[ubuntu/groovy-proposed] openldap 2.4.51+dfsg-1ubuntu1 (Accepted)
Andreas Hasenack
andreas at canonical.com
Thu Aug 27 17:18:14 UTC 2020
openldap (2.4.51+dfsg-1ubuntu1) groovy; urgency=medium
* Merge with Debian unstable. Remaining changes:
- Enable AppArmor support:
+ d/apparmor-profile: add AppArmor profile
+ d/rules: use dh_apparmor
+ d/control: Build-Depends on dh-apparmor
+ d/slapd.README.Debian: add note about AppArmor
- Enable GSSAPI support (first added in 2.4.18-0ubuntu2):
+ d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
principal
+ d/configure.options: Configure with --with-gssapi
+ d/control: Added heimdal-dev as a build depend
+ d/rules:
- Explicitly add -I/usr/include/heimdal to CFLAGS.
- Explicitly add -I/usr/lib/<multiarch>/heimdal to LDFLAGS.
+ d/libldap-2.4-2.symbols: add symbols for GSSAPI support
This should be dropped when the soname changes.
- Enable ufw support:
+ d/control: suggest ufw.
+ d/rules: install ufw profile.
+ d/slapd.ufw.profile: add ufw profile.
- Enable nss overlay:
+ d/rules:
- add nssov to CONTRIB_MODULES
- add sysconfdir to CONTRIB_MAKEVARS
+ d/slapd.install: install nssov overlay
+ d/slapd.manpages: install slapo-nssov(5) man page
+ d/p/contrib-makefiles: given the change in 2.4.47+dfsg-3 regarding
Debian bug #919136, we also have to patch the nssov makefile
accordingly and thus update this patch.
- d/{rules,slapd.py}: Add apport hook.
- Add support for CLDAP (UDP) support, back then required by
likewise-open (first enabled in 2.4.17-1ubuntu2):
+ d/rules: Enable -DLDAP_CONNECTIONLESS
+ d/libldap-2.4-2.symbols: add symbols for CLDAP (UDP)
This should be dropped when the soname changes.
- debian/patches/fix_test_timing.patch: fix FTBFS on riscv64 because
of test timing issue.
- d/rules: better regexp to match the Maintainer tag in d/control,
needed in the Ubuntu case because of XSBC-Original-Maintainer
(Closes #960448, LP #1875697)
* Dropped:
- d/{slapd.default,slapd.README.Debian}: use the new configuration style.
[In 2.4.51+dfsg-1]
- d/slapd.scripts-common:
+ add slapcat_opts to local variables.
+ Fix backup directory naming for multiple reconfiguration.
[In 2.4.51+dfsg-1]
- debian/patches/set-maintainer-name: our d/rules change needs to
be kept, but this patch is in 2.4.51+dfsg-1.
openldap (2.4.51+dfsg-1) unstable; urgency=medium
* New upstream release.
- Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
* Merge some changes from Ubuntu:
- slapd.default, slapd.README.Debian: update to refer to slapd.d instead
of slapd.conf.
- debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
variable.
* Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
* debian/patches/set-maintainer-name: Extract maintainer address dynamically
from debian/control. (Closes: #960448)
* Fix Torsten's email address in a historic debian/changelog entry to
resolve a Lintian error (bogus-mail-host-in-debian-changelog).
* Rename debian/source.lintian-overrides to debian/source/lintian-overrides.
Fixes a Lintian pedantic tag (old-source-override-location).
* Override Lintian pedantic tag maintainer-manual-page for
slapo-pw-pbkdf2.5, which will be included upstream in a future release.
* Remove the trailing whitespaces from debian/changelog, debian/control, and
debian/rules. Fixes a Lintian pedantic tag (trailing-whitespace).
* Convert debian/po/de.po to UTF-8. Fixes a Lintian warning
(national-encoding).
* Relax libldap's dependency on libldap-common to Recommends.
This is intended to mitigate the impact of bug #915948 in the case where
the arch:all build is delayed for so long that the old libldap-common
disappears. Previously, a delayed arch:all build could become
BD-Uninstallable if new amd64 binaries were published before the arch:all
build starts, due to the transitive build-dependency on libldap.
Although libldap works fine without libldap-common, in normal
installations it is still recommended to install libldap-common.
* Append a timestamp to the backup directory created by dpkg-reconfigure.
(Closes: #599585, #960449)
* Remove the redundant cn=admin,<suffix> entry from the default DIT for new
installs. For new installs going forward, the root credentials will be
stored in olcRootDN/olcRootPW only. (Closes: #821331)
* Change slapd's Suggests: ldap-utils to Recommends. While any LDAP client
suffices, ldap-utils contains the standard tools recommended by upstream
for basic administration and management.
* Relax Recommends: libsasl2-modules to Suggests on slapd and ldap-utils.
Many deployments do not use SASL at all, and therefore SASL mechanisms are
not needed "in all but unusual installations".
Date: Wed, 26 Aug 2020 11:03:24 -0300
Changed-By: Andreas Hasenack <andreas at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openldap/2.4.51+dfsg-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 26 Aug 2020 11:03:24 -0300
Source: openldap
Architecture: source
Version: 2.4.51+dfsg-1ubuntu1
Distribution: groovy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Andreas Hasenack <andreas at canonical.com>
Closes: 599585 821331 960448 960449
Changes:
openldap (2.4.51+dfsg-1ubuntu1) groovy; urgency=medium
.
* Merge with Debian unstable. Remaining changes:
- Enable AppArmor support:
+ d/apparmor-profile: add AppArmor profile
+ d/rules: use dh_apparmor
+ d/control: Build-Depends on dh-apparmor
+ d/slapd.README.Debian: add note about AppArmor
- Enable GSSAPI support (first added in 2.4.18-0ubuntu2):
+ d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
principal
+ d/configure.options: Configure with --with-gssapi
+ d/control: Added heimdal-dev as a build depend
+ d/rules:
- Explicitly add -I/usr/include/heimdal to CFLAGS.
- Explicitly add -I/usr/lib/<multiarch>/heimdal to LDFLAGS.
+ d/libldap-2.4-2.symbols: add symbols for GSSAPI support
This should be dropped when the soname changes.
- Enable ufw support:
+ d/control: suggest ufw.
+ d/rules: install ufw profile.
+ d/slapd.ufw.profile: add ufw profile.
- Enable nss overlay:
+ d/rules:
- add nssov to CONTRIB_MODULES
- add sysconfdir to CONTRIB_MAKEVARS
+ d/slapd.install: install nssov overlay
+ d/slapd.manpages: install slapo-nssov(5) man page
+ d/p/contrib-makefiles: given the change in 2.4.47+dfsg-3 regarding
Debian bug #919136, we also have to patch the nssov makefile
accordingly and thus update this patch.
- d/{rules,slapd.py}: Add apport hook.
- Add support for CLDAP (UDP) support, back then required by
likewise-open (first enabled in 2.4.17-1ubuntu2):
+ d/rules: Enable -DLDAP_CONNECTIONLESS
+ d/libldap-2.4-2.symbols: add symbols for CLDAP (UDP)
This should be dropped when the soname changes.
- debian/patches/fix_test_timing.patch: fix FTBFS on riscv64 because
of test timing issue.
- d/rules: better regexp to match the Maintainer tag in d/control,
needed in the Ubuntu case because of XSBC-Original-Maintainer
(Closes #960448, LP #1875697)
* Dropped:
- d/{slapd.default,slapd.README.Debian}: use the new configuration style.
[In 2.4.51+dfsg-1]
- d/slapd.scripts-common:
+ add slapcat_opts to local variables.
+ Fix backup directory naming for multiple reconfiguration.
[In 2.4.51+dfsg-1]
- debian/patches/set-maintainer-name: our d/rules change needs to
be kept, but this patch is in 2.4.51+dfsg-1.
.
openldap (2.4.51+dfsg-1) unstable; urgency=medium
.
* New upstream release.
- Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
* Merge some changes from Ubuntu:
- slapd.default, slapd.README.Debian: update to refer to slapd.d instead
of slapd.conf.
- debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
variable.
* Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
* debian/patches/set-maintainer-name: Extract maintainer address dynamically
from debian/control. (Closes: #960448)
* Fix Torsten's email address in a historic debian/changelog entry to
resolve a Lintian error (bogus-mail-host-in-debian-changelog).
* Rename debian/source.lintian-overrides to debian/source/lintian-overrides.
Fixes a Lintian pedantic tag (old-source-override-location).
* Override Lintian pedantic tag maintainer-manual-page for
slapo-pw-pbkdf2.5, which will be included upstream in a future release.
* Remove the trailing whitespaces from debian/changelog, debian/control, and
debian/rules. Fixes a Lintian pedantic tag (trailing-whitespace).
* Convert debian/po/de.po to UTF-8. Fixes a Lintian warning
(national-encoding).
* Relax libldap's dependency on libldap-common to Recommends.
This is intended to mitigate the impact of bug #915948 in the case where
the arch:all build is delayed for so long that the old libldap-common
disappears. Previously, a delayed arch:all build could become
BD-Uninstallable if new amd64 binaries were published before the arch:all
build starts, due to the transitive build-dependency on libldap.
