[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
This bug was fixed in the package openldap - 2.5.11+dfsg-1~exp1ubuntu1 --- openldap (2.5.11+dfsg-1~exp1ubuntu1) jammy; urgency=medium * Merge with Debian unstable (LP: #1946883). Remaining changes: - Enable AppArmor support: + d/apparmor-profile: add AppArmor profile + d/rules: use dh_apparmor + d/control: Build-Depends on dh-apparmor + d/slapd.README.Debian: add note about AppArmor - Enable ufw support: + d/control: suggest ufw. + d/rules: install ufw profile. + d/slapd.ufw.profile: add ufw profile. - d/{rules,slapd.py}: Add apport hook. - d/rules: better regexp to match the Maintainer tag in d/control, needed in the Ubuntu case because of XSBC-Original-Maintainer (Closes #960448, LP #1875697) -- Sergio Durigan Junior Tue, 25 Jan 2022 17:06:12 -0500 ** Changed in: openldap (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1946883 Title: Merge openldap from Debian unstable for 22.04 Status in openldap package in Ubuntu: Fix Released Bug description: Upstream: 2.5.8 Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1 Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1 Debian experimental has 2.5.8+dfsg-1~exp1 ### New Debian Changes ### openldap (2.4.59+dfsg-1) unstable; urgency=medium * New upstream release. * Fix FTBFS with autoconf 2.71 (Closes: #993032): - Backport upstream changes to support Autoconf 2.69 instead of simply disabling automake in debian/rules. Fixes FTBFS due to autoreconf thinking files required by Automake are missing, even though Automake is not actually used. - Stop running autoreconf in contrib/ldapc++ since we don't build it. - Drop custom config.{guess,sub} handling. dh_update_autotools_config does the right thing for us. * Update Standards-Version to 4.6.0; no changes required. * Add a superficial autopkgtest for smbk5pwd. * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug (#866122) is fixed in all relevant suites by now. -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 openldap (2.4.57+dfsg-3) unstable; urgency=medium * Link smbk5pwd with -lkrb5. (Closes: #988565) -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 openldap (2.4.57+dfsg-2) unstable; urgency=medium * Fix slapd assertion failure in Certificate List Exact Assertion validation (ITS#9454) (CVE-2021-27212) -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 openldap (2.4.57+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd crashes in Certificate Exact Assertion processing (ITS#9404, ITS#9424) (CVE-2020-36221) - Fixed slapd assertion failures in saslAuthzTo validation (ITS#9406, ITS#9407) (CVE-2020-36222) - Fixed slapd crash in Values Return Filter control handling (ITS#9408) (CVE-2020-36223) - Fixed slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413) (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) - Fixed slapd assertion failure in X.509 DN parsing (ITS#9423) (CVE-2020-36230) - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) - Fixed slapd crash in Certificate List Exact Assertion processing (ITS#9427) (CVE-2020-36228) - Fixed slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227) -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 openldap (2.4.56+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd abort due to assertion failure in Certificate List syntax validation (ITS#9383) (CVE-2020-25709) - Fixed slapd abort due to assertion failure in CSN normalization with invalid input (ITS#9384) (CVE-2020-25710) -- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800 openldap (2.4.55+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd normalization handling with modrdn (ITS#9370) (CVE-2020-25692) -- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700 openldap (2.4.54+dfsg-1) unstable; urgency=medium * New upstream release. * Change upstream Homepage and get-orig-source URLs to HTTPS. * Create debian/gbp.conf. -- Ryan Tandy Sun, 18 Oct 2020 16:03:46 + openldap (2.4.53+dfsg-1) unstable; urgency=medium * New upstream release. -- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700 openldap (2.4.51+dfsg-1) unstable; urgency=medium * New upstream release. - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols. * Merge some changes from Ubuntu: - slapd.default, slapd.README.Debian: update to refer to slapd.d instead of slapd.conf. - debian/slapd.scripts-common: dump_databases: make slapcat_opts a l
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
