Changelog
openldap (2.4.40-1) unstable; urgency=low
[ Ryan Tandy ]
* New upstream release.
- fixed ldap_get_dn(3) ldap_ava definition (ITS#7860) (Closes: #465024)
- fixed slapcat with external schema (ITS#7895) (Closes: #599235)
- fixed double free with invalid ciphersuite (ITS#7500) (Closes: #640384)
- fixed modrdn crash on naming attr with no matching rule (ITS#7850)
(Closes: #666515)
- fixed slapacl causing unclean database (ITS#7827) (Closes: #741248)
* slapd.scripts-common:
- Anchor grep patterns to avoid matching commented lines in ldif files
under cn=config. (Closes: #723957)
- Don't silently ignore nonexistent directories that should be dumped.
- Invoke find, chmod, and chown with -H in case /var/lib/ldap is a
symlink. (Closes: #742862)
- When upgrading a database, ignore extra nested directories as they might
contain other databases. Patch from Kenny Millington. (LP: #1003854)
- Fix dumping and reloading when multiple databases hold the same suffix,
thanks Peder Stray. (Closes: #759596, LP: #1362481)
- Remove trailing dot from slapd/domain. (Closes: #637996)
* debian/rules:
- Enable parallel building.
- Copy libldap-2.4-2.shlibs into place manually, as a workaround for
#676168. (Closes: #742841)
* debian/slapd.README.Debian: Add a note about database format upgrades and
the consequences of missing one. (Closes: #594711)
* Build with GnuTLS 3 (Closes: #745231, #760559).
* Drop debian/patches/fix-ftbfs-binutils-gold, no longer needed.
* Drop debconf-utils from Build-Depends, no longer used (replaced by
po-debconf). Thanks Johannes Schauer.
* Acknowledge NMU fixing #729367, thanks to Michael Gilbert.
* Offer the MDB backend as a choice during initial configuration. (Closes:
#750022)
* debian/slapd.init.ldif:
- Disallow modifying one's own entry by default, except specific
attributes. (Closes: #761406)
- Index some more common search attributes by default. (Closes: #762111)
* Introduce a symbols file for libldap-2.4-2.
* debian/schema/pmi.schema: Add a copyright clarification. There does not
appear to be any copyrighted text in this file, only ASN.1 assignments and
LDAP schema definitions. Fixes a Lintian error on the original.
* debian/schema/duaconf.schema: Strip Internet-Draft text from
duaconf.schema.
* Drop debian/patches/CVE-2013-4449.patch, applied upstream.
* Update debian/patches/no-AM_INIT_AUTOMAKE with upstream changes.
* debian/schema/ppolicy.schema: Update with ordering rules added in
draft-behera-ldap-password-policy-11.
* Suggest GSSAPI SASL modules. (Closes: #762424)
* debian/patches/ITS6035-olcauthzregex-needs-restart.patch: Document in
slapd-config.5 the fact that changes to olcAuthzRegexp only take effect
after the server is restarted. (Closes: #761407)
* Add myself to Uploaders.
[ Jelmer Vernooij ]
* Depend on heimdal-multidev rather than heimdal-dev. (Closes: #745356,
#706123)
[ Updated debconf translations ]
* Turkish, thanks to Atila KOÇ <email address hidden>.
(Closes: #661641)
-- Ryan Tandy <email address hidden> Fri, 17 Oct 2014 08:19:28 -0700