!109 fix license

From: @xinghe_1 
Reviewed-by: @jiangheng12 
Signed-off-by: @jiangheng12

CVE-2020-25709.patch

@@ -0,0 +1,25 @@
+From 67670f4544e28fb09eb7319c39f404e1d3229e65 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Mon, 2 Nov 2020 13:12:10 +0000
+Subject: [PATCH] ITS#9383 remove assert in certificateListValidate
+
+---
+ servers/slapd/schema_init.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
+index ea0d67aa62..28f9e71a16 100644
+--- a/servers/slapd/schema_init.c
++++ b/servers/slapd/schema_init.c
+@@ -371,8 +371,7 @@ certificateListValidate( Syntax *syntax, struct berval *in )
+ 	/* Optional version */
+ 	if ( tag == LBER_INTEGER ) {
+ 		tag = ber_get_int( ber, &version );
+-		assert( tag == LBER_INTEGER );
+-		if ( version != SLAP_X509_V2 ) return LDAP_INVALID_SYNTAX;
++		if ( tag != LBER_INTEGER || version != SLAP_X509_V2 ) return LDAP_INVALID_SYNTAX;
+ 	}
+ 	tag = ber_skip_tag( ber, &len );	/* Signature Algorithm */
+ 	if ( tag != LBER_SEQUENCE ) return LDAP_INVALID_SYNTAX;
+-- 
+GitLab

CVE-2020-25710.patch

@@ -0,0 +1,26 @@
+From bdb0d459187522a6063df13871b82ba8dcc6efe2 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Mon, 2 Nov 2020 16:01:14 +0000
+Subject: [PATCH] ITS#9384 remove assert in obsolete csnNormalize23()
+
+---
+ servers/slapd/schema_init.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
+index 5812bc4b66..ea0d67aa62 100644
+--- a/servers/slapd/schema_init.c
++++ b/servers/slapd/schema_init.c
+@@ -5327,8 +5327,8 @@ csnNormalize23(
+ 	}
+ 	*ptr = '\0';
+ 
+-	assert( ptr == &bv.bv_val[bv.bv_len] );
+-	if ( csnValidate( syntax, &bv ) != LDAP_SUCCESS ) {
++	if ( ptr != &bv.bv_val[bv.bv_len] ||
++		csnValidate( syntax, &bv ) != LDAP_SUCCESS ) {
+ 		return LDAP_INVALID_SYNTAX;
+ 	}
+ 
+-- 
+GitLab

CVE-2021-27212.patch

@@ -0,0 +1,28 @@
+From 3539fc33212b528c56b716584f2c2994af7c30b0 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Sat, 6 Feb 2021 20:52:06 +0000
+Subject: [PATCH] ITS#9454 fix issuerAndThisUpdateCheck
+
+Reference:https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0
+
+---
+ servers/slapd/schema_init.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
+index 466899625..914df70eb 100644
+--- a/servers/slapd/schema_init.c
++++ b/servers/slapd/schema_init.c
+@@ -3975,6 +3975,8 @@ issuerAndThisUpdateCheck(
+ 					break;
+ 				}
+ 			}
++			if ( tu->bv_len < STRLENOF("YYYYmmddHHmmssZ") ) return LDAP_INVALID_SYNTAX;
++
+ 			x.bv_val += tu->bv_len + 1;
+ 			x.bv_len -= tu->bv_len + 1;
+ 
+
+-- 
+GitLab
+

