[Bug 244925] Re: slapd reports wrong ssf using gnutls
Launchpad Bug Tracker
244925 at bugs.launchpad.net
Thu Jul 3 21:25:14 BST 2008
This bug was fixed in the package openldap2.3 - 2.4.10-1ubuntu1
---------------
openldap2.3 (2.4.10-1ubuntu1) intrepid; urgency=low
* Merge from debian unstable, remaining changes:
- debian/apparmor-profile: add AppArmor profile
- debian/slapd.postinst: Reload AA profile on configuration
- updated debian/slapd.README.Debian for note on AppArmor
- debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6
- debian/control: Conflicts with apparmor-profiles << 2.1+1075-0ubuntu4
to make sure that if earlier version of apparmour-profiles gets
installed it won't overwrite our profile.
- Modify Maintainer value to match the DebianMaintainerField
speficication.
- follow ApparmorProfileMigration and force apparmor compalin mode on
some upgrades (LP: #203529)
- debian/slapd.dirs: add etc/apparmor.d/force-complain
- debian/slapd.preinst: create symlink for force-complain on pre-feisty
upgrades, upgrades where apparmor-profiles profile is unchanged (ie
non-enforcing) and upgrades where apparmor profile does not exist.
- debian/slapd.postrm: remove symlink in force-complain/ on purge
- debian/patches/fix-ucred-libc due to changes how newer glibc handle
the ucred struct now.
- debian/patches/fix-unique-overlay-assertion.patch:
Fix another assertion error in unique overlay (LP: #243337).
Backport from head.
* debian/control:
- add time as build dependency: needed by make test.
* debian/rules:
- support debuild nocheck option: don't run tests if nocheck is set.
* debian/patches/fix-gnutls-key-strength.patch:
- fix slapd handling of ssf using gnutls. (LP: #244925).
* Dropped - accepted in Debian:
- debian/rules, debian/slapd.links: use hard links to slapd instead of
symlinks for slap* so these applications aren't confined by apparmor
(LP: #203898)
* Dropped - fixed in new upstream release:
- debian/patches/fix-assertion-io.patch: Fixes ber_flush2 assertion.
(LP: #215904)
- debian/patches/fix-dnpretty-assertion.patch: Fix dnPrettyNormal assertion
error. (LP: #234196)
- dropped debian/patches/fix-notify-crasher.patch: Fix modify timestamp crashes.
(LP: #220724)
- debian/patches/fix-syncrepl-oops: Fixes segmentation fault when using
syncrepl. (LP: #227178)
- dropped debian/patches/SECURITY_CVE-2008-0658.patch. Already applied
upstream.
openldap2.3 (2.4.10-1) unstable; urgency=low
[ Steve Langasek ]
* New upstream release.
- Clean up ld_defconn if it was freed, fixing an assertion failure in
various clients. Closes: #469232.
- Fixes slapd syncrepl hang on back-config. Closes: #471253.
- Drop patch hurd-path-max, integrated upstream.
* Drop spurious build-dependency on heimdal-dev, introduced accidentally
as part of an aborted attempt to build the smbk5pwd overlay.
* Use hardlinks instead of symlinks for the various slap* commands; this
is functionally equivalent for us, and reduces divergence from
derivatives such as Ubuntu that use apparmor. Closes: #488409.
* New patch, no_backend_inter-linking, to fix the meta backend to not
try to look up symbols in external objects (back_ldap) that it
doesn't link against.
* Turn on 'make test' during builds, now that back_meta is fixed.
[ Matthijs Mohlmann ]
* All manpages in category 5 were missing, wrong directory.
(Closes: #474976, #483631, #483633)
-- Mathias Gug <mathiaz at ubuntu.com> Thu, 03 Jul 2008 14:15:08 -0400
** Changed in: openldap2.3 (Ubuntu)
Status: Triaged => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-0658
--
slapd reports wrong ssf using gnutls
https://bugs.launchpad.net/bugs/244925
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap2.3 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list