Ubuntu
openldap2.3 package

lp://staging/ubuntu/feisty-security/openldap2.3

Feisty (7.04)
feisty-security

Created by James Westby on 2009-07-09 and last modified on 2009-07-09

Get this branch:: bzr branch lp://staging/ubuntu/feisty-security/openldap2.3

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Development

Recent revisions

7. By Kees Cook on 2008-07-31: * SECURITY UPDATE: denial of service via broken BER decoding.
* Added debian/patches/security-ber-decoding.patch: upstream fixes.
* References
CVE-2008-2952
6. By Jamie Strandboge on 2008-03-04: * SECURITY UPDATE: slapd crash when using the bdb backend and processing
  crafted modify and modrdn requests
* debian/patches/SECURITY_CVE-2007-6698+CVE-2008-0658.patch: patch to
  back-bdb/add.c, back-bdb/ctxcsn.c, back-bdb/delete.c, back-bdb/modify.c,
  back-bdb/modrdn.c to properly check for NOOP option
* References:
  CVE-2007-6698
  CVE-2008-0658
  LP: #197077
5. By Jamie Strandboge on 2007-11-30: * SECURITY UPDATE: slapd crash when processing crafted modify requests
* debian/patches/SECURITY_CVE-2007-5707.patch: properly reset slap_mod_list
  when normalization fails in servers/slapd/modify.c
* SECURITY UPDATE: crash in slapd when running as a proxy-caching server
  using slapo-pcache
* debian/patches/SECURITY_CVE-2007-5708.patch: properly terminate array in
  servers/slapd/overlays/pcache.c
* References
  CVE-2007-5707
  CVE-2007-5708
  Fixes LP #162162
* Modify Maintainer value to match the DebianMaintainerField
  specification.
4. By Matthijs Mohlmann on 2006-12-12: Make sure that the pidfile directory doesn't exist in the init script.
(Closes: #402705)
3. By Matthijs Mohlmann on 2006-12-09: * New upstream release.
  - Fixed authzTo/authzFrom URL matching.
  - Fixed syncrepl consumer memory leaks.
  - Fixed slapd-hdb livelock.
  - Fixed slapo-ppolicy external quality check.
  - Fixed ldapsearch(1) man page acknowledgement.
* Added patch to make sure that the pidfile directory exists.
  (Closes: #390337)
* Do not ask the question allow ldap v2 logins when user wants manual
  configuration. (Closes: #401003)
* Add patch to look also in /etc/ldap/sasl2 for sasl configuration.
  (Closes: #398657)
* Removed db4.2-util recommend, the slapd binary includes checking code to
  fix DB errors.
* Updated README in schema directory. It doesn't list collective.schema
  anymore. (Closes: #287358)
* Updated manpages to point to right paths. (Closes: #398790)
2. By Matthijs Mohlmann on 2006-11-11: [ Matthijs Mohlmann ]
* New upstream release.
- Fixes Denial of Service through a certain combination of LDAP BIND
requests (CVE-2006-5779) (Closes: #397673)
* LSB section added to the init script.
* Updated README.Debian about running as non-root user (Closes: #389369)
* Updated de translation (Closes: #396096)
* Added some documentation / warning when running slapindex as root.
* Remove drafts and rfc from the tarball. (Closes: #393404)
1. By Matthijs Mohlmann on 2006-11-11: Import upstream version 2.3.29

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntuopenldap2.3 package