[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
This bug was fixed in the package openldap - 2.5.11+dfsg-1~exp1ubuntu1
---
openldap (2.5.11+dfsg-1~exp1ubuntu1) jammy; urgency=medium
* Merge with Debian unstable (LP: #1946883). Remaining changes:
- Enable AppArmor support:
+ d/apparmor-profile: add AppArmor profile
+ d/rules: use dh_apparmor
+ d/control: Build-Depends on dh-apparmor
+ d/slapd.README.Debian: add note about AppArmor
- Enable ufw support:
+ d/control: suggest ufw.
+ d/rules: install ufw profile.
+ d/slapd.ufw.profile: add ufw profile.
- d/{rules,slapd.py}: Add apport hook.
- d/rules: better regexp to match the Maintainer tag in d/control,
needed in the Ubuntu case because of XSBC-Original-Maintainer
(Closes #960448, LP #1875697)
-- Sergio Durigan Junior Tue, 25 Jan
2022 17:06:12 -0500
** Changed in: openldap (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1946883
Title:
Merge openldap from Debian unstable for 22.04
Status in openldap package in Ubuntu:
Fix Released
Bug description:
Upstream: 2.5.8
Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1
Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1
Debian experimental has 2.5.8+dfsg-1~exp1
### New Debian Changes ###
openldap (2.4.59+dfsg-1) unstable; urgency=medium
* New upstream release.
* Fix FTBFS with autoconf 2.71 (Closes: #993032):
- Backport upstream changes to support Autoconf 2.69 instead of simply
disabling automake in debian/rules. Fixes FTBFS due to autoreconf
thinking files required by Automake are missing, even though Automake is
not actually used.
- Stop running autoreconf in contrib/ldapc++ since we don't build it.
- Drop custom config.{guess,sub} handling. dh_update_autotools_config does
the right thing for us.
* Update Standards-Version to 4.6.0; no changes required.
* Add a superficial autopkgtest for smbk5pwd.
* Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
(#866122) is fixed in all relevant suites by now.
-- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700
openldap (2.4.57+dfsg-3) unstable; urgency=medium
* Link smbk5pwd with -lkrb5. (Closes: #988565)
-- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700
openldap (2.4.57+dfsg-2) unstable; urgency=medium
* Fix slapd assertion failure in Certificate List Exact Assertion validation
(ITS#9454) (CVE-2021-27212)
-- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800
openldap (2.4.57+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd crashes in Certificate Exact Assertion processing
(ITS#9404, ITS#9424) (CVE-2020-36221)
- Fixed slapd assertion failures in saslAuthzTo validation
(ITS#9406, ITS#9407) (CVE-2020-36222)
- Fixed slapd crash in Values Return Filter control handling
(ITS#9408) (CVE-2020-36223)
- Fixed slapd crashes in saslAuthzTo processing
(ITS#9409, ITS#9412, ITS#9413)
(CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
- Fixed slapd assertion failure in X.509 DN parsing
(ITS#9423) (CVE-2020-36230)
- Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
- Fixed slapd crash in Certificate List Exact Assertion processing
(ITS#9427) (CVE-2020-36228)
- Fixed slapd infinite loop with Cancel operation
(ITS#9428) (CVE-2020-36227)
-- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800
openldap (2.4.56+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd abort due to assertion failure in Certificate List syntax
validation (ITS#9383) (CVE-2020-25709)
- Fixed slapd abort due to assertion failure in CSN normalization with
invalid input (ITS#9384) (CVE-2020-25710)
-- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800
openldap (2.4.55+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd normalization handling with modrdn
(ITS#9370) (CVE-2020-25692)
-- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700
openldap (2.4.54+dfsg-1) unstable; urgency=medium
* New upstream release.
* Change upstream Homepage and get-orig-source URLs to HTTPS.
* Create debian/gbp.conf.
-- Ryan Tandy Sun, 18 Oct 2020 16:03:46 +
openldap (2.4.53+dfsg-1) unstable; urgency=medium
* New upstream release.
-- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700
openldap (2.4.51+dfsg-1) unstable; urgency=medium
* New upstream release.
- Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
* Merge some changes from Ubuntu:
- slapd.default, slapd.README.Debian: update to refer to slapd.d instead
of slapd.conf.
- debian/slapd.scripts-common: dump_databases: make slapcat_opts a
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
** Changed in: openldap (Ubuntu)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1946883
Title:
Merge openldap from Debian unstable for 22.04
Status in openldap package in Ubuntu:
In Progress
Bug description:
Upstream: 2.5.8
Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1
Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1
Debian experimental has 2.5.8+dfsg-1~exp1
### New Debian Changes ###
openldap (2.4.59+dfsg-1) unstable; urgency=medium
* New upstream release.
* Fix FTBFS with autoconf 2.71 (Closes: #993032):
- Backport upstream changes to support Autoconf 2.69 instead of simply
disabling automake in debian/rules. Fixes FTBFS due to autoreconf
thinking files required by Automake are missing, even though Automake is
not actually used.
- Stop running autoreconf in contrib/ldapc++ since we don't build it.
- Drop custom config.{guess,sub} handling. dh_update_autotools_config does
the right thing for us.
* Update Standards-Version to 4.6.0; no changes required.
* Add a superficial autopkgtest for smbk5pwd.
* Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
(#866122) is fixed in all relevant suites by now.
-- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700
openldap (2.4.57+dfsg-3) unstable; urgency=medium
* Link smbk5pwd with -lkrb5. (Closes: #988565)
-- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700
openldap (2.4.57+dfsg-2) unstable; urgency=medium
* Fix slapd assertion failure in Certificate List Exact Assertion validation
(ITS#9454) (CVE-2021-27212)
-- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800
openldap (2.4.57+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd crashes in Certificate Exact Assertion processing
(ITS#9404, ITS#9424) (CVE-2020-36221)
- Fixed slapd assertion failures in saslAuthzTo validation
(ITS#9406, ITS#9407) (CVE-2020-36222)
- Fixed slapd crash in Values Return Filter control handling
(ITS#9408) (CVE-2020-36223)
- Fixed slapd crashes in saslAuthzTo processing
(ITS#9409, ITS#9412, ITS#9413)
(CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
- Fixed slapd assertion failure in X.509 DN parsing
(ITS#9423) (CVE-2020-36230)
- Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
- Fixed slapd crash in Certificate List Exact Assertion processing
(ITS#9427) (CVE-2020-36228)
- Fixed slapd infinite loop with Cancel operation
(ITS#9428) (CVE-2020-36227)
-- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800
openldap (2.4.56+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd abort due to assertion failure in Certificate List syntax
validation (ITS#9383) (CVE-2020-25709)
- Fixed slapd abort due to assertion failure in CSN normalization with
invalid input (ITS#9384) (CVE-2020-25710)
-- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800
openldap (2.4.55+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd normalization handling with modrdn
(ITS#9370) (CVE-2020-25692)
-- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700
openldap (2.4.54+dfsg-1) unstable; urgency=medium
* New upstream release.
* Change upstream Homepage and get-orig-source URLs to HTTPS.
* Create debian/gbp.conf.
-- Ryan Tandy Sun, 18 Oct 2020 16:03:46 +
openldap (2.4.53+dfsg-1) unstable; urgency=medium
* New upstream release.
-- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700
openldap (2.4.51+dfsg-1) unstable; urgency=medium
* New upstream release.
- Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
* Merge some changes from Ubuntu:
- slapd.default, slapd.README.Debian: update to refer to slapd.d instead
of slapd.conf.
- debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
variable.
* Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
* debian/patches/set-maintainer-name: Extract maintainer address dynamically
from debian/control. (Closes: #960448)
* Fix Torsten's email address in a historic debian/changelog entry to
resolve a Lintian error (bogus-mail-host-in-debian-changelog).
### Old Ubuntu Delta ###
openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium
* Merge with Debian unstable. Remaining changes:
- Enable AppArmor support:
+ d/apparmor-profile: add AppArmor profile
+ d/rules: use dh_apparmor
+ d/control: Build-Depends on dh-apparmor
+ d/slapd.README.Debian: add note about AppArmor
- Enable ufw support:
+ d/control:
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
Today, the OpenLDAP project announced that they're changing their
release process in order to have LTS and Feature releases:
https://lists.openldap.org/hyperkitty/list/openldap-
annou...@openldap.org/thread/2QQNVWPUUG54JM7FGQHMMF3H4KS2PPKQ/
They've also announced that OpenLDAP 2.5 will be their first LTS release
(5 years of support).