** Changed in: openldap (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1946883 Title: Merge openldap from Debian unstable for 22.04 Status in openldap package in Ubuntu: In Progress Bug description: Upstream: 2.5.8 Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1 Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1 Debian experimental has 2.5.8+dfsg-1~exp1 ### New Debian Changes ### openldap (2.4.59+dfsg-1) unstable; urgency=medium * New upstream release. * Fix FTBFS with autoconf 2.71 (Closes: #993032): - Backport upstream changes to support Autoconf 2.69 instead of simply disabling automake in debian/rules. Fixes FTBFS due to autoreconf thinking files required by Automake are missing, even though Automake is not actually used. - Stop running autoreconf in contrib/ldapc++ since we don't build it. - Drop custom config.{guess,sub} handling. dh_update_autotools_config does the right thing for us. * Update Standards-Version to 4.6.0; no changes required. * Add a superficial autopkgtest for smbk5pwd. * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug (#866122) is fixed in all relevant suites by now. -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 openldap (2.4.57+dfsg-3) unstable; urgency=medium * Link smbk5pwd with -lkrb5. (Closes: #988565) -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 openldap (2.4.57+dfsg-2) unstable; urgency=medium * Fix slapd assertion failure in Certificate List Exact Assertion validation (ITS#9454) (CVE-2021-27212) -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 openldap (2.4.57+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd crashes in Certificate Exact Assertion processing (ITS#9404, ITS#9424) (CVE-2020-36221) - Fixed slapd assertion failures in saslAuthzTo validation (ITS#9406, ITS#9407) (CVE-2020-36222) - Fixed slapd crash in Values Return Filter control handling (ITS#9408) (CVE-2020-36223) - Fixed slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413) (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) - Fixed slapd assertion failure in X.509 DN parsing (ITS#9423) (CVE-2020-36230) - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) - Fixed slapd crash in Certificate List Exact Assertion processing (ITS#9427) (CVE-2020-36228) - Fixed slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227) -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 openldap (2.4.56+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd abort due to assertion failure in Certificate List syntax validation (ITS#9383) (CVE-2020-25709) - Fixed slapd abort due to assertion failure in CSN normalization with invalid input (ITS#9384) (CVE-2020-25710) -- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800 openldap (2.4.55+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd normalization handling with modrdn (ITS#9370) (CVE-2020-25692) -- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700 openldap (2.4.54+dfsg-1) unstable; urgency=medium * New upstream release. * Change upstream Homepage and get-orig-source URLs to HTTPS. * Create debian/gbp.conf. -- Ryan Tandy Sun, 18 Oct 2020 16:03:46 + openldap (2.4.53+dfsg-1) unstable; urgency=medium * New upstream release. -- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700 openldap (2.4.51+dfsg-1) unstable; urgency=medium * New upstream release. - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols. * Merge some changes from Ubuntu: - slapd.default, slapd.README.Debian: update to refer to slapd.d instead of slapd.conf. - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local variable. * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from slapd.README.Debian. The patch referred to was dropped in 2.4.7-6. * debian/patches/set-maintainer-name: Extract maintainer address dynamically from debian/control. (Closes: #960448) * Fix Torsten's email address in a historic debian/changelog entry to resolve a Lintian error (bogus-mail-host-in-debian-changelog). ### Old Ubuntu Delta ### openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium * Merge with Debian unstable. Remaining changes: - Enable AppArmor support: + d/apparmor-profile: add AppArmor profile + d/rules: use dh_apparmor + d/control: Build-Depends on dh-apparmor + d/slapd.README.Debian: add note about AppArmor - Enable ufw support: + d/control: s
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
Today, the OpenLDAP project announced that they're changing their release process in order to have LTS and Feature releases: https://lists.openldap.org/hyperkitty/list/openldap- annou...@openldap.org/thread/2QQNVWPUUG54JM7FGQHMMF3H4KS2PPKQ/ They've also announced that OpenLDAP 2.5 will be their first LTS release (5 years of support). With this in mind, Andreas and I briefly discussed and determined that, for Ubuntu Jammy (an LTS release), it makes sense to stick with OpenLDAP 2.5.x. Incidentally, OpenLDAP 2.5.11 has just been released and Ryan said he will work on updating the Debian OpenLDAP package soon. This means that I will be merging OpenLDAP 2.5.11 from Debian, instead of 2.6.1. There won't be a transition involved. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1946883 Title: Merge openldap from Debian unstable for 22.04 Status in openldap package in Ubuntu: New Bug description: Upstream: 2.5.8 Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1 Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1 Debian experimental has 2.5.8+dfsg-1~exp1 ### New Debian Changes ### openldap (2.4.59+dfsg-1) unstable; urgency=medium * New upstream release. * Fix FTBFS with autoconf 2.71 (Closes: #993032): - Backport upstream changes to support Autoconf 2.69 instead of simply disabling automake in debian/rules. Fixes FTBFS due to autoreconf thinking files required by Automake are missing, even though Automake is not actually used. - Stop running autoreconf in contrib/ldapc++ since we don't build it. - Drop custom config.