backport-ITS-9904-check-for-strdup-failure.patch

@@ -0,0 +1,70 @@
+From 3f2abd0b2eeec8522e50d5c4ea4992e70e8f9915 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Thu, 25 Aug 2022 16:13:21 +0100
+Subject: [PATCH] ITS#9904 ldap_url_parsehosts: check for strdup failure
+
+Avoid unnecessary strdup in IPv6 addr parsing, check for strdup
+failure when dup'ing scheme.
+
+Code present since 2000, 8da110a9e726dbc612b302feafe0109271e6bc59
+---
+ libraries/libldap/url.c | 21 ++++++++++++---------
+ 1 file changed, 12 insertions(+), 9 deletions(-)
+
+diff --git a/libraries/libldap/url.c b/libraries/libldap/url.c
+index 7e56564265..8df0abd044 100644
+--- a/libraries/libldap/url.c
++++ b/libraries/libldap/url.c
+@@ -1386,24 +1386,22 @@ ldap_url_parsehosts(
+ 		}
+ 		ludp->lud_port = port;
+ 		ludp->lud_host = specs[i];
+-		specs[i] = NULL;
+ 		p = strchr(ludp->lud_host, ':');
+ 		if (p != NULL) {
+ 			/* more than one :, IPv6 address */
+ 			if ( strchr(p+1, ':') != NULL ) {
+ 				/* allow [address] and [address]:port */
+ 				if ( *ludp->lud_host == '[' ) {
+-					p = LDAP_STRDUP(ludp->lud_host+1);
+-					/* copied, make sure we free source later */
+-					specs[i] = ludp->lud_host;
+-					ludp->lud_host = p;
+-					p = strchr( ludp->lud_host, ']' );
++					p = strchr( ludp->lud_host+1, ']' );
+ 					if ( p == NULL ) {
+ 						LDAP_FREE(ludp);
+ 						ldap_charray_free(specs);
+ 						return LDAP_PARAM_ERROR;
+ 					}
+-					*p++ = '\0';
++					/* Truncate trailing ']' and shift hostname down 1 char */
++					*p = '\0';
++					AC_MEMCPY( ludp->lud_host, ludp->lud_host+1, p - ludp->lud_host );
++					p++;
+ 					if ( *p != ':' ) {
+ 						if ( *p != '\0' ) {
+ 							LDAP_FREE(ludp);
+@@ -1429,14 +1427,19 @@ ldap_url_parsehosts(
+ 				}
+ 			}
+ 		}
+-		ldap_pvt_hex_unescape(ludp->lud_host);
+ 		ludp->lud_scheme = LDAP_STRDUP("ldap");
++		if ( ludp->lud_scheme == NULL ) {
++			LDAP_FREE(ludp);
++			ldap_charray_free(specs);
++			return LDAP_NO_MEMORY;
++		}
++		specs[i] = NULL;
++		ldap_pvt_hex_unescape(ludp->lud_host);
+ 		ludp->lud_next = *ludlist;
+ 		*ludlist = ludp;
+ 	}
+ 
+ 	/* this should be an array of NULLs now */
+-	/* except entries starting with [ */
+ 	ldap_charray_free(specs);
+ 	return LDAP_SUCCESS;
+ }
+-- 

backport-ITS-9904-ldif_open_url-check-for-ber_strdup-failure.patch

@@ -0,0 +1,26 @@
+From ea8dd2d279c5aeaf9d4672a4e95bebd99babcce1 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Wed, 24 Aug 2022 14:40:51 +0100
+Subject: [PATCH] ITS#9904 ldif_open_url: check for ber_strdup failure
+
+Code present since 1999, df8f7cbb9b79be3be9205d116d1dd0b263d6861a
+---
+ libraries/libldap/fetch.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libraries/libldap/fetch.c b/libraries/libldap/fetch.c
+index 9e426dc64..536871bcf 100644
+--- a/libraries/libldap/fetch.c
++++ b/libraries/libldap/fetch.c
+@@ -69,6 +69,8 @@ ldif_open_url(
+ 		}
+ 
+ 		p = ber_strdup( urlstr );
++		if ( p == NULL )
++			return NULL;
+ 
+ 		/* But we should convert to LDAP_DIRSEP before use */
+ 		if ( LDAP_DIRSEP[0] != '/' ) {
+-- 
+2.33.0
+