With this in mind, Andreas and I briefly discussed and determined that,
for Ubuntu Jammy (an LTS release), it makes sense to stick with OpenLDAP
2.5.x. Incidentally, OpenLDAP 2.5.11 has just been released and Ryan
said he will work on updating the Debian OpenLDAP package soon.
This means that I will be merging OpenLDAP 2.5.11 from Debian, instead
of 2.6.1. There won't be a transition involved.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1946883
Title:
Merge openldap from Debian unstable for 22.04
Status in openldap package in Ubuntu:
New
Bug description:
Upstream: 2.5.8
Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1
Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1
Debian experimental has 2.5.8+dfsg-1~exp1
### New Debian Changes ###
openldap (2.4.59+dfsg-1) unstable; urgency=medium
* New upstream release.
* Fix FTBFS with autoconf 2.71 (Closes: #993032):
- Backport upstream changes to support Autoconf 2.69 instead of simply
disabling automake in debian/rules. Fixes FTBFS due to autoreconf
thinking files required by Automake are missing, even though Automake is
not actually used.
- Stop running autoreconf in contrib/ldapc++ since we don't build it.
- Drop custom config.{guess,sub} handling. dh_update_autotools_config does
the right thing for us.
* Update Standards-Version to 4.6.0; no changes required.
* Add a superficial autopkgtest for smbk5pwd.
* Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
(#866122) is fixed in all relevant suites by now.
-- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700
openldap (2.4.57+dfsg-3) unstable; urgency=medium
* Link smbk5pwd with -lkrb5. (Closes: #988565)
-- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700
openldap (2.4.57+dfsg-2) unstable; urgency=medium
* Fix slapd assertion failure in Certificate List Exact Assertion validation
(ITS#9454) (CVE-2021-27212)
-- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800
openldap (2.4.57+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd crashes in Certificate Exact Assertion processing
(ITS#9404, ITS#9424) (CVE-2020-36221)
- Fixed slapd assertion failures in saslAuthzTo validation
(ITS#9406, ITS#9407) (CVE-2020-36222)
- Fixed slapd crash in Values Return Filter control handling
(ITS#9408) (CVE-2020-36223)
- Fixed slapd crashes in saslAuthzTo processing
(ITS#9409, ITS#9412, ITS#9413)
(CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
- Fixed slapd assertion failure in X.509 DN parsing
(ITS#9423) (CVE-2020-36230)
- Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
- Fixed slapd crash in Certificate List Exact Assertion processing
(ITS#9427) (CVE-2020-36228)
- Fixed slapd infinite loop with Cancel operation
(ITS#9428) (CVE-2020-36227)
-- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800
openldap (2.4.56+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd abort due to assertion failure in Certificate List syntax
validation (ITS#9383) (CVE-2020-25709)
- Fixed slapd abort due to assertion failure in CSN normalization with
invalid input (ITS#9384) (CVE-2020-25710)
-- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800
openldap (2.4.55+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd normalization handling with modrdn
(ITS#9370) (CVE-2020-25692)
-- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700
openldap (2.4.54+dfsg-1) unstable; urgency=medium
* New upstream release.
* Change upstream Homepage and get-orig-source URLs to HTTPS.
* Create debian/gbp.conf.
-- Ryan Tandy Sun, 18 Oct 2020 16:03:46 +
openldap (2.4.53+dfsg-1) unstable; urgency=medium
* New upstream release.
-- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700
openldap (2.4.51+dfsg-1) unstable; urgency=medium
* New upstream release.
- Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
* Merge some changes from Ubuntu:
- slapd.default, slapd.README.Debian: update to refer to slapd.d instead
of slapd.conf.
- debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
variable.
* Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
*
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
Upstream has announced a test call for OpenLDAP 2.6.1:
https://lists.openldap.org/hyperkitty/list/openldap-
techni...@openldap.org/thread/GT7JBMIC2EBBJACXTR2VANASZWIC25QE/
This means that the release is close. I've adjusted this bug's
milestone to reflect the fact that I'm expecting the merge to happen
next month.
