This patch is already committed upstream.

Spotted by guenther@ ok sthen@
2012-06-04 11:35:54 +00:00 · 2012-06-04 11:35:54 +00:00 · f68803aa1d
commit f68803aa1d
parent ac0f638eec
2 changed files with 2 additions and 22 deletions
--- a/databases/openldap/Makefile
+++ b/databases/openldap/Makefile
@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.115 2012/05/09 09:37:21 pea Exp $
+# $OpenBSD: Makefile,v 1.116 2012/06/04 11:35:54 pea Exp $
 COMMENT-main=	Open source LDAP software (client)
 COMMENT-server=	Open source LDAP software (server)
@ -7,6 +7,7 @@ DISTNAME=		openldap-2.4.31
 PKGNAME-main=		${DISTNAME:S/-/-client-/}
 PKGNAME-server=		${DISTNAME:S/-/-server-/}
 REVISION-server=	0
 SHARED_LIBS +=	lber                 12.0      # .10.1
 SHARED_LIBS +=	ldap                 12.0      # .10.1
--- a/databases/openldap/patches/patch-servers_slapd_dn_c
+++ b/databases/openldap/patches/patch-servers_slapd_dn_c
@ -1,21 +0,0 @@
 $OpenBSD: patch-servers_slapd_dn_c,v 1.2 2011/01/07 10:24:30 pea Exp $
 SECURITY FIX
 Resolves CVE-2010-0211 and CVE-2010-0212 (ITS#6570)
 from upstream
 --- servers/slapd/dn.c.orig	Thu Jun 10 19:48:06 2010
 +++ servers/slapd/dn.c	Tue Sep  7 15:11:59 2010
@@ -380,6 +380,10 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ct
 		if (!ava->la_value.bv_len) {
 			return LDAP_INVALID_SYNTAX;
 		}
 +		/* reject empty values */
 +		if (!ava->la_value.bv_len) {
 +			return LDAP_INVALID_SYNTAX;
 +		}
 	}
 	rc = LDAP_SUCCESS;