Merge openldap from Debian unstable for 22.04

Bug #1946883 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openldap (Ubuntu)
Undecided
Sergio Durigan Junior

Bug Description

Upstream: 2.5.8
Debian: 2.4.59+dfsg-1 2.5.8+dfsg-1~exp1
Ubuntu: 2.5.6+dfsg-1~exp1ubuntu1

Debian experimental has 2.5.8+dfsg-1~exp1

### New Debian Changes ###

openldap (2.4.59+dfsg-1) unstable; urgency=medium

  * New upstream release.
  * Fix FTBFS with autoconf 2.71 (Closes: #993032):
    - Backport upstream changes to support Autoconf 2.69 instead of simply
      disabling automake in debian/rules. Fixes FTBFS due to autoreconf
      thinking files required by Automake are missing, even though Automake is
      not actually used.
    - Stop running autoreconf in contrib/ldapc++ since we don't build it.
    - Drop custom config.{guess,sub} handling. dh_update_autotools_config does
      the right thing for us.
  * Update Standards-Version to 4.6.0; no changes required.
  * Add a superficial autopkgtest for smbk5pwd.
  * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
    (#866122) is fixed in all relevant suites by now.

 -- Ryan Tandy <email address hidden> Fri, 27 Aug 2021 09:42:31 -0700

openldap (2.4.57+dfsg-3) unstable; urgency=medium

  * Link smbk5pwd with -lkrb5. (Closes: #988565)

 -- Ryan Tandy <email address hidden> Sat, 15 May 2021 16:03:34 -0700

openldap (2.4.57+dfsg-2) unstable; urgency=medium

  * Fix slapd assertion failure in Certificate List Exact Assertion validation
    (ITS#9454) (CVE-2021-27212)

 -- Ryan Tandy <email address hidden> Sun, 14 Feb 2021 09:26:41 -0800

openldap (2.4.57+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - Fixed slapd crashes in Certificate Exact Assertion processing
      (ITS#9404, ITS#9424) (CVE-2020-36221)
    - Fixed slapd assertion failures in saslAuthzTo validation
      (ITS#9406, ITS#9407) (CVE-2020-36222)
    - Fixed slapd crash in Values Return Filter control handling
      (ITS#9408) (CVE-2020-36223)
    - Fixed slapd crashes in saslAuthzTo processing
      (ITS#9409, ITS#9412, ITS#9413)
      (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
    - Fixed slapd assertion failure in X.509 DN parsing
      (ITS#9423) (CVE-2020-36230)
    - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
    - Fixed slapd crash in Certificate List Exact Assertion processing
      (ITS#9427) (CVE-2020-36228)
    - Fixed slapd infinite loop with Cancel operation
      (ITS#9428) (CVE-2020-36227)

 -- Ryan Tandy <email address hidden> Sat, 23 Jan 2021 08:57:07 -0800

openldap (2.4.56+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - Fixed slapd abort due to assertion failure in Certificate List syntax
      validation (ITS#9383) (CVE-2020-25709)
    - Fixed slapd abort due to assertion failure in CSN normalization with
      invalid input (ITS#9384) (CVE-2020-25710)

 -- Ryan Tandy <email address hidden> Wed, 11 Nov 2020 09:13:56 -0800

openldap (2.4.55+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - Fixed slapd normalization handling with modrdn
      (ITS#9370) (CVE-2020-25692)

 -- Ryan Tandy <email address hidden> Tue, 27 Oct 2020 21:07:29 -0700

openldap (2.4.54+dfsg-1) unstable; urgency=medium

  * New upstream release.
  * Change upstream Homepage and get-orig-source URLs to HTTPS.
  * Create debian/gbp.conf.

 -- Ryan Tandy <email address hidden> Sun, 18 Oct 2020 16:03:46 +0000

openldap (2.4.53+dfsg-1) unstable; urgency=medium

  * New upstream release.

 -- Ryan Tandy <email address hidden> Mon, 07 Sep 2020 09:47:28 -0700

openldap (2.4.51+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
  * Merge some changes from Ubuntu:
    - slapd.default, slapd.README.Debian: update to refer to slapd.d instead
      of slapd.conf.
    - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
      variable.
  * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
    slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
  * debian/patches/set-maintainer-name: Extract maintainer address dynamically
    from debian/control. (Closes: #960448)
  * Fix Torsten's email address in a historic debian/changelog entry to
    resolve a Lintian error (bogus-mail-host-in-debian-changelog).

### Old Ubuntu Delta ###

openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - Enable AppArmor support:
      + d/apparmor-profile: add AppArmor profile
      + d/rules: use dh_apparmor
      + d/control: Build-Depends on dh-apparmor
      + d/slapd.README.Debian: add note about AppArmor
    - Enable ufw support:
      + d/control: suggest ufw.
      + d/rules: install ufw profile.
      + d/slapd.ufw.profile: add ufw profile.
    - d/{rules,slapd.py}: Add apport hook.
    - d/rules: better regexp to match the Maintainer tag in d/control,
      needed in the Ubuntu case because of XSBC-Original-Maintainer
      (Closes #960448, LP #1875697)

 -- Sergio Durigan Junior <email address hidden> Tue, 17 Aug 2021 14:06:00 -0400

Changed in openldap (Ubuntu):
assignee: nobody → Sergio Durigan Junior (sergiodj)
Revision history for this message
Ryan Tandy (rtandy) wrote : Re: [Bug 1946883] [NEW] Merge openldap from Debian unstable for 22.04

FYI:

2.5.8 has just been released. I intend to package and upload it to experimental soon (time/spoons permitting).

2.6.0 should be released quite soon (currently in release candidate phase). If possible I would like to target this for the LTS. It includes another library transition (libldap-2.5-0 to libldap2).

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Absolutely, Ryan. The transition is something that I'm also planning to happen during the LTS cycle; I've even put January 20 as a tentative date to start the transition:

https://discourse.ubuntu.com/t/jj-release-schedule/23906

Let's see how this goes. Thanks for the heads up, though; much appreciated.

Bryce Harrington (bryce)
description: updated
Changed in openldap (Ubuntu):
milestone: none → ubuntu-21.12
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers