0 +1,11 @@
+--- libraries/liblber/io.c.orig	2015-08-14 15:25:28 UTC
++++ libraries/liblber/io.c
+@@ -679,7 +679,7 @@ done:
+ 		return (ber->ber_tag);
+ 	}
+ 
+-	assert( 0 ); /* ber structure is messed up ?*/
++	/* invalid input */
+ 	return LBER_DEFAULT;
+ }
+ 