Although libldap works fine without libldap-common, in normal
installations it is still recommended to install libldap-common.
* Append a timestamp to the backup directory created by dpkg-reconfigure.
(Closes: #599585, #960449)
* Remove the redundant cn=admin,<suffix> entry from the default DIT for new
installs. For new installs going forward, the root credentials will be
stored in olcRootDN/olcRootPW only. (Closes: #821331)
* Change slapd's Suggests: ldap-utils to Recommends. While any LDAP client
suffices, ldap-utils contains the standard tools recommended by upstream
for basic administration and management.
* Relax Recommends: libsasl2-modules to Suggests on slapd and ldap-utils.
Many deployments do not use SASL at all, and therefore SASL mechanisms are
not needed "in all but unusual installations".
Checksums-Sha1:
86dafe28b8e1cb2302e96938621534a59a4ac354 3154 openldap_2.4.51+dfsg-1ubuntu1.dsc
0a23d8f2478169f9db576ddf2e769994e24dba6a 5009322 openldap_2.4.51+dfsg.orig.tar.gz
3074c81a834e2bb8da59507567d64bd533f08012 181676 openldap_2.4.51+dfsg-1ubuntu1.debian.tar.xz
f5f36b2ce58b5dc1f54cbe1ca974b5fb365c27b1 6379 openldap_2.4.51+dfsg-1ubuntu1_source.buildinfo
Checksums-Sha256:
b8d7ad5f4c495fb0efa4483a35953f768335fbc49a8bc7a60e7905f33bf33621 3154 openldap_2.4.51+dfsg-1ubuntu1.dsc
315893a5e399a69cdac88794dbff89f7989558c2faa138e82d6fb75e729b7fa6 5009322 openldap_2.4.51+dfsg.orig.tar.gz
8b1841aa43c30d418f5eb83b01ed097d49b8dda43f6e0cdd43df0d1090aa5217 181676 openldap_2.4.51+dfsg-1ubuntu1.debian.tar.xz
3f6979f1b267572a97823d4dae729c9e15519fb8d255fd572ddc9a0b17d6d4b1 6379 openldap_2.4.51+dfsg-1ubuntu1_source.buildinfo
Files:
4ef0c5a3b0db057a6ce045f8df2c4d2d 3154 net optional openldap_2.4.51+dfsg-1ubuntu1.dsc
68be662771973c5999120286ec7485a5 5009322 net optional openldap_2.4.51+dfsg.orig.tar.gz
987b97f34bd3037cace845e2bd5aab13 181676 net optional openldap_2.4.51+dfsg-1ubuntu1.debian.tar.xz
6bb0d202cf5a2d5111f4ce4c85a1d510 6379 net optional openldap_2.4.51+dfsg-1ubuntu1_source.buildinfo
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEiGZB1jWM2kalbBxyrJg+tb9ry6kFAl9H6nIACgkQrJg+tb9r
y6lUHg//VWb9JxTManrxvMNSluZXmDoqlti4bxAFLey4qg4GDV/ouUu2/eP44Knf
3MzTmMzjmRgMQFLIdKsDkdwCZnMKhU9uvDemAnRPHIKqpw0G6r8qUbcIQnpUN29S
gY+LOlnxLhq2sTzCbgvxnDJYScXXcn6AP+NN2RtWoLadg83lL2wQRqhnlrFSZdt1
p3EHJloTI+qYEhVChHkfm7C7KZGbIcRpBfGlM7SoZE8gZhyHygFiFarTeL7diGPc
LC8jGDDB845x8475PCAUUXYAaqK0bafODifLRYMb7gok2YaRFj9aNnMS7mfQwAsg
bQunZwI6LAgOYntO3MEyi96FO8a/ZkOMVKRq9p6EhfJ121Zdz+0897mWBe9+6tSk
AlL6tX3/bYXY0XGCZ8Dq5VCEy/YMtz1g8SAr0qArlzbHBM1MaPDf9/OfJEi8+L1b
fLwNjxIsImWbjwdiLPgCYEfeMr6w8B/Ws3pjBL+ZuLQtWnbI0FelCr/giwJbFWB5
dl6CSI2F4TWixn29+hBA6IZ53QWA3Xr6sVpu9k/ORRWIp9esE6oAcOXoaFdGstgT
16MJ5pspSHFq8jSow0OLPQIwXjg6Hzn23TAesEfk6p+kUF3IBAdbA8IPiOCOppjn
DXDGxDcWOeUthyR3Z07lZDFqqFQjpqR2/ZPvqGqruFhMXU0n6Zo=
=fMoJ
-----END PGP SIGNATURE-----
More information about the Groovy-changes
mailing list