Ubuntu
openldap2.3 package

Please sync openldap2.3 2.4.7-5 from debian unstable

Bug #188200 reported by Jamie Strandboge
2
Affects Status Importance Assigned to Milestone
openldap2.3 (Debian)
Fix Released
Unknown
openldap2.3 (Ubuntu)
Fix Released
High
Ubuntu Server

Bug Description

Using TLSCipherSuite or specifying ldaps:// doesn't work on hardy. See Debian bug report for more information.

Debian changelog:

Changes:
 openldap2.3 (2.4.7-5) unstable; urgency=low
 .
   [ Updated debconf translations ]
   * Finnish, thanks to Esko Arajärvi <email address hidden>. Closes: #462688.
   * Galician, thanks to Jacobo Tarrio <email address hidden>. Closes: #462987.
   * French, thanks to Christian Perrier <email address hidden>.
     Closes: #463149.
   * Russian, thanks to Yuri Kozlov <email address hidden>. Closes: #463442.
   * Czech, thanks to Miroslav Kure <email address hidden>. Closes: #463472.
   * German, thanks to Helge Kreutzmann <email address hidden>.
     Closes: #464718.
 .
   [ Steve Langasek ]
   * Fix various regressions related to the introduction of GnuTLS:
     - Add new patch, gnutls-ciphers, to fix support for specifying multiple
       ciphers with TLSCipherSuite option in slapd.conf. Thanks to Kyle
       Moffett <email address hidden> for the patch. Closes LP: #188200.
     - Add new patch, slapd-tlsverifyclient-default, to set the intended
       default value of "TLSVerifyClient never" in the right place.
     - Add new patch, gnutls-altname-nulterminated, to account for differences
       in how the "length" is returned for commonName vs. subjectAltName.
     - Comment out TLSCipherSuite settings on upgrade from all versions prior
       to 2.4.7-5, and throw a debconf error to the user notifying them of
       this, since all OpenSSL cipher suite values are incompatible with
       GnuTLS.
     Closes: #462588.
   * Add new patch from upstream, entryCSN-backwards-compatibility, to support
     auto-converting entryCSN attributes in a previously supported old format,
     fixing an upgrade failure. Closes: #462099.
   * Use --retry TERM/10 instead of --retry 10 when stopping slapd, since the
     latter resorts to a SIGKILL and may corrupt backend data; whereas the
     former will exit non-zero if slapd is still running but won't directly
     cause data-loss. Thanks to Mark McDonald for the patch. LP: #92139.
   * Fix manpage symlinks in libldap2-dev; thanks to Reuben Thomas for
     reporting. Closes: #463971.
   * Fix a superfluous space in the debconf templates, due to a trailing space
     in the templates. Closes: #464719.

See original description
Tags: sync
Jamie Strandboge (jdstrand)
Changed in openldap2.3:
assignee: nobody → ubuntu-server
importance: Undecided → High
Bug Watch Updater (bug-watch-updater)
Changed in openldap2.3:
status: Unknown → New
Steve Langasek (vorlon)
Changed in openldap2.3:
status: New → Fix Committed
Bug Watch Updater (bug-watch-updater)
Changed in openldap2.3:
status: New → Fix Released
Wouter Stomp (wouterstomp-deactivatedaccount)
description: updated
Revision history for this message
Steve Langasek (vorlon) wrote :

This package has been synced.

Changed in openldap2.3:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.