Hello Sergio, or anyone else affected,

Accepted openldap into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/openldap/2.5.12+dfsg-0ubuntu0.22.04.1
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: openldap (Ubuntu Jammy)
       Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1977627

Title:
  New upstream microrelease 2.5.12

Status in openldap package in Ubuntu:
  New
Status in openldap source package in Jammy:
  Fix Committed

Bug description:
  [ Impact ]

   * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12.

  This update includes bugfixes only following the SRU policy exception
  defined at
  https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates.

  [ Major Changes ]

   * See the list of bugs fixed in this release here:

  https://lists.openldap.org/hyperkitty/list/openldap-
  annou...@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/

   * In particular, this release includes the fix for CVE-2022-29155,
  but since the CVE has already been addressed by the currently OpenLDAP
  version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify
  as a security upload.

  [ Test Plan ]

   * Upstream gitlab pipeline results:
  https://git.openldap.org/openldap/openldap/-/pipelines/4298

   * Upstream "call for testing":
  https://lists.openldap.org/hyperkitty/list/openldap-
  techni...@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/

   * As described in the MRE wiki page for OpenLDAP, the test plan is to
  build the package in bileto and make sure that (1) all build-time
  tests pass and (2) all autopkgtest runs (from reverse dependencies)
  also pass.

   * Build log (amd64) confirming that the build-time testsuite has been
  performed and completed successfully:
  https://launchpadlibrarian.net/606922528/buildlog_ubuntu-jammy-
  amd64.openldap_2.5.12+dfsg-0ubuntu0.22.04.1_BUILDING.txt.gz

   * Bileto ticket: https://bileto.ubuntu.com/#/ticket/4868

  [ Where problems could occur ]

   * Upstream tests are always executed during build-time.  There are
  many reverse dependencies whose dep8 tests depend on OpenLDAP so the
  coverage is good.  Nevertheless, there is always a risk for something
  to break since we are dealing with a microrelease upgrade.  Whenever a
  test failure is detected, we will be on top of it and make sure it
  doesn't affect existing users.

  [ Other Info ]

   * This is a reoccurring MRE.  See below for links to previous
  OpenLDAP MREs.

   * CVEs fixed by this release:
     - CVE-2022-29155, which has already been addressed in Jammy.

  Current versions in supported releases that got updates:
   openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates   | source

  Special cases:
  - None.

  Previous MREs for OpenLDAP:
  - None so far.

  As usual we test and prep from the PPA and then push through
  SRU/Security as applicable.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1977627/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to