Ubuntu
openldap2.3 package

lp://staging/ubuntu/hardy-proposed/openldap2.3

  1. Hardy (8.04)
  2. hardy-proposed
Created by James Westby and last modified
Get this branch:
bzr branch lp://staging/ubuntu/hardy-proposed/openldap2.3
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Mature

Recent revisions

21. By Mathias Gug

debian/patches/gnutls-enable-v1-ca-certs: Enable V1 CA certs to be
trusted (LP: #305264).

20. By Chuck Short

[Chuck Short]
* debian/patches/fix-gnutls-key-strength.patch: fixes ssf matching key
  strength with gnutls 2.3. (LP: #244925)

[Jamie Strandboge]
* adjust apparmor profile to allow gssapi (LP: #229252)
* adjust apparmor profile to allow cnconfig (LP: #243525)

19. By Mathias Gug

* New upstream version: (LP: #237688)
  This verison fixes a number of bugs including syncrepl issues,
  assertion errors, and segmentation faults found in previous
  versions of openldap:
  http://www.openldap.org/software/release/changes.html.
  Dropped patches (included in the new upstream version):
   - debian/patches/entryCSN-backwards-compatibility (ITS #5348).
   - debian/patches/fix-notify-crasher.patch (ITS #5450).
   - debian/patches/libldap_r-link (ITS #4982).
   - debian/patches/sasl-cleartext-strncasecmp (ITS #5368).
   - debian/patches/slapd-tlsverifyclient-default (ITS #5360).
   - debian/patches/gnutls-ciphers patch (ITS #5341).
   - debian/patches/SECURITY_CVE-2008-0658.patch (#ITS 5358).
* debian/patches/fix-syncrepl-oops: Fixes assertion when using syncrepl.
  (LP: #227178)
* debian/patches/fix-assertion-io.patch,
  debian/patches/fix-dnpretty-assertion.patch:
  Add information about the related bugs these patches fix.

18. By Chuck Short

* debian/patches/fix-assertion-io.patch
  - Fix ber_flush2 assertion error. (LP: #215904)
* debian/patches/fix-dnpretty-assertion.patch
  - Fix dnPrettyNormal assertion error. (LP: #234196)

17. By Chuck Short

* debian/patches/fix-notify-crasher.patch
   - Fix modify timestamp crashes. (LP: #220724)

16. By Jamie Strandboge

remove apparmor-profile workaround for Launchpad #202161 (it's now fixed
in klibc)

15. By Jamie Strandboge

* apparmor-profile workaround for Launchpad #202161
* follow ApparmorProfileMigration and force apparmor complain mode on some
  upgrades (LP: #203529)
  - debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6
  - debian/slapd.dirs: add etc/apparmor.d/force-complain
  - debian/slapd.preinst: create symlink for force-complain/ on pre-feisty
    upgrades, upgrades where apparmor-profiles profile is unchanged (ie
    non-enforcing) and upgrades where apparmor profile does not exist
  - debian/slapd.postrm: remove symlink in force-complain/ on purge
* debian/rules, debian/slapd.links: use hard links to slapd instead of
  symlinks for slap* so these applications aren't confined by apparmor
  (LP: #203898)

14. By Steve Langasek

* Merge from Debian unstable, remaining changes:
  + debian/patches/SECURITY_CVE-2008-0658.patch (LP: #197077)
    slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39
    allows remote authenticated users to cause a denial of service (daemon
    crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION)
    control, a related issue to CVE-2007-6698.
  + debian/apparmor-profile: add AppArmor profile
  + debian/slapd.postinst: Reload AA profile on configuration
  + updated debian/slapd.README.Debian for note on AppArmor
  + debian/control: Replaces apparmor-profiles << 2.1+1075-0ubuntu4 as we
    should now take control
  + debian/control: Conflicts with apparmor-profiles << 2.1+1075-0ubuntu4
    to make sure that if earlier version of apparmor-profiles gets
    installed it won't overwrite our profile
  + Modify Maintainer value to match the DebianMaintainerField
    specification.

13. By Emanuele Gentili

* SECURITY UPDATE:
 + debian/patches/SECURITY_CVE-2008-0658.patch (LP: #197077)
   slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39
   allows remote authenticated users to cause a denial of service (daemon crash)
   via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related
   issue to CVE-2007-6698.

* References
 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0658
 - http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358

12. By Jamie Strandboge

* add AppArmor profile
  + debian/apparmor-profile
  + debian/slapd.postinst: Reload AA profile on configuration
* updated debian/slapd.README.Debian for note on AppArmor
* debian/control: Replaces apparmor-profiles << 2.1+1075-0ubuntu4 as we
  should now take control
* debian/control: Conflicts with apparmor-profiles << 2.1+1075-0ubuntu4
  to make sure that if earlier version of apparmor-profiles gets installed
  it won't overwrite our profile
* Modify Maintainer value to match the DebianMaintainerField
  specification.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.

Subscribers