{guess,sub} handling. dh_update_autotools_config does the right thing for us. * Update Standards-Version to 4.6.0; no changes required. * Add a superficial autopkgtest for smbk5pwd. * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug (#866122) is fixed in all relevant suites by now. -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 openldap (2.4.57+dfsg-3) unstable; urgency=medium * Link smbk5pwd with -lkrb5. (Closes: #988565) -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 openldap (2.4.57+dfsg-2) unstable; urgency=medium * Fix slapd assertion failure in Certificate List Exact Assertion validation (ITS#9454) (CVE-2021-27212) -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 openldap (2.4.57+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd crashes in Certificate Exact Assertion processing (ITS#9404, ITS#9424) (CVE-2020-36221) - Fixed slapd assertion failures in saslAuthzTo validation (ITS#9406, ITS#9407) (CVE-2020-36222) - Fixed slapd crash in Values Return Filter control handling (ITS#9408) (CVE-2020-36223) - Fixed slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413) (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) - Fixed slapd assertion failure in X.509 DN parsing (ITS#9423) (CVE-2020-36230) - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) - Fixed slapd crash in Certificate List Exact Assertion processing (ITS#9427) (CVE-2020-36228) - Fixed slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227) -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 openldap (2.4.56+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd abort due to assertion failure in Certificate List syntax validation (ITS#9383) (CVE-2020-25709) - Fixed slapd abort due to assertion failure in CSN normalization with invalid input (ITS#9384) (CVE-2020-25710) -- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800 openldap (2.4.55+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd normalization handling with modrdn (ITS#9370) (CVE-2020-25692) -- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700 openldap (2.4.54+dfsg-1) unstable; urgency=medium * New upstream release. * Change upstream Homepage and get-orig-source URLs to HTTPS. * Create debian/gbp.conf. -- Ryan Tandy Sun, 18 Oct 2020 16:03:46 + openldap (2.4.53+dfsg-1) unstable; urgency=medium * New upstream release. -- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700 openldap (2.4.51+dfsg-1) unstable; urgency=medium * New upstream release. - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols. * Merge some changes from Ubuntu: - slapd.default, slapd.README.Debian: update to refer to slapd.d instead of slapd.conf. - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local variable. * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from slapd.README.Debian. The patch referred to was dropped in 2.4.7-6. * debian/patches/set-
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
Upstream has announced a test call for OpenLDAP 2.6.1: https://lists.openldap.org/hyperkitty/list/openldap- techni...@openldap.org/thread/GT7JBMIC2EBBJACXTR2VANASZWIC25QE/ This means that the release is close. I've adjusted this bug's milestone to reflect the fact that I'm expecting the merge to happen next month. ** Changed in: openldap (Ubuntu) Milestone: ubuntu-22.01 => ubuntu-22.02 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1946883 Title: Merge openldap from Debian unstable for 22.04 Status in openldap package in Ubuntu: New Bug description: Upstream: 2.5.8 Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1 Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1 Debian experimental has 2.5.8+dfsg-1~exp1 ### New Debian Changes ### openldap (2.4.59+dfsg-1) unstable; urgency=medium * New upstream release. * Fix FTBFS with autoconf 2.71 (Closes: #993032): - Backport upstream changes to support Autoconf 2.69 instead of simply disabling automake in debian/rules. Fixes FTBFS due to autoreconf thinking files required by Automake are missing, even though Automake is not actually used. - Stop running autoreconf in contrib/ldapc++ since we don't build it. - Drop custom config.{guess,sub} handling. dh_update_autotools_config does the right thing for us. * Update Standards-Version to 4.6.0; no changes required. * Add a superficial autopkgtest for smbk5pwd. * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug (#866122) is fixed in all relevant suites by now. -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 openldap (2.4.57+dfsg-3) unstable; urgency=medium * Link smbk5pwd with -lkrb5. (Closes: #988565) -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 openldap (2.4.57+dfsg-2) unstable; urgency=medium * Fix slapd assertion failure in Certificate List Exact Assertion validation (ITS#9454) (CVE-2021-27212) -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 openldap (2.4.57+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd crashes in Certificate Exact