drop fix-ldap-distribution.patch?

Bug #1875697 reported by Ryan Tandy
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openldap (Ubuntu)
Andreas Hasenack

Bug Description


In version 2.4.49+dfsg-3 I fixed a bug where the version was missing from the -V output in OpenLDAP programs: <https://bugs.debian.org/864637>.

At the same time, I've patched it to display the package version there, instead of the upstream version:

# slapd -VV
@(#) $OpenLDAP: slapd 2.4.49+dfsg-4 (Apr 15 2020 04:33:16) $
 Debian OpenLDAP Maintainers <email address hidden>

If showing the distro version here fulfills the same requirements as the fix-ldap-distribution.patch, then maybe that patch can be dropped?


Related branches

CVE References

Revision history for this message
Rafael David Tinoco (rafaeldtinoco) wrote :

(c)rafaeldtinoco@devel:~$ rmadison openldap
 openldap | 2.4.28-1.1ubuntu4 | precise | source
 openldap | 2.4.28-1.1ubuntu4.6 | precise-security | source
 openldap | 2.4.28-1.1ubuntu4.6 | precise-updates | source
 openldap | 2.4.31-1+nmu2ubuntu8 | trusty | source
 openldap | 2.4.31-1+nmu2ubuntu8.4 | trusty-security | source
 openldap | 2.4.31-1+nmu2ubuntu8.5 | trusty-updates | source
 openldap | 2.4.42+dfsg-2ubuntu3 | xenial | source
 openldap | 2.4.42+dfsg-2ubuntu3.6 | xenial-security | source
 openldap | 2.4.42+dfsg-2ubuntu3.7 | xenial-updates | source
 openldap | 2.4.45+dfsg-1ubuntu1 | bionic | source
 openldap | 2.4.45+dfsg-1ubuntu1.3 | bionic-security | source
 openldap | 2.4.45+dfsg-1ubuntu1.4 | bionic-updates | source
 openldap | 2.4.47+dfsg-3ubuntu2 | disco | source
 openldap | 2.4.47+dfsg-3ubuntu2.1 | disco-security | source
 openldap | 2.4.47+dfsg-3ubuntu2.2 | disco-updates | source
 openldap | 2.4.48+dfsg-1ubuntu1 | eoan | source
 openldap | 2.4.49+dfsg-2ubuntu1 | focal | source
 openldap | 2.4.49+dfsg-2ubuntu1 | groovy | source

Since we haven't synced with dfsg-3 for focal, I'm marking this as server-next for groovy. For next merge, I would suggest this to be SRUed for Focal as well, and leave for the SRU team to decide. Since its a very small change, I'm flagging as blocking next SRU to focal, perhaps one can add it to the next SRU.

tags: added: server-next
tags: added: block-proposed-focal
Changed in openldap (Ubuntu):
status: New → Triaged
Changed in openldap (Ubuntu Focal):
status: New → Triaged
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

I'm adding this to my list of delta to drop in this cycle.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

I think dropping this delta is fine, as the "ubuntu" name will still show as long as there is a delta. But looks like the email is wrong, we should be showing ubuntu-devel@ there instead of the debian maintainers list.

Revision history for this message
Ryan Tandy (rtandy) wrote : Re: [Bug 1875697] Re: drop fix-ldap-distribution.patch?

On Fri, May 08, 2020 at 07:57:38PM -0000, Andreas Hasenack wrote:
>But looks like the email is wrong, we should be showing ubuntu-devel@
>there instead of the debian maintainers list.

I'm fine with receiving mail from Ubuntu users as well. (in IRC I'm
usually supporting at least as many Ubuntu users as Debian users.) But
feel free to patch this in your build, or send me a patch to pick up
Maintainer dynamically from the control file (or based on dpkg-vendor or

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

That comes from debian/patches/set-maintainer-name

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

I don't think this change is worth an SRU for focal, as the goal is to drop a delta. It would also change a signature of sorts, so best not to change that in an LTS release.

Changed in openldap (Ubuntu Focal):
status: Triaged → Won't Fix
Changed in openldap (Ubuntu):
assignee: nobody → Andreas Hasenack (ahasenack)
status: Triaged → In Progress
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

I patched the patch, ugh, but I'll think of a nice way to set this dynamically before uploading. I'm dropping a lot of delta in the 2.4.50 merge :)

Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (4.8 KiB)

This bug was fixed in the package openldap - 2.4.50+dfsg-1ubuntu1

openldap (2.4.50+dfsg-1ubuntu1) groovy; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - Enable AppArmor support:
      + d/apparmor-profile: add AppArmor profile
      + d/rules: use dh_apparmor
      + d/control: Build-Depends on dh-apparmor
      + d/slapd.README.Debian: add note about AppArmor
    - Enable GSSAPI support (first added in 2.4.18-0ubuntu2):
      + d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
        - Add --with-gssapi support
        - Make guess_service_principal() more robust when determining
      + d/configure.options: Configure with --with-gssapi
      + d/control: Added heimdal-dev as a build depend
      + d/rules:
        - Explicitly add -I/usr/include/heimdal to CFLAGS.
        - Explicitly add -I/usr/lib/<multiarch>/heimdal to LDFLAGS.
      + d/libldap-2.4-2.symbols: add symbols for GSSAPI support
      This should be dropped when the soname changes.
    - Enable ufw support:
      + d/control: suggest ufw.
      + d/rules: install ufw profile.
      + d/slapd.ufw.profile: add ufw profile.
    - Enable nss overlay:
      + d/rules:
        - add nssov to CONTRIB_MODULES
        - add sysconfdir to CONTRIB_MAKEVARS
      + d/slapd.install:
        - install nssov overlay
      + d/slapd.manpages:
        - install slapo-nssov(5) man page
      + d/p/contrib-makefiles: given the change in 2.4.47+dfsg-3 regarding
        Debian bug #919136, we also have to patch the nssov makefile
        accordingly and thus update this patch.
    - d/{rules,slapd.py}: Add apport hook.
    - d/slapd.scripts-common:
      + add slapcat_opts to local variables.
      + Fix backup directory naming for multiple reconfiguration.
    - d/{slapd.default,slapd.README.Debian}: use the new configuration style.
    - Add support for CLDAP (UDP) support, back then required by
      likewise-open (first enabled in 2.4.17-1ubuntu2):
      + d/rules: Enable -DLDAP_CONNECTIONLESS
      + d/libldap-2.4-2.symbols: add symbols for CLDAP (UDP)
      This should be dropped when the soname changes.
    - debian/patches/fix_test_timing.patch: fix FTBFS on riscv64 because
      of test timing issue.
  * Dropped:
    - d/slapd.init.ldif: don't set olcRootDN since it's not defined in
      either the default DIT nor via an Authn mapping.
      [Not worth keeping a delta for, as having olcRootDN doesn't hurt]
    - Show distribution in version:
      - d/control: added lsb-release
      - d/patches/fix-ldap-distribution.patch: show distribution in version
      [Debian now shows the full package version]
    - SECURITY UPDATE: denial of service via nested search filters
      + debian/patches/CVE-2020-12243.patch: limit depth of nested
        filters in servers/slapd/filter.c.
      [Fixed upstream]
  * Added:
    - d/rules, debian/patches/set-maintainer-name: Extract maintainer
      address dynamically from debian/control. Thanks to Ryan Tandy
      <email address hidden> (Closes: #960448, LP: #1875697)

openldap (2.4.50+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - Fixed slapd to limit depth of nested...


Changed in openldap (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers