-
openldap (2.4.44+dfsg-3ubuntu2.1) zesty-security; urgency=medium
* SECURITY UPDATE: denial of service via search with page size of 0
- debian/patches/CVE-2017-9287.patch: fix double-free in
servers/slapd/back-mdb/search.c.
- CVE-2017-9287
-- Marc Deslauriers <email address hidden> Tue, 30 May 2017 15:18:41 -0400
-
openldap (2.4.44+dfsg-3ubuntu2) zesty; urgency=medium
* d/rules: Fix typo in previous upload.
-- Nishanth Aravamudan <email address hidden> Fri, 10 Feb 2017 12:17:02 -0800
-
openldap (2.4.44+dfsg-3ubuntu1) zesty; urgency=medium
* Merge with Debian unstable (LP: #1663702, LP: #1654416). Remaining
changes
- Enable AppArmor support:
- d/apparmor-profile: add AppArmor profile
- d/rules: use dh_apparmor
- d/control: Build-Depends on dh-apparmor
- d/slapd.README.Debian: add note about AppArmor
- Enable GSSAPI support:
- d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
principal
- d/configure.options: Configure with --with-gssapi
- d/control: Added heimdal-dev as a build depend
- d/rules:
- Explicitly add -I/usr/include/heimdal to CFLAGS.
- Explicitly add -I/usr/lib/<multiarch>/heimdal to LDFLAGS.
- Enable ufw support:
- d/control: suggest ufw.
- d/rules: install ufw profile.
- d/slapd.ufw.profile: add ufw profile.
- Enable nss overlay:
- d/{patches/nssov-build,rules}: Apply, build and package the
nss overlay.
- d/{rules,slapd.py}: Add apport hook.
[ d/rules modification mentioned above was dropped in
2.4.23-6ubuntu1, re-adding it ]
- d/slapd.init.ldif: don't set olcRootDN since it's not defined in
either the default DIT nor via an Authn mapping.
- d/slapd.scripts-common:
- add slapcat_opts to local variables.
- Fix backup directory naming for multiple reconfiguration.
- d/{slapd.default,slapd.README.Debian}: use the new configuration style.
- d/rules: Enable -DLDAP_CONNECTIONLESS to build CLDAP (UDP) support
in the openldap library, as required by Likewise-Open
- Show distribution in version:
- d/control: added lsb-release
- d/patches/fix-ldap-distribution.patch: show distribution in version
[ Refreshed patch ]
- d/libldap-2.4-2.symbols: Add symbols not present in Debian.
- CLDAP (UDP) was added in 2.4.17-1ubuntu2
- GSSAPI support was enabled in 2.4.18-0ubuntu2
[ undocumented in prior merge, added in 2.4.41+dfsg-1ubuntu1 ]
- Fix use after free with GnuTLS. (LP #1557248)
* Drop:
- d/slapd.scripts-common:
+ Remove unused variable new_conf.
[ configure_v2_protocol_support function removed in 2.4.44+dfsg-1 ]
- d/b/config.log: add config.log
[ previously undocumented, stray change ]
-- Nishanth Aravamudan <email address hidden> Fri, 10 Feb 2017 11:38:57 -0800
-
openldap (2.4.42+dfsg-2ubuntu5) zesty; urgency=medium
* No-change rebuild for perl 5.24 transition
-- Iain Lane <email address hidden> Mon, 24 Oct 2016 10:37:13 +0100
-
openldap (2.4.42+dfsg-2ubuntu4) yakkety; urgency=medium
* Fix use after free with GnuTLS. (LP: #1557248)
-- Maciej Puzio <email address hidden> Fri, 25 Mar 2016 15:24:25 -0500