---
- branch: MAIN
  date: Tue Dec 13 10:38:06 UTC 2016
  files:
  - new: '1.146'
    old: '1.145'
    path: pkgsrc/databases/openldap/Makefile
    pathrev: pkgsrc/databases/openldap/Makefile@1.146
    type: modified
  - new: '1.108'
    old: '1.107'
    path: pkgsrc/databases/openldap/distinfo
    pathrev: pkgsrc/databases/openldap/distinfo@1.108
    type: modified
  - new: '1.25'
    old: '1.24'
    path: pkgsrc/databases/openldap-client/Makefile
    pathrev: pkgsrc/databases/openldap-client/Makefile@1.25
    type: modified
  - new: '1.50'
    old: '1.49'
    path: pkgsrc/databases/openldap-server/Makefile
    pathrev: pkgsrc/databases/openldap-server/Makefile@1.50
    type: modified
  - new: '1.1'
    old: '0'
    path: pkgsrc/databases/openldap/patches/patch-libraries_libldap_tls__m.c
    pathrev: pkgsrc/databases/openldap/patches/patch-libraries_libldap_tls__m.c@1.1
    type: added
  id: 20161213T103806Z.4a664e8467c85532322c139ebebaa66b637093ae
  log: |
    Apply fix from https://bugzilla.redhat.com/show_bug.cgi?id=1238322
    Incorrect multi-keyword mode cipherstring parsing.
    Fixes CVE-2015-3276.
    Submitted upstream as ITS#8543, it apparently wasn't already(!)
    http://www.openldap.org/its/index.cgi/Incoming?id=8543

    Bump PKGREVISION for both openldap, openldap-server and openldap-client
    (to be on the safe side...)
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/databases'
  unixtime: '1481625486'
  user: he