packages/three-eight-nine-ds-base
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
three-eight-nine-ds-base/CVE-2022-1949-Fix-ACI-bypass-in-shortcut-filter-condition.patch
wk333 16493bb7e9 Fix CVE-2022-1949,CVE-2024-5953 
(cherry picked from commit 12831843a312861cb7a9025e118955c5904afc61)
2024-09-12 16:53:36 +08:00

27 lines
1.1 KiB
Diff
Raw Blame History

Origin: https://build.opensuse.org/projects/SUSE:SLE-15-SP2:Update/packages/389-ds/files/0001-Fix-ACI-bypass-in-shortcut-filter-condition.patch?expand=1
From 21629670b92260c64c0355d656cd106ff8b84732 Mon Sep 17 00:00:00 2001
From: William Brown <william@blackhats.net.au>
Date: Tue, 31 May 2022 10:26:00 +1000
Subject: [PATCH] Fix ACI bypass in shortcut filter condition
---
ldap/servers/slapd/back-ldbm/back-ldbm.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ldap/servers/slapd/back-ldbm/back-ldbm.h b/ldap/servers/slapd/back-ldbm/back-ldbm.h
index 9d78ad778..7fb85f0f6 100644
--- a/ldap/servers/slapd/back-ldbm/back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/back-ldbm.h
@@ -194,7 +194,7 @@ extern int ldbm_warn_if_no_db;
* The candidate list size at which it is cheaper to apply the filter test
* to the whole list than to continue ANDing in IDLs.
*/
-#define FILTER_TEST_THRESHOLD (NIDS)10
+#define FILTER_TEST_THRESHOLD (NIDS)0
/* flags to indicate what kind of startup the dblayer should do */
#define DBLAYER_IMPORT_MODE 0x1
--
2.36.1
Reference in New Issue View Git Blame Copy Permalink