Assertion processing (ITS#9404, ITS#9424) (CVE-2020-36221) - Fixed slapd assertion failures in saslAuthzTo validation (ITS#9406, ITS#9407) (CVE-2020-36222) - Fixed slapd crash in Values Return Filter control handling (ITS#9408) (CVE-2020-36223) - Fixed slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413) (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) - Fixed slapd assertion failure in X.509 DN parsing (ITS#9423) (CVE-2020-36230) - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) - Fixed slapd crash in Certificate List Exact Assertion processing (ITS#9427) (CVE-2020-36228) - Fixed slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227) -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 openldap (2.4.56+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd abort due to assertion failure in Certificate List syntax validation (ITS#9383) (CVE-2020-25709) - Fixed slapd abort due to assertion failure in CSN normalization with invalid input (ITS#9384) (CVE-2020-25710) -- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800 openldap (2.4.55+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd normalization handling with modrdn (ITS#9370) (CVE-2020-25692) -- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700 openldap (2.4.54+dfsg-1) unstable; urgency=medium * New upstream release. * Change upstream Homepage and get-orig-source URLs to HTTPS. * Create debian/gbp.conf. -- Ryan Tandy Sun, 18 Oct 2020 16:03:46 + openldap (2.4.53+dfsg-1) unstable; urgency=medium * New upstream release. -- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700 openldap (2.4.51+dfsg-1) unstable; urgency=medium * New upstream release. - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols. * Merge some changes from Ubuntu: - slapd.default, slapd.README.Debian: update to refer to slapd.d instead of slapd.conf. - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local variable. * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from slapd.README.Debian. The patch referred to was dropped in 2.4.7-6. * debian/patches/set-maintainer-name: Extract maintainer address dynamically from debian/control. (Closes: #960448) * Fix Torsten's email address in a historic debian/changelog entry to resolve a Lintian error (bogus-mail-host-in-debian-changelog). ### Old Ubuntu Delta ### openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium * M
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
OpenLDAP 2.6.0 has been released 2 weeks ago. FWIW, I talked to Ryan today and he told me that unfortunately there are some important regressions in this new release. This is the reason he hasn't uploaded 2.6 to experimental yet. There should be a new upstream release containing the fixes for these regressions soon (before EOY), and we should be able to upload it to Debian experimental by then. Although we're going to have to go through a new transition, I'm not expecting major problems to arise because the list of changes introduce in 2.6.x is relatively small: https://www.openldap.org/doc/admin26/guide.html#Changes%20Since%20Previous%20Release ** Changed in: openldap (Ubuntu) Milestone: ubuntu-21.12 => ubuntu-22.01 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1946883 Title: Merge openldap from Debian unstable for 22.04 Status in openldap package in Ubuntu: New Bug description: Upstream: 2.5.8 Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1 Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1 Debian experimental has 2.5.8+dfsg-1~exp1 ### New Debian Changes ### openldap (2.4.59+dfsg-1) unstable; urgency=medium * New upstream release. * Fix FTBFS with autoconf 2.71 (Closes: #993032): - Backport upstream changes to support Autoconf 2.69 instead of simply disabling automake in debian/rules. Fixes FTBFS due to autoreconf thinking files required by Automake are missing, even though Automake is not actually used. - Stop running autoreconf in contrib/ldapc++ since we don't build it. - Drop custom config.{guess,sub} handling. dh_update_autotools_config does the right thing for us. * Update Standards-Version to 4.6.0; no changes required. * Add a superficial autopkgtest for smbk5pwd. * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug (#866122) is fixed in all relevant suites by now. -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 openldap (2.4.57+dfsg-3) unstable; urgency=medium * Link smbk5pwd with -lkrb5. (Closes: #988565) -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 openldap (2.4.57+dfsg-2) unstable; urgency=medium * Fix slapd assertion failure in Certificate List Exact Assertion validation (ITS#9454) (CVE-2021-27212) -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 openldap (2.4.57+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd crashes in Certificate Exact Assertion processing (ITS#9404, ITS#9424) (CVE-2020-36221) - Fixed slapd assertion failures in saslAuthzTo validation (ITS#9406, ITS#9407) (CVE-2020-36222) - Fixed slapd crash in Values Return Filter control handling (ITS#9408) (CVE-2020-36223) - Fixed slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413) (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) - Fixed