From b90e337bb78cb379f9740f0fab8185dc48ed3e6d Mon Sep 17 00:00:00 2001 From: Michael Stahl Date: Tue, 9 Nov 2021 12:35:04 +0100 Subject: openldap: upgrade to release 2.4.59 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes CVE-2020-36230 and CVE-2020-36229 in libldap, plus lots of other CVEs that affect only the server. Unfortunately it looks like NSS support was removed in release 2.5.0. Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124914 Tested-by: Jenkins Reviewed-by: Michael Stahl (cherry picked from commit 9393325c1db9fa25037d208607b71adb567a8bbc) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124860 Reviewed-by: Caolán McNamara (cherry picked from commit b7c670984e4af1c73fa05731ca8029cec487bd52) Change-Id: Ie43d7da1b9e92b5712f9cd22c4613648394c696f --- download.lst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/download.lst b/download.lst index 1de4bef21d5a..8f1444d047b9 100644 --- a/download.lst +++ b/download.lst @@ -214,8 +214,8 @@ export ODFVALIDATOR_SHA256SUM := d55495ab3a86544650587de2a72180ddf8bfc6376d14ddf export ODFVALIDATOR_JAR := odfvalidator-0.9.0-RC2-SNAPSHOT-jar-with-dependencies-2726ab578664434a545f8379a01a9faffac0ae73.jar export OFFICEOTRON_SHA256SUM := f2443f27561af52324eee03a1892d9f569adc8db9e7bca55614898bc2a13a770 export OFFICEOTRON_JAR := 8249374c274932a21846fa7629c2aa9b-officeotron-0.7.4-master.jar -export OPENLDAP_SHA256SUM := cdd6cffdebcd95161a73305ec13fc7a78e9707b46ca9f84fb897cd5626df3824 -export OPENLDAP_TARBALL := openldap-2.4.45.tgz +export OPENLDAP_SHA256SUM := 99f37d6747d88206c470067eda624d5e48c1011e943ec0ab217bae8712e22f34 +export OPENLDAP_TARBALL := openldap-2.4.59.tgz export OPENSSL_SHA256SUM := 14cb464efe7ac6b54799b34456bd69558a749a4931ecfd9cf9f71d7881cac7bc export OPENSSL_TARBALL := openssl-1.0.2t.tar.gz export ORCUS_SHA256SUM := 0dd26f3f2e611c51df9ee02d6dbf08887989eaa417b73f6877cd0d94df795fc2 -- cgit v1.2.3