-
openldap (2.5.17+dfsg-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream version (LP: #2040465).
- Added slapo-dynlist option to disable filter support (ITS#10025)
- Fixed liblber missing newline on long msg (ITS#10105)
- Fixed libldap exit handling with OpenSSL3 (ITS#9952)
- Fixed libldap with TLS and multiple ldap URIs (ITS#10101)
- Fixed libldap OpenSSL cipher suite handling (ITS#10094)
- Fixed libldap OpenSSL 3.0 and Diffie-Hellman param files (ITS#10124)
- Fixed libldap timestamps on Windows (ITS#10100)
- Fixed lloadd to work when resolv.conf is missing (ITS#10070)
- Fixed lloadd handling of closing connection (ITS#10083)
- Fixed slapd to honour disclose in matchedDN handling (ITS#10139)
- Fixed slapd handling of regex testing in ACLs (ITS#10089)
- Fixed slapd-asyncmeta when remote suffix is empty (ITS#10076)
- Fixed slapo-dynlist so it can't be global (ITS#10091)
-- Sergio Durigan Junior <email address hidden> Fri, 09 Feb 2024 15:12:07 -0500
-
openldap (2.5.16+dfsg-0ubuntu0.22.04.2) jammy-security; urgency=medium
* No change rebuild to fix CVE-2023-2953 in the -security pocket.
-- Marc Deslauriers <email address hidden> Thu, 25 Jan 2024 13:42:39 -0500
-
openldap (2.5.16+dfsg-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream version (LP: #2029170).
- Fixed slapd cn=config incorrect handling of paused (ITS#10045)
- Fixed slapd-meta to account for MOD ops being optional (ITS#10067)
- Fixed slapd-asyncmeta to account for MOD ops being optional (ITS#10067)
-- Sergio Durigan Junior <email address hidden> Mon, 31 Jul 2023 18:13:10 -0400
-
openldap (2.5.15+dfsg-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream version (LP: #2027079).
- Several fixes, including to asynchronous connections to the OpenLDAP
server.
-- Sergio Durigan Junior <email address hidden> Tue, 11 Jul 2023 15:26:41 -0400
-
openldap (2.5.14+dfsg-0ubuntu0.22.04.2) jammy; urgency=medium
* Build the passwd/sha2 contrib module with -fno-strict-aliasing to
avoid computing an incorrect SHA256 hash with some versions of the
compiler (LP: #2000817):
- d/t/{control,sha2-contrib}: test to verify the SHA256 hash
produced by passwd/sha2
- d/rules: set -fno-strict-aliasing only when building the
passwd/sha2 contrib module
-- Andreas Hasenack <email address hidden> Sun, 12 Mar 2023 14:11:53 -0300
-
openldap (2.5.14+dfsg-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream version (LP: #2007625).
- Several fixes, including memory leaks that affect slapd and
certain slapo modules.
-- Sergio Durigan Junior <email address hidden> Fri, 17 Feb 2023 16:12:43 -0500
-
openldap (2.5.13+dfsg-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream version (LP: #1983618).
- Several fixes, including memory leaks that affected libldap.
- Added slapo-emptyds contrib module (ITS#8882).
-- Sergio Durigan Junior <email address hidden> Fri, 05 Aug 2022 10:51:52 -0400
-
openldap (2.5.12+dfsg-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream version (LP: #1977627).
- Fixed slapd syncrepl handling of new sessions (ITS#9584)
- Fixed slapd-sql to properly escape filter value (ITS#9815)
(CVE-2022-29155)
[ Already included in 2.5.11+dfsg-1~exp1ubuntu3.1 ]
- More details about this release can be found at:
https://git.openldap.org/openldap/openldap/-/blob/2bda1fa98fbcedc6cd5995ea905427b8bef89f9d/CHANGES
* d/p/CVE-2022-29155.patch: Dropped patch; included in this new upstream
version.
-- Sergio Durigan Junior <email address hidden> Mon, 13 Jun 2022 13:19:52 -0400
-
openldap (2.5.11+dfsg-1~exp1ubuntu3.1) jammy-security; urgency=medium
* SECURITY UPDATE: SQL injection in experimental back-sql backend
- debian/patches/CVE-2022-29155.patch: escape filter values in
servers/slapd/back-sql/search.c.
- CVE-2022-29155
-- Marc Deslauriers <email address hidden> Thu, 12 May 2022 09:07:41 -0400
-
openldap (2.5.11+dfsg-1~exp1ubuntu3) jammy; urgency=medium
* No-change rebuild to update maintainer scripts, see LP: 1959054
-- Dave Jones <email address hidden> Wed, 16 Feb 2022 17:15:26 +0000
-
openldap (2.5.11+dfsg-1~exp1ubuntu2) jammy; urgency=medium
* No-change rebuild for the perl update.
-- Matthias Klose <email address hidden> Mon, 07 Feb 2022 07:51:42 +0100
-
openldap (2.5.11+dfsg-1~exp1ubuntu1) jammy; urgency=medium
* Merge with Debian unstable (LP: #1946883). Remaining changes:
- Enable AppArmor support:
+ d/apparmor-profile: add AppArmor profile
+ d/rules: use dh_apparmor
+ d/control: Build-Depends on dh-apparmor
+ d/slapd.README.Debian: add note about AppArmor
- Enable ufw support:
+ d/control: suggest ufw.
+ d/rules: install ufw profile.
+ d/slapd.ufw.profile: add ufw profile.
- d/{rules,slapd.py}: Add apport hook.
- d/rules: better regexp to match the Maintainer tag in d/control,
needed in the Ubuntu case because of XSBC-Original-Maintainer
(Closes #960448, LP #1875697)
-- Sergio Durigan Junior <email address hidden> Tue, 25 Jan 2022 17:06:12 -0500
-
openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium
* Merge with Debian unstable. Remaining changes:
- Enable AppArmor support:
+ d/apparmor-profile: add AppArmor profile
+ d/rules: use dh_apparmor
+ d/control: Build-Depends on dh-apparmor
+ d/slapd.README.Debian: add note about AppArmor
- Enable ufw support:
+ d/control: suggest ufw.
+ d/rules: install ufw profile.
+ d/slapd.ufw.profile: add ufw profile.
- d/{rules,slapd.py}: Add apport hook.
- d/rules: better regexp to match the Maintainer tag in d/control,
needed in the Ubuntu case because of XSBC-Original-Maintainer
(Closes #960448, LP #1875697)
-- Sergio Durigan Junior <email address hidden> Tue, 17 Aug 2021 14:06:00 -0400