** Changed in: openldap (Ubuntu)
Milestone: ubuntu-22.01 => ubuntu-22.02
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1946883
Title:
Merge openldap from Debian unstable for 22.04
Status in openldap package in Ubuntu:
New
Bug description:
Upstream: 2.5.8
Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1
Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1
Debian experimental has 2.5.8+dfsg-1~exp1
### New Debian Changes ###
openldap (2.4.59+dfsg-1) unstable; urgency=medium
* New upstream release.
* Fix FTBFS with autoconf 2.71 (Closes: #993032):
- Backport upstream changes to support Autoconf 2.69 instead of simply
disabling automake in debian/rules. Fixes FTBFS due to autoreconf
thinking files required by Automake are missing, even though Automake is
not actually used.
- Stop running autoreconf in contrib/ldapc++ since we don't build it.
- Drop custom config.{guess,sub} handling. dh_update_autotools_config does
the right thing for us.
* Update Standards-Version to 4.6.0; no changes required.
* Add a superficial autopkgtest for smbk5pwd.
* Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
(#866122) is fixed in all relevant suites by now.
-- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700
openldap (2.4.57+dfsg-3) unstable; urgency=medium
* Link smbk5pwd with -lkrb5. (Closes: #988565)
-- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700
openldap (2.4.57+dfsg-2) unstable; urgency=medium
* Fix slapd assertion failure in Certificate List Exact Assertion validation
(ITS#9454) (CVE-2021-27212)
-- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800
openldap (2.4.57+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd crashes in Certificate Exact Assertion processing
(ITS#9404, ITS#9424) (CVE-2020-36221)
- Fixed slapd assertion failures in saslAuthzTo validation
(ITS#9406, ITS#9407) (CVE-2020-36222)
- Fixed slapd crash in Values Return Filter control handling
(ITS#9408) (CVE-2020-36223)
- Fixed slapd crashes in saslAuthzTo processing
(ITS#9409, ITS#9412, ITS#9413)
(CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
- Fixed slapd assertion failure in X.509 DN parsing
(ITS#9423) (CVE-2020-36230)
- Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
- Fixed slapd crash in Certificate List Exact Assertion processing
(ITS#9427) (CVE-2020-36228)
- Fixed slapd infinite loop with Cancel operation
(ITS#9428) (CVE-2020-36227)
-- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800
openldap (2.4.56+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd abort due to assertion failure in Certificate List syntax
validation (ITS#9383) (CVE-2020-25709)
- Fixed slapd abort due to assertion failure in CSN normalization with
invalid input (ITS#9384) (CVE-2020-25710)
-- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800
openldap (2.4.55+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd normalization handling with modrdn
(ITS#9370) (CVE-2020-25692)
-- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700
openldap (2.4.54+dfsg-1) unstable; urgency=medium
* New upstream release.
* Change upstream Homepage and get-orig-source URLs to HTTPS.
* Create debian/gbp.conf.
-- Ryan Tandy Sun, 18 Oct 2020 16:03:46 +
openldap (2.4.53+dfsg-1) unstable; urgency=medium
* New upstream release.
-- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700
openldap (2.4.51+dfsg-1) unstable; urgency=medium
* New upstream release.
- Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
* Merge some changes from Ubuntu:
- slapd.default, slapd.README.Debian: update to refer to slapd.d instead
of slapd.conf.
- debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
variable.
* Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
* debian/patches/set-maintainer-name: Extract maintainer address dynamically
from debian/control. (Closes: #960448)
* Fix Torsten's email address in a historic debian/changelog entry to
resolve a Lintian error (bogus-mail-host-in-debian-changelog).
### Old Ubuntu Delta ###
openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium
*
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
OpenLDAP 2.6.0 has been released 2 weeks ago.
FWIW, I talked to Ryan today and he told me that unfortunately there are
some important regressions in this new release. This is the reason he
hasn't uploaded 2.6 to experimental yet. There should be a new upstream
release containing the fixes for these regressions soon (before EOY),
and we should be able to upload it to Debian experimental by then.
