[ubuntu/precise] openldap 2.4.28-1.1ubuntu1 (Accepted)
Chuck Short
zulcss at ubuntu.com
Mon Jan 23 16:25:20 UTC 2012
openldap (2.4.28-1.1ubuntu1) precise; urgency=low
* Merge from Debian testing. Remaining changes:
- Install a default DIT (LP: #442498).
- Document cn=config in README file (LP: #370784).
- remaining changes:
+ AppArmor support:
- debian/apparmor-profile: add AppArmor profile
- use dh_apparmor:
- debian/rules: use dh_apparmor
- debian/control: Build-Depends on debhelper 7.4.20ubuntu5
- updated debian/slapd.README.Debian for note on AppArmor
- debian/slapd.dirs: add etc/apparmor.d/force-complain
+ Enable GSSAPI support (LP: #495418):
- debian/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
principal
- debian/patches/series: apply gssapi.diff patch.
- debian/configure.options: Configure with --with-gssapi
- debian/control: Added libkrb5-dev as a build depend
+ debian/rules: Enable -DLDAP_CONNECTIONLESS to build CLDAP (UDP) support
in the openldap library, as required by Likewise-Open (LP: #390579)
+ Don't build smbk5pwd overlay since it uses heimdal instead of krb5:
- debian/control:
- remove build-dependency on heimdal-dev.
- remove slapd-smbk5pwd binary package.
- debian/rules: don't build smbk5pwd slapd module.
+ debian/{control,rules}: enable PIE hardening
+ ufw support (LP: #423246):
- debian/control: suggest ufw.
- debian/rules: install ufw profile.
- debian/slapd.ufw.profile: add ufw profile.
+ Enable nssoverlay:
- debian/patches/nssov-build, debian/series, debian/rules:
Apply, build and package the nss overlay.
- debian/schema/extra/misc.ldif: add ldif file for the misc schema
which defines rfc822MailMember (required by the nss overlay).
+ debian/rules, debian/schema/extra/:
Fix configure rule to supports extra schemas shipped as part
of the debian/schema/ directory.
+ debian/rules, debian/slapd.py: Add apport hook. (LP: #610544)
+ debian/slapd.init.ldif: don't set olcRootDN since it's not defined in
neither the default DIT nor via an Authn mapping.
+ debian/slapd.scripts-common: adjust minimum version that triggers a
database upgrade. Upgrade from maverick shouldn't trigger database
upgrade (which would happen with the version used in Debian).
+ debian/slapd.scripts-common: add slapcat_opts to local variables.
Remove unused variable new_conf.
+ debian/slapd.script-common: Fix package reconfiguration.
- Fix backup directory naming for multiple reconfiguration.
+ debian/slapd.default, debian/slapd.README.Debian:
use the new configuration style.
+ Install nss overlay (LP: #675391):
- debian/rules: run install target for nssov module.
- debian/patches/nssov-build: fix patch to install schema in /etc/ldap/schema
+ debian/patches/gssapi.diff:
- Update patch so that likewise-open is usuable again. (LP: #661547)
+ debian/patches/service-operational-before-detach: New patch replacing old one
of the same name as previous could cause database corruption based on upstream commits.
(LP: #727973)
+ debian/patches/CVE-2011-4079: fix off by one error in postalAddressNormalize()
(CVE-2011-4079)
openldap (2.4.28-1.1) unstable; urgency=low
* Non-maintainer upload.
* Disable the mdb backend on non-Linux, it looks like it doesn't work with
linuxthreads (closes: #654824).
openldap (2.4.28-1) unstable; urgency=low
* New upstream release.
- Fixes CVE-2011-4079. Closes: #647610.
- Fixes support for proxy authorization with SASL-GSSAPI.
Closes: #608815.
- Drop patch service-operational-before-detach, which came from upstream.
- Drop patch fix-its6898-locking-issue, included upstream.
- Refresh other patches as needed.
