Copied from
ubuntu artful in
Primary Archive for Ubuntu
Changelog
openldap (2.4.45+dfsg-1ubuntu1) artful; urgency=low
* Merge from Debian unstable. Remaining changes:
- Enable AppArmor support:
- d/apparmor-profile: add AppArmor profile
- d/rules: use dh_apparmor
- d/control: Build-Depends on dh-apparmor
- d/slapd.README.Debian: add note about AppArmor
- Enable GSSAPI support:
- d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
principal
- d/configure.options: Configure with --with-gssapi
- d/control: Added heimdal-dev as a build depend
- d/rules:
- Explicitly add -I/usr/include/heimdal to CFLAGS.
- Explicitly add -I/usr/lib/<multiarch>/heimdal to LDFLAGS.
- Enable ufw support:
- d/control: suggest ufw.
- d/rules: install ufw profile.
- d/slapd.ufw.profile: add ufw profile.
- Enable nss overlay:
- d/{patches/nssov-build,rules}: Apply, build and package the
nss overlay.
- d/{rules,slapd.py}: Add apport hook.
- d/slapd.init.ldif: don't set olcRootDN since it's not defined in
either the default DIT nor via an Authn mapping.
- d/slapd.scripts-common:
- add slapcat_opts to local variables.
- Fix backup directory naming for multiple reconfiguration.
- d/{slapd.default,slapd.README.Debian}: use the new configuration style.
- d/rules: Enable -DLDAP_CONNECTIONLESS to build CLDAP (UDP) support
in the openldap library, as required by Likewise-Open
- Show distribution in version:
- d/control: added lsb-release
- d/patches/fix-ldap-distribution.patch: show distribution in version
- d/libldap-2.4-2.symbols: Add symbols not present in Debian.
- CLDAP (UDP) was added in 2.4.17-1ubuntu2
- GSSAPI support was enabled in 2.4.18-0ubuntu2
openldap (2.4.45+dfsg-1) unstable; urgency=medium
* New upstream release.
- fixed a use-after-free in GnuTLS options handling
(ITS#8385) (Closes: #820244) (LP: #1557248)
- fixed unsafe concurrent SASL calls causing memory corruption
(ITS#8648) (Closes: #860947) (LP: #1688575)
- fixed syncrepl infinite looping with multi-master delta-syncrepl
(ITS#8432) (Closes: #868753)
* Rebase patches to apply cleanly:
- do-not-second-guess-sonames
- no-AM_INIT_AUTOMAKE
* Drop patches applied upstream:
- ITS-8554-kFreeBSD-is-like-BSD.patch
- ITS-8644-wait-for-slapd-to-start-in-test064.patch
- ITS-8655-paged-results-double-free.patch
* Upgrade to debhelper compat level 10.
- Depend on debhelper 10.
- Stop enabling parallel and autoreconf explicitly. They are now enabled
by default.
- Drop dh-autoreconf from build-depends since debhelper requires it.
* Add -Wno-format-extra-args to CFLAGS to reduce the noise in the build
logs, as this warning is emitted on each use of the Debug() macro.
* Drop libldap-2.4-4-dbg and slapd-dbg binary packages in favour of
automatic dbgsym packages.
* Update Standards-Version to 4.0.0; no changes required.
* Drop Priority and Section from binary package stanzas when they only
duplicate information from the source stanza.
* Update Priority of slapd-smbk5pwd and libldap2-dev to optional to match
the archive.
* Remove retired developer, Roland Bauerschmidt, from Uploaders.
(Closes: #856422)
* Remove Timo Aaltonen from Uploaders, with his agreement.
* debian/patches/ITS8650-retry-gnutls_handshake-after-GNUTLS_E_AGAIN.patch:
If gnutls_handshake() returns EAGAIN, call it again. Fixes TLS handshake
failures when the ServerHello message exceeds 16K.
(ITS#8650) (Closes: #861838)
* Drop time from Build-Depends. The upstream testsuite no longer calls it.
-- Gianfranco Costamagna <email address hidden> Fri, 28 Jul 2017 14:49:07 +0200