[Bug 1461276] Re: off-by-one in LDIF length
This bug was fixed in the package openldap - 2.4.41+dfsg-1ubuntu1
---
openldap (2.4.41+dfsg-1ubuntu1) wily; urgency=medium
* Merge from Debian testing (LP: #1471831). Remaining changes:
- Enable AppArmor support:
- d/apparmor-profile: add AppArmor profile
- d/rules: use dh_apparmor
- d/control: Build-Depends on dh-apparmor
- d/slapd.README.Debian: add note about AppArmor
- Enable GSSAPI support:
- d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
principal
- d/configure.options: Configure with --with-gssapi
- d/control: Added heimdal-dev as a build depend
- Enable ufw support:
- d/control: suggest ufw.
- d/rules: install ufw profile.
- d/slapd.ufw.profile: add ufw profile.
- Enable nss overlay:
- d/{patches/nssov-build,rules}: Apply, build and package the
nss overlay.
- d/{rules,slapd.py}: Add apport hook.
- d/slapd.init.ldif: don't set olcRootDN since it's not defined in
either the default DIT nor via an Authn mapping.
- d/slapd.scripts-common:
- add slapcat_opts to local variables.
- Remove unused variable new_conf.
- Fix backup directory naming for multiple reconfiguration.
- d/{slapd.default,slapd.README.Debian}: use the new configuration style.
- d/rules: Enable -DLDAP_CONNECTIONLESS to build CLDAP (UDP) support
in the openldap library, as required by Likewise-Open
- Show distribution in version:
- d/control: added lsb-release
- d/patches/fix-ldap-distribution.patch: show distribution in version
* Dropped changes:
- Fix cpp calls for GCC 5: fixed upstream (ITS#8056)
* Upstream fixes:
- slapd crash with auditlog overlay and large (~27KB) attribute values
(ITS#8003) (LP: #1461276)
- nssov updated to support recent nss-pam-ldapd client libraries
(ITS#8097) (LP: #1393306)
* Update d/patches/nssov-build for upstream changes.
* Tweak d/patches/gssapi.diff to apply without fuzz.
* d/libldap-2.4-2.symbols: Add symbols not present in Debian.
- CLDAP (UDP) was added in 2.4.17-1ubuntu2
- GSSAPI support was enabled in 2.4.18-0ubuntu2
-- Ryan Tandy r...@nardis.ca Fri, 24 Jul 2015 14:12:06 -0700
** Changed in: openldap (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1461276
Title:
off-by-one in LDIF length
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1461276] Re: off-by-one in LDIF length
This bug was fixed in the package openldap - 2.4.41+dfsg-1ubuntu1
---
openldap (2.4.41+dfsg-1ubuntu1) wily; urgency=medium
* Merge from Debian testing (LP: #1471831). Remaining changes:
- Enable AppArmor support:
- d/apparmor-profile: add AppArmor profile
- d/rules: use dh_apparmor
- d/control: Build-Depends on dh-apparmor
- d/slapd.README.Debian: add note about AppArmor
- Enable GSSAPI support:
- d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
principal
- d/configure.options: Configure with --with-gssapi
- d/control: Added heimdal-dev as a build depend
- Enable ufw support:
- d/control: suggest ufw.
- d/rules: install ufw profile.
- d/slapd.ufw.profile: add ufw profile.
- Enable nss overlay:
- d/{patches/nssov-build,rules}: Apply, build and package the
nss overlay.
- d/{rules,slapd.py}: Add apport hook.
- d/slapd.init.ldif: don't set olcRootDN since it's not defined in
either the default DIT nor via an Authn mapping.
- d/slapd.scripts-common:
- add slapcat_opts to local variables.
- Remove unused variable new_conf.
- Fix backup directory naming for multiple reconfiguration.
- d/{slapd.default,slapd.README.Debian}: use the new configuration style.
- d/rules: Enable -DLDAP_CONNECTIONLESS to build CLDAP (UDP) support
in the openldap library, as required by Likewise-Open
- Show distribution in version:
- d/control: added lsb-release
- d/patches/fix-ldap-distribution.patch: show distribution in version
* Dropped changes:
- Fix cpp calls for GCC 5: fixed upstream (ITS#8056)
* Upstream fixes:
- slapd crash with auditlog overlay and large (~27KB) attribute values
(ITS#8003) (LP: #1461276)
- nssov updated to support recent nss-pam-ldapd client libraries
(ITS#8097) (LP: #1393306)
* Update d/patches/nssov-build for upstream changes.