* debian/slapd.scripts-common: quote the argument to slappasswd, to cope
with shell characters in the string. Thanks to Nicolai Ehemann
<en at englightened.de> for the patch. Closes: #635931.
* Install ldif.h in libldap2-dev, now that it's been blessed upstream.
Closes: #644985.
* debian/patches/no-bdb-ABI-second-guessing: don't force an exact match on
the upstream version of libdb; this is redundant with our packaging
system, and causes spurious errors when there's a non-ABI-breaking
BDB upstream release. Closes: #651333.
* Build-conflict with the ancient autoconf2.13, which is incompatible with
dh-autoreconf. (Maybe dh-autoreconf itself should conflict with it?)
Closes: #651598.
[ Updated debconf translations ]
* Dutch, thanks to Jeroen Schot <schot at A-Eskwadraat.nl>. Closes: #651400.
Date: Mon, 23 Jan 2012 10:01:13 -0500
Changed-By: Chuck Short <zulcss at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/openldap/2.4.28-1.1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 23 Jan 2012 10:01:13 -0500
Source: openldap
Binary: slapd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source
Version: 2.4.28-1.1ubuntu1
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Chuck Short <zulcss at ubuntu.com>
Description:
ldap-utils - OpenLDAP utilities
libldap-2.4-2 - OpenLDAP libraries
libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
libldap2-dev - OpenLDAP development libraries
slapd - OpenLDAP server (slapd)
slapd-dbg - Debugging information for the OpenLDAP server (slapd)
Closes: 608815 635931 644985 647610 651333 651400 651598 654824
Launchpad-Bugs-Fixed: 370784 390579 423246 442498 495418 610544 661547 675391 727973
Changes:
openldap (2.4.28-1.1ubuntu1) precise; urgency=low
.
* Merge from Debian testing. Remaining changes:
- Install a default DIT (LP: #442498).
- Document cn=config in README file (LP: #370784).
- remaining changes:
+ AppArmor support:
- debian/apparmor-profile: add AppArmor profile
- use dh_apparmor:
- debian/rules: use dh_apparmor
- debian/control: Build-Depends on debhelper 7.4.20ubuntu5
- updated debian/slapd.README.Debian for note on AppArmor
- debian/slapd.dirs: add etc/apparmor.d/force-complain
+ Enable GSSAPI support (LP: #495418):
- debian/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
- Add --with-gssapi support
- Make guess_service_principal() more robust when determining
principal
- debian/patches/series: apply gssapi.diff patch.
- debian/configure.options: Configure with --with-gssapi
- debian/control: Added libkrb5-dev as a build depend
+ debian/rules: Enable -DLDAP_CONNECTIONLESS to build CLDAP (UDP) support
in the openldap library, as required by Likewise-Open (LP: #390579)
+ Don't build smbk5pwd overlay since it uses heimdal instead of krb5:
- debian/control:
- remove build-dependency on heimdal-dev.
- remove slapd-smbk5pwd binary package.
- debian/rules: don't build smbk5pwd slapd module.
+ debian/{control,rules}: enable PIE hardening
+ ufw support (LP: #423246):
- debian/control: suggest ufw.
- debian/rules: install ufw profile.
- debian/slapd.ufw.profile: add ufw profile.
+ Enable nssoverlay:
- debian/patches/nssov-build, debian/series, debian/rules:
Apply, build and package the nss overlay.
- debian/schema/extra/misc.ldif: add ldif file for the misc schema
which defines rfc822MailMember (required by the nss overlay).
+ debian/rules, debian/schema/extra/:
Fix configure rule to supports extra schemas shipped as part
of the debian/schema/ directory.
+ debian/rules, debian/slapd.py: Add apport hook. (LP: #610544)
+ debian/slapd.init.ldif: don't set olcRootDN since it's not defined in
neither the default DIT nor via an Authn mapping.
+ debian/slapd.scripts-common: adjust minimum version that triggers a
database upgrade. Upgrade from maverick shouldn't trigger database
upgrade (which would happen with the version used in Debian).