Although we're going to have to go through a new transition, I'm not
expecting major problems to arise because the list of changes introduce
in 2.6.x is relatively small:
https://www.openldap.org/doc/admin26/guide.html#Changes%20Since%20Previous%20Release
** Changed in: openldap (Ubuntu)
Milestone: ubuntu-21.12 => ubuntu-22.01
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1946883
Title:
Merge openldap from Debian unstable for 22.04
Status in openldap package in Ubuntu:
New
Bug description:
Upstream: 2.5.8
Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1
Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1
Debian experimental has 2.5.8+dfsg-1~exp1
### New Debian Changes ###
openldap (2.4.59+dfsg-1) unstable; urgency=medium
* New upstream release.
* Fix FTBFS with autoconf 2.71 (Closes: #993032):
- Backport upstream changes to support Autoconf 2.69 instead of simply
disabling automake in debian/rules. Fixes FTBFS due to autoreconf
thinking files required by Automake are missing, even though Automake is
not actually used.
- Stop running autoreconf in contrib/ldapc++ since we don't build it.
- Drop custom config.{guess,sub} handling. dh_update_autotools_config does
the right thing for us.
* Update Standards-Version to 4.6.0; no changes required.
* Add a superficial autopkgtest for smbk5pwd.
* Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
(#866122) is fixed in all relevant suites by now.
-- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700
openldap (2.4.57+dfsg-3) unstable; urgency=medium
* Link smbk5pwd with -lkrb5. (Closes: #988565)
-- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700
openldap (2.4.57+dfsg-2) unstable; urgency=medium
* Fix slapd assertion failure in Certificate List Exact Assertion validation
(ITS#9454) (CVE-2021-27212)
-- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800
openldap (2.4.57+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd crashes in Certificate Exact Assertion processing
(ITS#9404, ITS#9424) (CVE-2020-36221)
- Fixed slapd assertion failures in saslAuthzTo validation
(ITS#9406, ITS#9407) (CVE-2020-36222)
- Fixed slapd crash in Values Return Filter control handling
(ITS#9408) (CVE-2020-36223)
- Fixed slapd crashes in saslAuthzTo processing
(ITS#9409, ITS#9412, ITS#9413)
(CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
- Fixed slapd assertion failure in X.509 DN parsing
(ITS#9423) (CVE-2020-36230)
- Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
- Fixed slapd crash in Certificate List Exact Assertion processing
(ITS#9427) (CVE-2020-36228)
- Fixed slapd infinite loop with Cancel operation
(ITS#9428) (CVE-2020-36227)
-- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800
openldap (2.4.56+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd abort due to assertion failure in Certificate List syntax
validation (ITS#9383) (CVE-2020-25709)
- Fixed slapd abort due to assertion failure in CSN normalization with
invalid input (ITS#9384) (CVE-2020-25710)
-- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800
openldap (2.4.55+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd normalization handling with modrdn
(ITS#9370) (CVE-2020-25692)
-- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700
openldap (2.4.54+dfsg-1) unstable; urgency=medium
* New upstream release.
* Change upstream Homepage and get-orig-source URLs to HTTPS.
* Create debian/gbp.conf.
-- Ryan Tandy Sun, 18 Oct 2020 16:03:46 +
openldap (2.4.53+dfsg-1) unstable; urgency=medium
* New upstream release.
-- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700
openldap (2.4.51+dfsg-1) unstable; urgency=medium
* New upstream release.
- Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
* Merge some changes from Ubuntu:
- slapd.default, slapd.README.Debian: update to refer to slapd.d instead
of slapd.conf.
- debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
variable.
* Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
*
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
** Description changed:
- Scheduled-For: 22.12
- Upstream: tbd
- Debian: 2.4.59+dfsg-12.5.7+dfsg-1~exp1
+ Upstream: 2.5.8
+ Debian: 2.4.59+dfsg-12.5.8+dfsg-1~exp1
Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1
-
- Debian new has 2.5.7+dfsg-1~exp1
-
+ Debian experimental has 2.5.8+dfsg-1~exp1
### New Debian Changes ###
openldap (2.4.59+dfsg-1) unstable; urgency=medium
- * New upstream release.