slapd assertion failure in X.509 DN parsing (ITS#9423) (CVE-2020-36230) - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) - Fixed slapd crash in Certificate List Exact Assertion processing (ITS#9427) (CVE-2020-36228) - Fixed slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227) -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 openldap (2.4.56+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd abort due to assertion failure in Certificate List syntax validation (ITS#9383) (CVE-2020-25709) - Fixed slapd abort due to assertion failure in CSN normalization with invalid input (ITS#9384) (CVE-2020-25710) -- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800 openldap (2.4.55+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd normalization handling with modrdn (ITS#9370) (CVE-2020-25692) -- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700 openldap (2.4.54+dfsg-1) unstable; urgency=medium * New upstream release. * Change upstream Homepage and get-orig-source URLs to HTTPS. * Create debian/gbp.conf. -- Ryan Tandy Sun, 18 Oct 2020 16:03:46 + openldap (2.4.53+dfsg-1) unstable; urgency=medium * New upstream release. -- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700 openldap (2.4.51+dfsg-1) unstable; urgency=medium * New upstream release. - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols. * Merge some changes from Ubuntu: - slapd.default, slapd.README.Debian: update to refer to slapd.d instead of slapd.conf. - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local variable. * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from slapd.README.Debian. The patch referred to was dropped in 2.4.7-6. * debian/patches/set-ma
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
** Description changed: - Scheduled-For: 22.12 - Upstream: tbd - Debian: 2.4.59+dfsg-12.5.7+dfsg-1~exp1 + Upstream: 2.5.8 + Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1 Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1 - - Debian new has 2.5.7+dfsg-1~exp1 - + Debian experimental has 2.5.8+dfsg-1~exp1 ### New Debian Changes ### openldap (2.4.59+dfsg-1) unstable; urgency=medium - * New upstream release. - * Fix FTBFS with autoconf 2.71 (Closes: #993032): - - Backport upstream changes to support Autoconf 2.69 instead of simply - disabling automake in debian/rules. Fixes FTBFS due to autoreconf - thinking files required by Automake are missing, even though Automake is - not actually used. - - Stop running autoreconf in contrib/ldapc++ since we don't build it. - - Drop custom config.{guess,sub} handling. dh_update_autotools_config does - the right thing for us. - * Update Standards-Version to 4.6.0; no changes required. - * Add a superficial autopkgtest for smbk5pwd. - * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug - (#866122) is fixed in all relevant suites by now. + * New upstream release. + * Fix FTBFS with autoconf 2.71 (Closes: #993032): + - Backport upstream changes to support Autoconf 2.69 instead of simply + disabling automake in debian/rules. Fixes FTBFS due to autoreconf + thinking files required by Automake are missing, even though Automake is + not actually used. + - Stop running autoreconf in contrib/ldapc++ since we don't build it. + - Drop custom config.{guess,sub} handling. dh_update_autotools_config does + the right thing for us. + * Update Standards-Version to 4.6.0; no changes required. + * Add a superficial autopkgtest for smbk5pwd. + * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug + (#866122) is fixed in all relevant suites by now. - -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 + -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 openldap (2.4.57+dfsg-3) unstable; urgency=medium - * Link smbk5pwd with -lkrb5. (Closes: #988565) + * Link smbk5pwd with -lkrb5. (Closes: #988565) - -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 + -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 openldap (2.4.57+dfsg-2) unstable; urgency=medium - * Fix slapd assertion failure in Certificate List Exact Assertion validation - (ITS#9454) (CVE-2021-27212) + * Fix slapd assertion failure in Certificate List Exact Assertion validation + (ITS#9454) (CVE-2021-27212) - -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 + -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 openldap (2.4.57+dfsg-1) unstable; urgency=medium - * New upstream release. - - Fixed slapd crashes in Certificate Exact Assertion processing - (ITS#9404, ITS#9424) (CVE-2020-36221) - - Fixed slapd assertion failures in saslAuthzTo validation - (ITS#9406, ITS#9407) (CVE-2020-36222) - - Fixed slapd crash in Values Return Filter control handling - (ITS#9408) (CVE-2020-36223) - - Fixed slapd crashes in saslAuthzTo processing - (ITS#9409, ITS#9412, ITS#9413) - (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) - - Fixed slapd assertion failure in X.509 DN parsing - (ITS#9423) (CVE-2020-36230) - - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) - - Fixed slapd crash in Certificate List Exact Assertion