Ubuntu
openldap package

lp://staging/ubuntu/lucid-security/openldap

  1. Lucid (10.04)
  2. lucid-security
Created by James Westby and last modified
Get this branch:
bzr branch lp://staging/ubuntu/lucid-security/openldap
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

28. By Jamie Strandboge

* SECURITY UPDATE: potential denial of service (LP: #884163)
  - debian/patches/CVE-2011-4079: fix off by one error in
    postalAddressNormalize()
  - CVE-2011-4079

27. By Jamie Strandboge

* SECURITY UPDATE: fix successful anonymous bind via chain overlay when
  using forwarded authentication failures
  - debian/patches/CVE-2011-1024
  - CVE-2011-1024
* SECURITY UPDATE: verify password when authenticating to rootdn and using ndb
  backend. Note: Ubuntu is not compiled with --enable-ndb by default
  - debian/patches/CVE-2011-1025
  - CVE-2011-1025
* SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests
  and requestDN is empty
  - debian/patches/CVE-2011-1081
  - CVE-2011-1081

26. By Steve Beattie

* SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
  - openldap-2.4.22-CVE-2010-0211-modrdn_check_error.patch:
    - check return for errors and clean up uninitialized data
  - openldap-2.4.22-CVE-2010-0212-modrdn_null_deref.patch:
    - return error on 0-length or binary RDNs
  - CVE-2010-0211, CVE-2010-0212

25. By Mathias Gug

Fix local root connection access: replace olcAuthzRegexp mapping to
cn=localroot,cn=config with using the SASL dn directly in olcAccess.
Makes upgrades much simpler and robust (LP: #563829).

24. By Scott Moser

[ Simon Olofsson ]
* debian/slapd.postinst:
  - Show a message after successful migration (LP: #538848)

[ Jorgen Rosink ]
* debian/slapd.init: add simple status checking with LSB compatible exit
  codes (LP: #562377)
* debian/slapd.init.ldif:
  - remove admin user in default config database (LP: #556176)
  - in default config, add olcAccess entries giving access to controls
    available and cn=subschema (LP: #427842)

[ Scott Moser ]
* debian/slapd.scripts-common: Do not create /nonexistent directory
   for openldap user's home (LP: #556176)
* debian/slapd.postinst: fix cn=config olcAccess migration (LP: #559070)

23. By Thierry Carrez

* debian/slapd.postinst, debian/slapd.scripts-common: Upgrade databases
  before trying to convert to slapd.d, to avoid upgrade failure from hardy
  (LP: #536958)
* debian/slapd.postinst: Add a {1} numeric index to olcAccess entry in
  olcDatabase={0}config.ldif to avoid upgrade failures (LP: #538516, #526230)

22. By Chuck Short

debian/apparmor-profile: Update apparmor profile. (LP: #508190)

21. By Mathias Gug

* New upstream release.
* debian/rules, debian/schema/extra/:
  Fix get-orig-source rule to supports extra schemas shipped as part of the
  debian/schema/ directory.

20. By Thierry Carrez

* debian/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
  - Add --with-gssapi support
  - Make guess_service_principal() more robust when determining principal
* Enable GSSAPI support (LP: #495418):
  - debian/configure.options: Configure with --with-gssapi
  - debian/control: Added libkrb5-dev as a build depend

19. By Mathias Gug

* New upstream release: (LP: #419515):
  + pcache overlay supports disconnected mode.
* Fix nss overlay load (LP: #417163).

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/maverick/openldap
This branch contains Public information 
Everyone can see this information.

Subscribers