[Bug 206303] [NEW] needs upgrade from version 0.3.1
Launchpad Bug Tracker
206303 at bugs.launchpad.net
Thu Jun 30 15:58:02 UTC 2011
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Daniel Holbach (dholbach):
Binary package hint: ldap2dns
so is there some reason why Ubuntu is still using version 0.3.1? current version is 0.4.1
there been numerous bug & security fixes since 0.3.1
is this just a matter of no one being able to produce an updated package
for ubuntu?
# $Id: ChangeLog 381 2006-10-19 18:29:16Z bklang $
Version 0.4.1 (latest)
* Updated scripts/data2ldif.pl to properly handle reverse domains
* Fixed parser bugs in scripts/data2ldif.pl (Thanks Fleischmann Bonaventura and
Adrian Goins)
* Added missing option -M (Thanks Jason Chambers)
* Change default record limit to LDAP_NO_LIMIT
* Tightned up LDAP search scope when calculating the checksum (Thanks Jason
Chambers for the bug report)
* Fixed bug reading the LDAP bind password out of the environment (Thanks Nick
Gregory for the bug report)
* Updated FAQ
Version 0.4.0
+ Corrected segfault when using BIND output with SRV records (Thanks Fred Leitz)
+ Fixed off-by-one string termination problem
+ Fixed a number of possible segfaults if required cmdline options were missing
Thanks Steve Ayotte (sayotte.alkaloid.net)
+ Added more verbose LDAP error and sanity checking output
+ Replaced all deprecated LDAP API calls
+ Converted to getopt_long and added double-dash options (--help)
+ Added search timeout and max record count options
+ Added warnings when zero records are returned from searches
Version 0.3.7
+ Changed default location of ldap.conf to /etc/ldap.conf
+ Added note on potential security vulns in deprecated/webadmin to README
+ Changed port declarations/format strings from int to unsigned short
to match standards
+ Updated doc/README.html
+ Added security audit result patch from Erik Cabetas (erik.cabetas.com)
+ Fixed typo in ldap2dns.spec.in
+ Updated example ldif in doc/ (Thanks Marc Huot)
Version 0.3.6
+ New maintainer: Ben Klang <ben at alkaloid.net>
+ Fixed bug with duplicate OIDs in dns.schema from partially applied patch
+ Renamed schema file to ldap2dns.schema
+ Updated RPM specfile
+ Removed already merged patchfiles
+ Restructured file layout, created doc directory
+ Deprecated unfinished webadmin work. Will be replaced with Beatnik
+ Deprecated OpenLDAP 2.0 schema support
+ Deprecated djbdns-1.0.5 native LDAP patch (status of patch unknown)
+ Removed old index.html
+ Removed TODO.schema
+ Updated Makefile
+ Modified ldap2dns-conf to behave more like tinydns-conf
+ Altered default behavior (via ldap2dns-conf) to run ldap2dns as non-root
+ Updated FAQ
+ Deprecated askldap.c and askldap.h
+ Created TODO file
+ Added TinyDNS data file import script (scripts/data2ldap.pl)
+ Moved AXFR import script (formerly import.pl) to scripts/axfr2ldap.pl
+ Deprecated export-ldap.pl (Possibly old ldap2dns 0.2->0.3 upgrade script?)
Version 0.3.5 - 2005/11/30
+ Added support for DNS SRV records
Version 0.3.3
- Removed a bug which caused ldap2dns to etablish more than one connections
to the LDAP server.
Version 0.3.2
+ Only patches from Martin Lesser <m-lesser at better-com.de>
applied. Nothing from myself.
+ connecting to a ldap-server where the server is given as URI works
(both ldap:// [with TLS] and ldaps://)
+ we use location-codes here, so ldap2dns.c was extended to make use of
them, this also requires an extension of dns.schema.
** Affects: ldap2dns (Ubuntu)
Importance: Wishlist
Status: Confirmed
** Tags: upgrade
--
needs upgrade from version 0.3.1
https://bugs.launchpad.net/bugs/206303
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.
More information about the Ubuntu-sponsors
mailing list