backport-fix-cve-2022-29155.patch

@@ -0,0 +1,273 @@
+From 87df6c19915042430540931d199a39105544a134 Mon Sep 17 00:00:00 2001
+From: Howard Chu <hyc@openldap.org>
+Date: Wed, 23 Mar 2022 12:43:31 +0000
+Subject: [PATCH] ITS#9815 slapd-sql: escape filter values
+
+---
+ servers/slapd/back-sql/search.c | 123 +++++++++++++++++++++++++++-----
+ 1 file changed, 105 insertions(+), 18 deletions(-)
+
+diff --git a/servers/slapd/back-sql/search.c b/servers/slapd/back-sql/search.c
+index 2168a1553b..d4177f6292 100644
+--- a/servers/slapd/back-sql/search.c
++++ b/servers/slapd/back-sql/search.c
+@@ -63,6 +63,38 @@ static void send_paged_response(
+ 	ID  *lastid );
+ #endif /* ! BACKSQL_ARBITRARY_KEY */
+ 
++/* Look for chars that need to be escaped, return count of them.
++ * If out is non-NULL, copy escape'd val to it.
++ */
++static int
++backsql_val_escape( Operation *op, struct berval *in, struct berval *out )
++{
++	char *ptr, *end;
++	int q = 0;
++
++	ptr = in->bv_val;
++	end = ptr + in->bv_len;
++	while (ptr < end) {
++		if ( *ptr == '\'' )
++			q++;
++		ptr++;
++	}
++	if ( q && out ) {
++		char *dst;
++		out->bv_len = in->bv_len + q;
++		out->bv_val = op->o_tmpalloc( out->bv_len + 1, op->o_tmpmemctx );
++		ptr = in->bv_val;
++		dst = out->bv_val;
++		while (ptr < end ) {
++			if ( *ptr == '\'' )
++				*dst++ = '\'';
++			*dst++ = *ptr++;
++		}
++		*dst = '\0';
++	}
++	return q;
++}
++
+ static int
+ backsql_attrlist_add( backsql_srch_info *bsi, AttributeDescription *ad )
+ {
+@@ -429,6 +461,8 @@ backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
+ 	backsql_info		*bi = (backsql_info *)bsi->bsi_op->o_bd->be_private;
+ 	int			i;
+ 	int			casefold = 0;
++	int			escaped = 0;
++	struct berval	escval, *fvalue;
+ 
+ 	if ( !f ) {
+ 		return 0;
+@@ -462,50 +496,68 @@ backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
+ 
+ 		BER_BVZERO( &bv );
+ 		if ( f->f_sub_initial.bv_val ) {
+-			bv.bv_len += f->f_sub_initial.bv_len;
++			bv.bv_len += f->f_sub_initial.bv_len + backsql_val_escape( NULL, &f->f_sub_initial, NULL );
+ 		}
+ 		if ( f->f_sub_any != NULL ) {
+ 			for ( a = 0; f->f_sub_any[ a ].bv_val != NULL; a++ ) {
+-				bv.bv_len += f->f_sub_any[ a ].bv_len;
++				bv.bv_len += f->f_sub_any[ a ].bv_len + backsql_val_escape( NULL, &f->f_sub_any[ a ], NULL );
+ 			}
+ 		}
+ 		if ( f->f_sub_final.bv_val ) {
+-			bv.bv_len += f->f_sub_final.bv_len;
++			bv.bv_len += f->f_sub_final.bv_len + backsql_val_escape( NULL, &f->f_sub_final, NULL );
+ 		}
+ 		bv.bv_len = 2 * bv.bv_len - 1;
+ 		bv.bv_val = ch_malloc( bv.bv_len + 1 );
+ 
+ 		s = 0;
+ 		if ( !BER_BVISNULL( &f->f_sub_initial ) ) {
+-			bv.bv_val[ s ] = f->f_sub_initial.bv_val[ 0 ];
+-			for ( i = 1; i < f->f_sub_initial.bv_len; i++ ) {
++			fvalue = &f->f_sub_initial;
++			escaped = backsql_val_escape( bsi->bsi_op, fvalue, &escval );
++			if ( escaped )
++				fvalue = &escval;
++			bv.bv_val[ s ] = fvalue->bv_val[ 0 ];
++			for ( i = 1; i < fvalue->bv_len; i++ ) {
+ 				bv.bv_val[ s + 2 * i - 1 ] = '%';