processing - (ITS#9427) (CVE-2020-36228) - - Fixed slapd infinite loop with Cancel operation - (ITS#9428) (CVE-2020-36227) + * New upstream release. + - Fixed slapd crashes in Certificate Exact Assertion processing + (ITS#9404, ITS#9424) (CVE-2020-36221) + - Fixed slapd assertion failures in saslAuthzTo validation + (ITS#9406, ITS#9407) (CVE-2020-36222) + - Fixed slapd crash in Values Return Filter control handling + (ITS#9408) (CVE-2020-36223) + - Fixed slapd crashes in saslAuthzTo processing + (ITS#9409, ITS#9412, ITS#9413) + (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) + - Fixed slapd assertion failure in X.509 DN parsing + (ITS#9423) (CVE-2020-36230) + - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) + - Fixed slapd crash in Certificate List Exact Assertion processing + (ITS#9427) (CVE-2020-36228) + - Fixed slapd infinite loop with Cancel operation + (ITS#9428) (CVE-2020-36227) - -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 + -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 openldap (2.4.56+dfsg-1) unstable; urgency=medium - * New upstream release. - - Fixed slapd abort due to assertion failure in Certificate List syntax - validation (ITS#9383) (CVE-2020-25709) - - Fixed slapd abort due to assertion failure in CSN normalization with - invalid input (ITS#9384) (CVE-2020-25710) + * New upstream release. + - Fixed slap
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
Absolutely, Ryan. The transition is something that I'm also planning to happen during the LTS cycle; I've even put January 20 as a tentative date to start the transition: https://discourse.ubuntu.com/t/jj-release-schedule/23906 Let's see how this goes. Thanks for the heads up, though; much appreciated. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1946883 Title: Merge openldap from Debian unstable for 22.04 Status in openldap package in Ubuntu: New Bug description: Scheduled-For: 22.12 Upstream: tbd Debian: 2.4.59+dfsg-12.5.7+dfsg-1~exp1 Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1 Debian new has 2.5.7+dfsg-1~exp1 ### New Debian Changes ### openldap (2.4.59+dfsg-1) unstable; urgency=medium * New upstream release. * Fix FTBFS with autoconf 2.71 (Closes: #993032): - Backport upstream changes to support Autoconf 2.69 instead of simply disabling automake in debian/rules. Fixes FTBFS due to autoreconf thinking files required by Automake are missing, even though Automake is not actually used. - Stop running autoreconf in contrib/ldapc++ since we don't build it. - Drop custom config.{guess,sub} handling. dh_update_autotools_config does the right thing for us. * Update Standards-Version to 4.6.0; no changes required. * Add a superficial autopkgtest for smbk5pwd. * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug (#866122) is fixed in all relevant suites by now. -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 openldap (2.4.57+dfsg-3) unstable; urgency=medium * Link smbk5pwd with -lkrb5. (Closes: #988565) -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 openldap (2.4.57+dfsg-2) unstable; urgency=medium * Fix slapd assertion failure in Certificate List Exact Assertion validation (ITS#9454) (CVE-2021-27212) -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 openldap (2.4.57+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd crashes in Certificate Exact Assertion processing (ITS#9404, ITS#9424) (CVE-2020-36221) - Fixed slapd assertion failures in saslAuthzTo validation (ITS#9406, ITS#9407) (CVE-2020-36222) - Fixed slapd crash in Values Return Filter control handling (ITS#9408) (CVE-2020-36223) - Fixed slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413) (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) - Fixed slapd assertion failure in X.509 DN parsing (ITS#9423) (CVE-2020-36230) - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) - Fixed slapd crash in Certificate List Exact Assertion processing (ITS#9427) (CVE-2020-36228) - Fixed slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227) -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 openldap (2.4.56+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd abort due to assertion failure in Certificate List syntax validation (ITS#9383) (CVE-2020-25709) - Fixed slapd abort due to assertion failure in CSN normalization with invalid input (ITS#9384) (CVE-2020-25710) -- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800 openldap (2.4.55+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd normalization handling with modrdn (ITS#9370) (CVE-2020-25692) -- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700 openldap (2.4.54+dfsg-1) unstable; urgency=medium * New upstream release. * Change upstream Homepage and get-orig-source URLs to HTTPS. * Create debian/gbp.conf. -- Ryan Tandy Sun, 18 Oct 2020 16:03:46 + openldap (2.4.53+dfsg-1) unstable; urgency=medium * New upstream release. -- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700 openldap (2.4.51+dfsg-1) unstable; urgency=medium * New upstream release. - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols. * Merge some changes from Ubuntu: - slapd.default, slapd.README.Debian: update to refer to slapd.d instead of slapd.conf. - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local variable. * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from slapd.README.Debian. The patch referred to was dropped in 2.4.7-6. * debian/patches/set-maintainer-name: Extract maintainer address dynamically from debian/control. (Closes: #960448) * Fix Torsten's email address in a historic debian/changelog entry to resolve a Lintian error (bogus-mail-host-in-debian-changelog). ### Old Ubuntu Delta ### openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium * Merge with Debian unstable. Remaining changes: - Enable AppArmor su
