Comment 10 for bug 197077

openldap2.3 (2.4.7-6ubuntu1) hardy; urgency=low

  * Merge from Debian unstable, remaining changes:
    + debian/patches/SECURITY_CVE-2008-0658.patch (LP: #197077)
      slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39
      allows remote authenticated users to cause a denial of service (daemon
      crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION)
      control, a related issue to CVE-2007-6698.
    + debian/apparmor-profile: add AppArmor profile
    + debian/slapd.postinst: Reload AA profile on configuration
    + updated debian/slapd.README.Debian for note on AppArmor
    + debian/control: Replaces apparmor-profiles << 2.1+1075-0ubuntu4 as we
      should now take control
    + debian/control: Conflicts with apparmor-profiles << 2.1+1075-0ubuntu4
      to make sure that if earlier version of apparmor-profiles gets
      installed it won't overwrite our profile
    + Modify Maintainer value to match the DebianMaintainerField
      specification.

 -- Steve Langasek <email address hidden> Tue, 04 Mar 2008 01:59:51 +0000