+-				bv.bv_val[ s + 2 * i ] = f->f_sub_initial.bv_val[ i ];
++				bv.bv_val[ s + 2 * i ] = fvalue->bv_val[ i ];
+ 			}
+ 			bv.bv_val[ s + 2 * i - 1 ] = '%';
+ 			s += 2 * i;
++			if ( escaped )
++				bsi->bsi_op->o_tmpfree( escval.bv_val, bsi->bsi_op->o_tmpmemctx );
+ 		}
+ 
+ 		if ( f->f_sub_any != NULL ) {
+ 			for ( a = 0; !BER_BVISNULL( &f->f_sub_any[ a ] ); a++ ) {
+-				bv.bv_val[ s ] = f->f_sub_any[ a ].bv_val[ 0 ];
+-				for ( i = 1; i < f->f_sub_any[ a ].bv_len; i++ ) {
++				fvalue = &f->f_sub_any[ a ];
++				escaped = backsql_val_escape( bsi->bsi_op, fvalue, &escval );
++				if ( escaped )
++					fvalue = &escval;
++				bv.bv_val[ s ] = fvalue->bv_val[ 0 ];
++				for ( i = 1; i < fvalue->bv_len; i++ ) {
+ 					bv.bv_val[ s + 2 * i - 1 ] = '%';
+-					bv.bv_val[ s + 2 * i ] = f->f_sub_any[ a ].bv_val[ i ];
++					bv.bv_val[ s + 2 * i ] = fvalue->bv_val[ i ];
+ 				}
+ 				bv.bv_val[ s + 2 * i - 1 ] = '%';
+ 				s += 2 * i;
++				if ( escaped )
++					bsi->bsi_op->o_tmpfree( escval.bv_val, bsi->bsi_op->o_tmpmemctx );
+ 			}
+ 		}
+ 
+ 		if ( !BER_BVISNULL( &f->f_sub_final ) ) {
+-			bv.bv_val[ s ] = f->f_sub_final.bv_val[ 0 ];
+-			for ( i = 1; i < f->f_sub_final.bv_len; i++ ) {
++			fvalue = &f->f_sub_final;
++			escaped = backsql_val_escape( bsi->bsi_op, fvalue, &escval );
++			if ( escaped )
++				fvalue = &escval;
++			bv.bv_val[ s ] = fvalue->bv_val[ 0 ];
++			for ( i = 1; i < fvalue->bv_len; i++ ) {
+ 				bv.bv_val[ s + 2 * i - 1 ] = '%';
+-				bv.bv_val[ s + 2 * i ] = f->f_sub_final.bv_val[ i ];
++				bv.bv_val[ s + 2 * i ] = fvalue->bv_val[ i ];
+ 			}
+-				bv.bv_val[ s + 2 * i - 1 ] = '%';
++			bv.bv_val[ s + 2 * i - 1 ] = '%';
+ 			s += 2 * i;
++			if ( escaped )
++				bsi->bsi_op->o_tmpfree( escval.bv_val, bsi->bsi_op->o_tmpmemctx );
+ 		}
+ 
+ 		bv.bv_val[ s - 1 ] = '\0';
+@@ -561,11 +613,17 @@ backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
+ 			f->f_sub_initial.bv_val, 0 );
+ #endif /* BACKSQL_TRACE */
+ 
++		fvalue = &f->f_sub_initial;
++		escaped = backsql_val_escape( bsi->bsi_op, fvalue, &escval );
++		if ( escaped )
++			fvalue = &escval;
+ 		start = bsi->bsi_flt_where.bb_val.bv_len;
+ 		backsql_strfcat_x( &bsi->bsi_flt_where,
+ 				bsi->bsi_op->o_tmpmemctx,
+ 				"b",
+-				&f->f_sub_initial );
++				fvalue );
++		if ( escaped )
++			bsi->bsi_op->o_tmpfree( escval.bv_val, bsi->bsi_op->o_tmpmemctx );
+ 		if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
+ 			ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
+ 		}
+@@ -586,12 +644,18 @@ backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
+ 				i, f->f_sub_any[ i ].bv_val );
+ #endif /* BACKSQL_TRACE */
+ 
++			fvalue = &f->f_sub_any[ i ];
++			escaped = backsql_val_escape( bsi->bsi_op, fvalue, &escval );
++			if ( escaped )
++				fvalue = &escval;
+ 			start = bsi->bsi_flt_where.bb_val.bv_len;
+ 			backsql_strfcat_x( &bsi->bsi_flt_where,
+ 					bsi->bsi_op->o_tmpmemctx,
+ 					"bc",
+-					&f->f_sub_any[ i ],
++					fvalue,
+ 					'%' );
++			if ( escaped )