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
** Changed in: openldap (Ubuntu) Assignee: (unassigned) => Sergio Durigan Junior (sergiodj) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1946883 Title: Merge openldap from Debian unstable for 22.04 Status in openldap package in Ubuntu: New Bug description: Scheduled-For: 22.12 Upstream: tbd Debian: 2.4.59+dfsg-12.5.7+dfsg-1~exp1 Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1 Debian new has 2.5.7+dfsg-1~exp1 ### New Debian Changes ### openldap (2.4.59+dfsg-1) unstable; urgency=medium * New upstream release. * Fix FTBFS with autoconf 2.71 (Closes: #993032): - Backport upstream changes to support Autoconf 2.69 instead of simply disabling automake in debian/rules. Fixes FTBFS due to autoreconf thinking files required by Automake are missing, even though Automake is not actually used. - Stop running autoreconf in contrib/ldapc++ since we don't build it. - Drop custom config.{guess,sub} handling. dh_update_autotools_config does the right thing for us. * Update Standards-Version to 4.6.0; no changes required. * Add a superficial autopkgtest for smbk5pwd. * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug (#866122) is fixed in all relevant suites by now. -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 openldap (2.4.57+dfsg-3) unstable; urgency=medium * Link smbk5pwd with -lkrb5. (Closes: #988565) -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 openldap (2.4.57+dfsg-2) unstable; urgency=medium * Fix slapd assertion failure in Certificate List Exact Assertion validation (ITS#9454) (CVE-2021-27212) -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 openldap (2.4.57+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd crashes in Certificate Exact Assertion processing (ITS#9404, ITS#9424) (CVE-2020-36221) - Fixed slapd assertion failures in saslAuthzTo validation (ITS#9406, ITS#9407) (CVE-2020-36222) - Fixed slapd crash in Values Return Filter control handling (ITS#9408) (CVE-2020-36223) - Fixed slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413) (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) - Fixed slapd assertion failure in X.509 DN parsing (ITS#9423) (CVE-2020-36230) - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) - Fixed slapd crash in Certificate List Exact Assertion processing (ITS#9427) (CVE-2020-36228) - Fixed slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227) -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 openldap (2.4.56+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd abort due to assertion failure in Certificate List syntax validation (ITS#9383) (CVE-2020-25709) - Fixed slapd abort due to assertion failure in CSN normalization with invalid input (ITS#9384) (CVE-2020-25710) -- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800 openldap (2.4.55+dfsg-1) unstable; urgency=medium * New upstream release. - Fixed slapd normalization handling with modrdn (ITS#9370) (CVE-2020-25692) -- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700 openldap (2.4.54+dfsg-1) unstable; urgency=medium * New upstream release. * Change upstream Homepage and get-orig-source URLs to HTTPS. * Create debian/gbp.conf. -- Ryan Tandy Sun, 18 Oct 2020 16:03:46 + openldap (2.4.53+dfsg-1) unstable; urgency=medium * New upstream release. -- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700 openldap (2.4.51+dfsg-1) unstable; urgency=medium * New upstream release. - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols. * Merge some changes from Ubuntu: - slapd.default, slapd.README.Debian: update to refer to slapd.d instead of slapd.conf. - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local variable. * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from slapd.README.Debian. The patch referred to was dropped in 2.4.7-6. * debian/patches/set-maintainer-name: Extract maintainer address dynamically from debian/control. (Closes: #960448) * Fix Torsten's email address in a historic debian/changelog entry to resolve a Lintian error (bogus-mail-host-in-debian-changelog). ### Old Ubuntu Delta ### openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium * Merge with Debian unstable. Remaining changes: - Enable AppArmor support: + d/apparmor-profile: add AppArmor profile + d/rules: use dh_apparmor + d/control: Build-Depends on dh-apparmor + d/slapd.README.Debian: add note about AppArmor - Ena