17 Dec
2018
17 Dec
'18
11:54 a.m.
HI!
This ITS was answered with won't fix / send patches: https://www.openldap.org/its/index.cgi?findid=8759
But in the mean-time somebody assigned a CVE number to it: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17740
The SUSE folks added a patch:
https://build.opensuse.org/package/view_file/network:ldap/openldap2/0017-Fix...
Could anybody review this and comment whether it makes sense at all?
If the patch is correct would it make sense to release it with 2.4.47?
Ciao, Michael.