aboutsummaryrefslogtreecommitdiffstats
path: root/community/homer-api/0001-Update-LDAP.php.patch
diff options
context:
space:
mode:
Diffstat (limited to 'community/homer-api/0001-Update-LDAP.php.patch')
-rw-r--r--community/homer-api/0001-Update-LDAP.php.patch27
1 files changed, 0 insertions, 27 deletions
diff --git a/community/homer-api/0001-Update-LDAP.php.patch b/community/homer-api/0001-Update-LDAP.php.patch
deleted file mode 100644
index a0b7e917566..00000000000
--- a/community/homer-api/0001-Update-LDAP.php.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From c2771cbb452949fb5b1e921d8c051c59b024fc28 Mon Sep 17 00:00:00 2001
-From: Alexandr Dubovikov <alexandr.dubovikov@gmail.com>
-Date: Thu, 14 Dec 2017 15:16:58 +0100
-Subject: [PATCH] Update LDAP.php
-
-prevent some potentially leading to privilege escalation. Thanks go to Kaarle R.
----
- api/Authentication/LDAP.php | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/api/Authentication/LDAP.php b/api/Authentication/LDAP.php
-index 653af2e..f3f0c9d 100644
---- a/api/Authentication/LDAP.php
-+++ b/api/Authentication/LDAP.php
-@@ -72,8 +72,7 @@ class LDAP extends Authentication {
- return array();
- }
- }
--
-- $r=@ldap_search( $ds, LDAP_BASEDN, LDAP_USERNAME_ATTRIBUTE_OPEN .$param['username'].LDAP_USERNAME_ATTRIBUTE_CLOSE);
-+ $r=@ldap_search( $ds, LDAP_BASEDN, LDAP_USERNAME_ATTRIBUTE_OPEN.@ldap_escape($param['username']).LDAP_USERNAME_ATTRIBUTE_CLOSE);
- if ($r) {
- $result = @ldap_get_entries( $ds, $r);
-
---
-2.14.3
-
generated by cgit v1.2.3 (git 2.41.0) at 2024-04-16 11:50:52 +0000