- * Fix FTBFS with autoconf 2.71 (Closes: #993032):
- - Backport upstream changes to support Autoconf 2.69 instead of simply
- disabling automake in debian/rules. Fixes FTBFS due to autoreconf
- thinking files required by Automake are missing, even though Automake is
- not actually used.
- - Stop running autoreconf in contrib/ldapc++ since we don't build it.
- - Drop custom config.{guess,sub} handling. dh_update_autotools_config does
- the right thing for us.
- * Update Standards-Version to 4.6.0; no changes required.
- * Add a superficial autopkgtest for smbk5pwd.
- * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
- (#866122) is fixed in all relevant suites by now.
+ * New upstream release.
+ * Fix FTBFS with autoconf 2.71 (Closes: #993032):
+ - Backport upstream changes to support Autoconf 2.69 instead of simply
+ disabling automake in debian/rules. Fixes FTBFS due to autoreconf
+ thinking files required by Automake are missing, even though Automake is
+ not actually used.
+ - Stop running autoreconf in contrib/ldapc++ since we don't build it.
+ - Drop custom config.{guess,sub} handling. dh_update_autotools_config does
+ the right thing for us.
+ * Update Standards-Version to 4.6.0; no changes required.
+ * Add a superficial autopkgtest for smbk5pwd.
+ * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
+ (#866122) is fixed in all relevant suites by now.
- -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700
+ -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700
openldap (2.4.57+dfsg-3) unstable; urgency=medium
- * Link smbk5pwd with -lkrb5. (Closes: #988565)
+ * Link smbk5pwd with -lkrb5. (Closes: #988565)
- -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700
+ -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700
openldap (2.4.57+dfsg-2) unstable; urgency=medium
- * Fix slapd assertion failure in Certificate List Exact Assertion validation
- (ITS#9454) (CVE-2021-27212)
+ * Fix slapd assertion failure in Certificate List Exact Assertion validation
+ (ITS#9454) (CVE-2021-27212)
- -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800
+ -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800
openldap (2.4.57+dfsg-1) unstable; urgency=medium
- * New upstream release.
- - Fixed slapd crashes in Certificate Exact Assertion processing
- (ITS#9404, ITS#9424) (CVE-2020-36221)
- - Fixed slapd assertion failures in saslAuthzTo validation
- (ITS#9406, ITS#9407) (CVE-2020-36222)
- - Fixed slapd crash in Values Return Filter control handling
- (ITS#9408) (CVE-2020-36223)
- - Fixed slapd crashes in saslAuthzTo processing
- (ITS#9409, ITS#9412, ITS#9413)
- (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
- - Fixed slapd assertion failure in X.509 DN parsing
- (ITS#9423) (CVE-2020-36230)
- - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
- - Fixed slapd crash in Certificate List Exact Assertion processing
- (ITS#9427) (CVE-2020-36228)
- - Fixed slapd infinite loop with Cancel operation
- (ITS#9428) (CVE-2020-36227)
+ * New upstream release.
+ - Fixed slapd crashes in Certificate Exact Assertion processing
+ (ITS#9404, ITS#9424) (CVE-2020-36221)
+ - Fixed slapd assertion failures in saslAuthzTo validation
+ (ITS#9406, ITS#9407) (CVE-2020-36222)
+ - Fixed slapd crash in Values Return Filter control handling
+ (ITS#9408) (CVE-2020-36223)
+ - Fixed slapd crashes in saslAuthzTo processing
+ (ITS#9409, ITS#9412, ITS#9413)
+ (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
+ - Fixed slapd assertion failure in X.509 DN parsing
+ (ITS#9423) (CVE-2020-36230)
+ - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
+ - Fixed slapd crash in Certificate List Exact Assertion processing
+ (ITS#9427) (CVE-2020-36228)
+ - Fixed slapd infinite loop with Cancel operation
+ (ITS#9428) (CVE-2020-36227)
- -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800
+ -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800
openldap (2.4.56+dfsg-1) unstable; urgency=medium
- * New upstream release.