* Tweak d/patches/gssapi.diff to apply without fuzz.
* d/libldap-2.4-2.symbols: Add symbols not present in Debian.
- CLDAP (UDP) was added in 2.4.17-1ubuntu2
- GSSAPI support was enabled in 2.4.18-0ubuntu2
-- Ryan Tandy r...@nardis.ca Fri, 24 Jul 2015 14:12:06 -0700
** Changed in: openldap (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1461276
Title:
off-by-one in LDIF length
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1461276] Re: off-by-one in LDIF length
This bug can be closed out now in favor of just building a new package for 2.4.41, since that release is now available and includes the fix: http://www.openldap.org/software/release/changes.html -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1461276 Title: off-by-one in LDIF length To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1461276] Re: off-by-one in LDIF length
This bug can be closed out now in favor of just building a new package for 2.4.41, since that release is now available and includes the fix: http://www.openldap.org/software/release/changes.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1461276 Title: off-by-one in LDIF length To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1461276] Re: off-by-one in LDIF length
Any response on this? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1461276 Title: off-by-one in LDIF length To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1461276] Re: off-by-one in LDIF length
Any response on this? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1461276 Title: off-by-one in LDIF length To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1461276] Re: off-by-one in LDIF length
Thank you for taking the time to report this bug and helping to make Ubuntu better. Which upstream releases are affected, please? Is it just 2.4.40, and thus just Wily? Or are 2.4.28 and/or 2.4.31 affected as well? ** Summary changed: - Requesting ITS#8003 inclusion in 2.4.40 package + off-by-one in LDIF length ** Changed in: openldap (Ubuntu) Importance: Undecided = High -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1461276 Title: off-by-one in LDIF length To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1461276] Re: off-by-one in LDIF length
Thank you for taking the time to report this bug and helping to make Ubuntu better. Which upstream releases are affected, please? Is it just 2.4.40, and thus just Wily? Or are 2.4.28 and/or 2.4.31 affected as well? ** Summary changed: - Requesting ITS#8003 inclusion in 2.4.40 package + off-by-one in LDIF length ** Changed in: openldap (Ubuntu) Importance: Undecided = High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1461276 Title: off-by-one in LDIF length To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1461276] Re: off-by-one in LDIF length
I have run both 2.4.31 and 2.4.40 for a few days, and have only experienced this type of slapd crash with 2.4.40. That by itself isn't conclusive though, since memory corruption errors can be sensitive in how they manifest. Looking at the code briefly, I see that the same off- by-one error in include/ldif.h is present in the 2.4.31 code (as well as 2.4.28), so the potential for the bug to be expressed is likely there in the earlier versions as well. I hedge with likely because it seems that there have been many changes made to this part of the code recently, and I've seen that just reading it briefly can be misleading when drawing firm conclusions. The most conservative approach would be just to patch 2.4.40 for now, unless/until people report this bug in earlier versions. A more aggressive approach would be to patch 2.4.31 and 2.4.28 and wait for people to report other things breaking in the earlier versions. As an aside -- I'm actually building/running the 2.4.40 package on 14.04, not on Wily -- and I have verified that adding the patch to the package build fixes the bug. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1461276 Title: off-by-one in LDIF length To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1461276] Re: off-by-one in LDIF length
I have run both 2.4.31 and 2.4.40 for a few days, and have only experienced this type of slapd crash with 2.4.40. That by itself isn't conclusive though, since memory corruption errors can be sensitive in how they manifest. Looking at the code briefly, I see that the same off- by-one error in include/ldif.h is present in the 2.4.31 code (as well as 2.4.28), so the potential for the bug to be expressed is likely there in the earlier versions as well. I hedge with likely because it seems that there have been many changes made to this part of the code recently, and I've seen that just reading it briefly can be misleading when drawing firm conclusions. The most conservative approach would be just to patch 2.4.40 for now, unless/until people report this bug in earlier versions. A more aggressive approach would be to patch 2.4.31 and 2.4.28 and wait for people to report other things breaking in the earlier versions. As an aside -- I'm actually building/running the 2.4.40 package on 14.04, not on Wily -- and I have verified that adding the patch to the package build fixes the bug. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1461276 Title: off-by-one in LDIF length To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1461276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