+ debian/slapd.scripts-common: add slapcat_opts to local variables.
Remove unused variable new_conf.
+ debian/slapd.script-common: Fix package reconfiguration.
- Fix backup directory naming for multiple reconfiguration.
+ debian/slapd.default, debian/slapd.README.Debian:
use the new configuration style.
+ Install nss overlay (LP: #675391):
- debian/rules: run install target for nssov module.
- debian/patches/nssov-build: fix patch to install schema in /etc/ldap/schema
+ debian/patches/gssapi.diff:
- Update patch so that likewise-open is usuable again. (LP: #661547)
+ debian/patches/service-operational-before-detach: New patch replacing old one
of the same name as previous could cause database corruption based on upstream commits.
(LP: #727973)
+ debian/patches/CVE-2011-4079: fix off by one error in postalAddressNormalize()
(CVE-2011-4079)
.
openldap (2.4.28-1.1) unstable; urgency=low
.
* Non-maintainer upload.
* Disable the mdb backend on non-Linux, it looks like it doesn't work with
linuxthreads (closes: #654824).
.
openldap (2.4.28-1) unstable; urgency=low
.
* New upstream release.
- Fixes CVE-2011-4079. Closes: #647610.
- Fixes support for proxy authorization with SASL-GSSAPI.
Closes: #608815.
- Drop patch service-operational-before-detach, which came from upstream.
- Drop patch fix-its6898-locking-issue, included upstream.
- Refresh other patches as needed.
* debian/slapd.scripts-common: quote the argument to slappasswd, to cope
with shell characters in the string. Thanks to Nicolai Ehemann
<en at englightened.de> for the patch. Closes: #635931.
* Install ldif.h in libldap2-dev, now that it's been blessed upstream.
Closes: #644985.
* debian/patches/no-bdb-ABI-second-guessing: don't force an exact match on
the upstream version of libdb; this is redundant with our packaging
system, and causes spurious errors when there's a non-ABI-breaking
BDB upstream release. Closes: #651333.
* Build-conflict with the ancient autoconf2.13, which is incompatible with
dh-autoreconf. (Maybe dh-autoreconf itself should conflict with it?)
Closes: #651598.
.
[ Updated debconf translations ]
* Dutch, thanks to Jeroen Schot <schot at A-Eskwadraat.nl>. Closes: #651400.
Checksums-Sha1:
c83ea333b2161b2b3c5a1a8af390681f22511baa 2175 openldap_2.4.28-1.1ubuntu1.dsc
c1345e4cabea83912d511b77bd227c120e29834b 4714012 openldap_2.4.28.orig.tar.gz
59a6478ccc47a6a8fb8a15740e43b5f96320cc57 173100 openldap_2.4.28-1.1ubuntu1.diff.gz
Checksums-Sha256:
b72c192f9c8210ef06e0cb5cc4314ccc305f6eb1839ee557d7a0036dfd6c6f6f 2175 openldap_2.4.28-1.1ubuntu1.dsc
1fcc10fc22d9ffff7940df76135a4a349ea4c6d1ec212e4542493a500e85448a 4714012 openldap_2.4.28.orig.tar.gz
3365ae66f896e10a0309668585cf2b03d8697215a8d9977cc663e0854ea9b074 173100 openldap_2.4.28-1.1ubuntu1.diff.gz
Files:
e7f4eedf19dbaff8a9f8cad6575ead06 2175 net optional openldap_2.4.28-1.1ubuntu1.dsc
3812086464b9145342733f9ea735ea66 4714012 net optional openldap_2.4.28.orig.tar.gz
8733576f8a7c552c827185e027c0da5a 173100 net optional openldap_2.4.28-1.1ubuntu1.diff.gz
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk8ddkQACgkQIHZ33voUATu9RQCgqz+NustL1GZxKGGsVkET57wk
120AnR5o0aeCEjsq47ClyD7owrxCXP/F
=QfHd
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list