This bug was fixed in the package openldap - 2.4.53+dfsg-1ubuntu1
---------------
openldap (2.4.53+dfsg-1ubuntu1) groovy; urgency=medium
* Merge with Debian unstable (LP: #1894838). Remaining changes:
- Enable AppArmor support:
+ d/apparmor-profile: add AppArmor profile
+ d/rules: use dh_apparmor
+ d/control: Build-Depends on dh-apparmor
+ d/slapd.README.Debian: add note about AppArmor
- Enable GSSAPI support (first added in 2.4.18-0ubuntu2):
+ d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
principal
+ d/configure.options: Configure with --with-gssapi
+ d/control: Added heimdal-dev as a build depend
+ d/rules:
- Explicitly add -I/usr/include/heimdal to CFLAGS.
- Explicitly add -I/usr/lib/<multiarch>/heimdal to LDFLAGS.
+ d/libldap-2.4-2.symbols: add symbols for GSSAPI support
This should be dropped when the soname changes.
- Enable ufw support:
+ d/control: suggest ufw.
+ d/rules: install ufw profile.
+ d/slapd.ufw.profile: add ufw profile.
- Enable nss overlay:
+ d/rules:
- add nssov to CONTRIB_MODULES
- add sysconfdir to CONTRIB_MAKEVARS
+ d/slapd.install: install nssov overlay
+ d/slapd.manpages: install slapo-nssov(5) man page
+ d/p/contrib-makefiles: given the change in 2.4.47+dfsg-3 regarding
Debian bug #919136, we also have to patch the nssov makefile
accordingly and thus update this patch.
- d/{rules,slapd.py}: Add apport hook.
- Add support for CLDAP (UDP) support, back then required by
likewise-open (first enabled in 2.4.17-1ubuntu2):
+ d/rules: Enable -DLDAP_CONNECTIONLESS
+ d/libldap-2.4-2.symbols: add symbols for CLDAP (UDP)
This should be dropped when the soname changes.
- debian/patches/fix_test_timing.patch: fix FTBFS on riscv64 because
of test timing issue.
- d/rules: better regexp to match the Maintainer tag in d/control,
needed in the Ubuntu case because of XSBC-Original-Maintainer
(Closes #960448, LP #1875697)
openldap (2.4.53+dfsg-1) unstable; urgency=medium
* New upstream release.
-- Andreas Hasenack <andr...@canonical.com> Tue, 08 Sep 2020 09:36:58
-0300
** Changed in: openldap (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1894838
Title:
FFe: update to 2.4.53, fixing crash bugs
Status in openldap package in Ubuntu:
Fix Released
Bug description:
Groovy has openldap 2.4.51
Upstream made two quick new releases after that: 2.4.52 and 2.4.53. A
crash was reported in the mailing list:
https://lists.openldap.org/hyperkitty/list/openldap-
techni...@openldap.org/thread/NKOM6DI7RQY6FDLRZGSGYJSGONKIRFEP/
"""
This segfault is due to a problem with the fix for ITS#9282 that went into
the OpenLDAP 2.4.51 and OpenLDAP 2.4.52 releases. This is fixed in the
2.4.53 release (released today).
"""
Almost all changes in 2.4.52 and 2.4.53 are bug fixes, but a few feathre
changes/additions slipped through, hence this FFe:
OpenLDAP 2.4.53 (2020/09/07)
Added slapd syncrepl additional SYNC logging (ITS#9043)
Fixed slapd syncrepl segfault on NULL cookie on REFRESH (ITS#9282)
Fixed slapd syncrepl to use fresh connection on REFRESH fallback
(ITS#9338)
Fixed slapo-ppolicy race condition for pwdFailureTime (ITS#9302,ITS#9334)
Build
Require OpenSSL 1.0.2 or later (ITS#9323)
Fixed libldap compilation issue with broken C compilers (ITS#9332)
OpenLDAP 2.4.52 (2020/08/28)
Added libldap LDAP_OPT_X_TLS_REQUIRE_SAN option (ITS#9318)
Added libldap OpenSSL support for multiple EECDH curves (ITS#9054)
Added slapd OpenSSL support for multiple EECDH curves (ITS#9054)
Fixed librewrite malloc/free corruption (ITS#9249)
Fixed libldap hang when using UDP and server down (ITS#9328)
Fixed slapd syncrepl rare deadlock due to network issues (ITS#9324)
Fixed slapd syncrepl regression that could trigger an assert (ITS#9329)
Fixed slapd-mdb index error with collapsed range (ITS#9135)
I grouped the changes with links to the bug reports:
Replication fixes:
Fixed slapd syncrepl segfault on NULL cookie on REFRESH
(https://bugs.openldap.org/show_bug.cgi?id=9282)
Fixed slapd syncrepl to use fresh connection on REFRESH fallback
(https://bugs.openldap.org/show_bug.cgi?id=9338)
Fixed slapd syncrepl rare deadlock due to network issues
(https://bugs.openldap.org/show_bug.cgi?id=9324)
Fixed slapd syncrepl regression that could trigger an assert
(https://bugs.openldap.org/show_bug.cgi?id=9329)
Features and other non-fixes changes:
Added slapd syncrepl additional SYNC logging
(https://bugs.openldap.org/show_bug.cgi?id=9043)
Require OpenSSL 1.0.2 or later
(https://bugs.openldap.org/show_bug.cgi?id=9323)
Added libldap LDAP_OPT_X_TLS_REQUIRE_SAN option
(https://bugs.openldap.org/show_bug.cgi?id=9318)
Added libldap OpenSSL support for multiple EECDH curves
(https://bugs.openldap.org/show_bug.cgi?id=9054)
Added slapd OpenSSL support for multiple EECDH curves
(https://bugs.openldap.org/show_bug.cgi?id=9054)
Other fixes:
Fixed slapo-ppolicy race condition for pwdFailureTime
(https://bugs.openldap.org/show_bug.cgi?id=9302,https://bugs.openldap.org/show_bug.cgi?id=9334)
Fixed libldap compilation issue with broken C compilers
(https://bugs.openldap.org/show_bug.cgi?id=9332)
Fixed librewrite malloc/free corruption
(https://bugs.openldap.org/show_bug.cgi?id=9249)
Fixed libldap hang when using UDP and server down
(https://bugs.openldap.org/show_bug.cgi?id=9328)
Fixed slapd-mdb index error with collapsed range
(https://bugs.openldap.org/show_bug.cgi?id=9135)
PPA with a groovy proposed and all arches test build (still ongoing as I
write this):
https://launchpad.net/~ahasenack/+archive/ubuntu/openldap-2453/+packages
I believe a backport of that many fixes is riskier than an update to
the new upstream version at this point.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1894838/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