++				bsi->bsi_op->o_tmpfree( escval.bv_val, bsi->bsi_op->o_tmpmemctx );
+ 			if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
+ 				/*
+ 				 * Note: toupper('%') = '%'
+@@ -611,11 +675,17 @@ backsql_process_sub_filter( backsql_srch_info *bsi, Filter *f,
+ 			f->f_sub_final.bv_val, 0 );
+ #endif /* BACKSQL_TRACE */
+ 
++		fvalue = &f->f_sub_final;
++		escaped = backsql_val_escape( bsi->bsi_op, fvalue, &escval );
++		if ( escaped )
++			fvalue = &escval;
+ 		start = bsi->bsi_flt_where.bb_val.bv_len;
+     		backsql_strfcat_x( &bsi->bsi_flt_where,
+ 				bsi->bsi_op->o_tmpmemctx,
+ 				"b",
+-				&f->f_sub_final );
++				fvalue );
++		if ( escaped )
++			bsi->bsi_op->o_tmpfree( escval.bv_val, bsi->bsi_op->o_tmpmemctx );
+   		if ( casefold && BACKSQL_AT_CANUPPERCASE( at ) ) {
+ 			ldap_pvt_str2upper( &bsi->bsi_flt_where.bb_val.bv_val[ start ] );
+ 		}
+@@ -1182,6 +1252,8 @@ backsql_process_filter_attr( backsql_srch_info *bsi, Filter *f, backsql_at_map_r
+ 	struct berval		*filter_value = NULL;
+ 	MatchingRule		*matching_rule = NULL;
+ 	struct berval		ordering = BER_BVC("<=");
++	struct berval		escval;
++	int					escaped = 0;
+ 
+ 	Debug( LDAP_DEBUG_TRACE, "==>backsql_process_filter_attr(%s)\n",
+ 		at->bam_ad->ad_cname.bv_val, 0, 0 );
+@@ -1236,6 +1308,10 @@ equality_match:;
+ 			casefold = 1;
+ 		}
+ 
++		escaped = backsql_val_escape( bsi->bsi_op, filter_value, &escval );
++		if ( escaped )
++			filter_value = &escval;
++
+ 		/* FIXME: directoryString filtering should use a similar
+ 		 * approach to deal with non-prettified values like
+ 		 * " A  non    prettified   value  ", by using a LIKE
+@@ -1316,6 +1392,10 @@ equality_match:;
+ 			casefold = 1;
+ 		}
+ 
++		escaped = backsql_val_escape( bsi->bsi_op, filter_value, &escval );
++		if ( escaped )
++			filter_value = &escval;
++
+ 		/*
+ 		 * FIXME: should we uppercase the operands?
+ 		 */
+@@ -1349,7 +1429,7 @@ equality_match:;
+ 					&at->bam_sel_expr,
+ 					&ordering,
+ 					'\'',
+-					&f->f_av_value,
++					filter_value,
+ 					(ber_len_t)STRLENOF( /* (' */ "')" ),
+ 						/* ( */ "')" );
+ 		}
+@@ -1373,13 +1453,17 @@ equality_match:;
+ 	case LDAP_FILTER_APPROX:
+ 		/* we do our best */
+ 
++		filter_value = &f->f_av_value;
++		escaped = backsql_val_escape( bsi->bsi_op, filter_value, &escval );
++		if ( escaped )
++			filter_value = &escval;
+ 		/*
+ 		 * maybe we should check type of at->sel_expr here somehow,
+ 		 * to know whether upper_func is applicable, but for now
+ 		 * upper_func stuff is made for Oracle, where UPPER is
+ 		 * safely applicable to NUMBER etc.
+ 		 */
+-		(void)backsql_process_filter_like( bsi, at, 1, &f->f_av_value );
++		(void)backsql_process_filter_like( bsi, at, 1, filter_value );
+ 		break;
+ 
+ 	default:
+@@ -1393,6 +1477,9 @@ equality_match:;
+ 
+ 	}
+ 
++	if ( escaped )
++		bsi->bsi_op->o_tmpfree( escval.bv_val, bsi->bsi_op->o_tmpmemctx );
++
+ 	Debug( LDAP_DEBUG_TRACE, "<==backsql_process_filter_attr(%s)\n",
+ 		at->bam_ad->ad_cname.bv_val, 0, 0 );
+ 
+-- 
+GitLab
+