- - Fixed slapd abort due to assertion failure in Certificate List syntax
- validation (ITS#9383) (CVE-2020-25709)
- - Fixed slapd abort due to assertion failure in CSN normalization with
- invalid input (ITS#9384) (CVE-2020-25710)
+ * New upstream release.
+ - Fixed
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
Absolutely, Ryan. The transition is something that I'm also planning to
happen during the LTS cycle; I've even put January 20 as a tentative
date to start the transition:
https://discourse.ubuntu.com/t/jj-release-schedule/23906
Let's see how this goes. Thanks for the heads up, though; much
appreciated.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1946883
Title:
Merge openldap from Debian unstable for 22.04
Status in openldap package in Ubuntu:
New
Bug description:
Scheduled-For: 22.12
Upstream: tbd
Debian: 2.4.59+dfsg-12.5.7+dfsg-1~exp1
Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1
Debian new has 2.5.7+dfsg-1~exp1
### New Debian Changes ###
openldap (2.4.59+dfsg-1) unstable; urgency=medium
* New upstream release.
* Fix FTBFS with autoconf 2.71 (Closes: #993032):
- Backport upstream changes to support Autoconf 2.69 instead of simply
disabling automake in debian/rules. Fixes FTBFS due to autoreconf
thinking files required by Automake are missing, even though Automake is
not actually used.
- Stop running autoreconf in contrib/ldapc++ since we don't build it.
- Drop custom config.{guess,sub} handling. dh_update_autotools_config does
the right thing for us.
* Update Standards-Version to 4.6.0; no changes required.
* Add a superficial autopkgtest for smbk5pwd.
* Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
(#866122) is fixed in all relevant suites by now.
-- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700
openldap (2.4.57+dfsg-3) unstable; urgency=medium
* Link smbk5pwd with -lkrb5. (Closes: #988565)
-- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700
openldap (2.4.57+dfsg-2) unstable; urgency=medium
* Fix slapd assertion failure in Certificate List Exact Assertion validation
(ITS#9454) (CVE-2021-27212)
-- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800
openldap (2.4.57+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd crashes in Certificate Exact Assertion processing
(ITS#9404, ITS#9424) (CVE-2020-36221)
- Fixed slapd assertion failures in saslAuthzTo validation
(ITS#9406, ITS#9407) (CVE-2020-36222)
- Fixed slapd crash in Values Return Filter control handling
(ITS#9408) (CVE-2020-36223)
- Fixed slapd crashes in saslAuthzTo processing
(ITS#9409, ITS#9412, ITS#9413)
(CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
- Fixed slapd assertion failure in X.509 DN parsing
(ITS#9423) (CVE-2020-36230)
- Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
- Fixed slapd crash in Certificate List Exact Assertion processing
(ITS#9427) (CVE-2020-36228)
- Fixed slapd infinite loop with Cancel operation
(ITS#9428) (CVE-2020-36227)
-- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800
openldap (2.4.56+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd abort due to assertion failure in Certificate List syntax
validation (ITS#9383) (CVE-2020-25709)
- Fixed slapd abort due to assertion failure in CSN normalization with
invalid input (ITS#9384) (CVE-2020-25710)
-- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800
openldap (2.4.55+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd normalization handling with modrdn
(ITS#9370) (CVE-2020-25692)
-- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700
openldap (2.4.54+dfsg-1) unstable; urgency=medium
* New upstream release.
* Change upstream Homepage and get-orig-source URLs to HTTPS.
* Create debian/gbp.conf.
-- Ryan Tandy Sun, 18 Oct 2020 16:03:46 +
openldap (2.4.53+dfsg-1) unstable; urgency=medium
* New upstream release.
-- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700
openldap (2.4.51+dfsg-1) unstable; urgency=medium
* New upstream release.
- Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
* Merge some changes from Ubuntu:
- slapd.default, slapd.README.Debian: update to refer to slapd.d instead
of slapd.conf.
- debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
variable.
* Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
* debian/patches/set-maintainer-name: Extract maintainer address dynamically
from debian/control. (Closes: #960448)
* Fix Torsten's email address in a historic debian/changelog entry to
resolve a Lintian error (bogus-mail-host-in-debian-changelog).
### Old Ubuntu Delta ###
openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium
* Merge with Debian unstable. Remaining changes:
- Enable AppArmor
[Touch-packages] [Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
** Changed in: openldap (Ubuntu)
Assignee: (unassigned) => Sergio Durigan Junior (sergiodj)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1946883
Title:
Merge openldap from Debian unstable for 22.04
Status in openldap package in Ubuntu:
New
Bug description:
Scheduled-For: 22.12
Upstream: tbd
Debian: 2.4.59+dfsg-12.5.7+dfsg-1~exp1
Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1
Debian new has 2.5.7+dfsg-1~exp1
### New Debian Changes ###
openldap (2.4.59+dfsg-1) unstable; urgency=medium
* New upstream release.
* Fix FTBFS with autoconf 2.71 (Closes: #993032):
- Backport upstream changes to support Autoconf 2.69 instead of simply
disabling automake in debian/rules. Fixes FTBFS due to autoreconf
thinking files required by Automake are missing, even though Automake is
not actually used.
- Stop running autoreconf in contrib/ldapc++ since we don't build it.
- Drop custom config.{guess,sub} handling. dh_update_autotools_config does
the right thing for us.
* Update Standards-Version to 4.6.0; no changes required.
* Add a superficial autopkgtest for smbk5pwd.
* Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
(#866122) is fixed in all relevant suites by now.
-- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700
openldap (2.4.57+dfsg-3) unstable; urgency=medium
* Link smbk5pwd with -lkrb5. (Closes: #988565)
-- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700
openldap (2.4.57+dfsg-2) unstable; urgency=medium
* Fix slapd assertion failure in Certificate List Exact Assertion validation
(ITS#9454) (CVE-2021-27212)
-- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800
openldap (2.4.57+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd crashes in Certificate Exact Assertion processing
(ITS#9404, ITS#9424) (CVE-2020-36221)
- Fixed slapd assertion failures in saslAuthzTo validation
(ITS#9406, ITS#9407) (CVE-2020-36222)
- Fixed slapd crash in Values Return Filter control handling
(ITS#9408) (CVE-2020-36223)
- Fixed slapd crashes in saslAuthzTo processing
(ITS#9409, ITS#9412, ITS#9413)
(CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
- Fixed slapd assertion failure in X.509 DN parsing
(ITS#9423) (CVE-2020-36230)
- Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
- Fixed slapd crash in Certificate List Exact Assertion processing
(ITS#9427) (CVE-2020-36228)
- Fixed slapd infinite loop with Cancel operation
(ITS#9428) (CVE-2020-36227)
-- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800
openldap (2.4.56+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd abort due to assertion failure in Certificate List syntax
validation (ITS#9383) (CVE-2020-25709)
- Fixed slapd abort due to assertion failure in CSN normalization with
invalid input (ITS#9384) (CVE-2020-25710)
-- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800
openldap (2.4.55+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed slapd normalization handling with modrdn
(ITS#9370) (CVE-2020-25692)
-- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700
openldap (2.4.54+dfsg-1) unstable; urgency=medium
* New upstream release.
* Change upstream Homepage and get-orig-source URLs to HTTPS.
* Create debian/gbp.conf.
-- Ryan Tandy Sun, 18 Oct 2020 16:03:46 +
openldap (2.4.53+dfsg-1) unstable; urgency=medium
* New upstream release.
-- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700
openldap (2.4.51+dfsg-1) unstable; urgency=medium
* New upstream release.
- Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
* Merge some changes from Ubuntu:
- slapd.default, slapd.README.Debian: update to refer to slapd.d instead
of slapd.conf.
- debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
variable.
* Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
* debian/patches/set-maintainer-name: Extract maintainer address dynamically
from debian/control. (Closes: #960448)
* Fix Torsten's email address in a historic debian/changelog entry to
resolve a Lintian error (bogus-mail-host-in-debian-changelog).
### Old Ubuntu Delta ###
openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium
* Merge with Debian unstable. Remaining changes:
- Enable AppArmor support:
+ d/apparmor-profile: add AppArmor profile
+ d/rules: use dh_apparmor
+ d/control: Build-Depends on dh-apparmor
+ d/slapd.README.Debian: add note about AppArmor
-