openldap.spec

@@ -2,9 +2,9 @@
 
 Name:           openldap
 Version:        2.4.50
-Release:        4
+Release:        9
 Summary:        LDAP support libraries
-License:        OpenLDAP
+License:        OLDAP-2.8
 URL:            https://www.openldap.org/
 Source0:        https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz
 Source1:        slapd.service
@@ -61,7 +61,12 @@ Patch40:	backport-delete-back-bdb-back-hdb.patch
 Patch41:	backport-Fix-test-suite.patch
 Patch42:	backport-ITS-9010-regenerate-configure.patch
 Patch43:	backport-ITS-9010-More-BDB-HDB-cleanup.patch
-
+Patch44:	CVE-2021-27212.patch
+Patch45:        CVE-2020-25709.patch
+Patch46:        CVE-2020-25710.patch
+Patch47:        backport-fix-cve-2022-29155.patch
+Patch48:        backport-ITS-9904-check-for-strdup-failure.patch
+Patch49:        backport-ITS-9904-ldif_open_url-check-for-ber_strdup-failure.patch
 
 BuildRequires:  cyrus-sasl-devel openssl-devel krb5-devel unixODBC-devel chrpath
 BuildRequires:  glibc-devel libtool libtool-ltdl-devel groff perl-interpreter perl-devel perl-generators perl-ExtUtils-Embed
@@ -89,7 +94,7 @@ customized LDAP clients.
 
 %package        servers
 Summary:        LDAP server
-License:        OpenLDAP
+License:        OLDAP-2.8
 Requires:       openldap = %{version}-%{release}
 Requires(pre):  shadow-utils
 %{?systemd_requires}
@@ -170,6 +175,12 @@ AUTOMAKE=%{_bindir}/true autoreconf -fi
 %patch41 -p1
 %patch42 -p1
 %patch43 -p1
+%patch44 -p1
+%patch45 -p1
+%patch46 -p1
+%patch47 -p1
+%patch48 -p1
+%patch49 -p1
 
 ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
 mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
@@ -452,6 +463,24 @@ popd
 %doc ltb-project-openldap-ppolicy-check-password-1.1/README.check_pwd
 
 %changelog
+* Fri Jun 14 2024 xinghe <xinghe2@h-partners.com> - 2.4.50-9
+- Type:bufgix
+- ID:NA
+- SUG:NA
+- DESC:fix license
+
+* Wed Jun 7 2023 zhujunhao <zhujunhao11@huawei.com> - 2.4.50-8
+- fix CVE-2023-2953
+
+* Mon May 16 2022 zhujunhao <zhujunhao11@huawei.com> - 2.4.50-7
+- fix CVE-2022-29155
+
+* Thu Jul 08 2021 gaihuiying <gaihuiying1@huawei.com> - 2.4.50-6
+- fix CVE-2020-25709 CVE-2020-25710
+
+* Sat Feb 27 2021 orange-snn <songnannan2@huawei.com> - 2.4.50-5
+- fix CVE-2021-27212
+
 * Thu Feb 25 2021 orange-snn <songnannan2@huawei.com> - 2.4.50-4
 - remove libdb-devel in buildrequires and requires