Activity log for bug #1977627

Date Who What changed Old value New value Message
2022-06-04 00:07:52 Sergio Durigan Junior bug added bug
2022-06-04 00:07:59 Sergio Durigan Junior nominated for series Ubuntu Jammy
2022-06-04 00:07:59 Sergio Durigan Junior bug task added openldap (Ubuntu Jammy)
2022-06-04 00:08:05 Sergio Durigan Junior openldap (Ubuntu Jammy): status New Confirmed
2022-06-04 00:08:07 Sergio Durigan Junior openldap (Ubuntu Jammy): importance Undecided High
2022-06-04 00:08:09 Sergio Durigan Junior openldap (Ubuntu Jammy): assignee Sergio Durigan Junior (sergiodj)
2022-06-04 00:08:11 Sergio Durigan Junior openldap (Ubuntu): assignee Sergio Durigan Junior (sergiodj)
2022-06-04 00:08:14 Sergio Durigan Junior openldap (Ubuntu): status Confirmed Invalid
2022-06-04 00:08:29 Sergio Durigan Junior bug added subscriber Canonical Server Team
2022-06-04 02:00:33 Sergio Durigan Junior openldap (Ubuntu): status Invalid New
2022-06-10 00:23:12 Sergio Durigan Junior merge proposal linked https://code.launchpad.net/~sergiodj/ubuntu/+source/openldap/+git/openldap/+merge/424341
2022-06-10 00:24:08 Sergio Durigan Junior openldap (Ubuntu Jammy): status Confirmed In Progress
2022-06-10 02:08:01 Sergio Durigan Junior description [ Impact ] * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ] * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/ [ Test Plan ] * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298 * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/ * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass. [ Where problems could occur ] * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ] * This is a reoccurring MRE. See below for previous MRE's links. * CVEs fixed by this release: - CVE-2022-29155, which has already been addressed in Jammy Current versions in supported releases that got updates: openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Standing MRE - Consider last updates as template: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable. [ Impact ]  * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ]  * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/ [ Test Plan ]  * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298  * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/  * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass. * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606268441/buildlog_ubuntu-jammy-amd64.openldap_2.5.12+dfsg-1ubuntu0.22.04.1_BUILDING.txt.gz [ Where problems could occur ]  * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ]  * This is a reoccurring MRE. See below for previous MRE's links.  * CVEs fixed by this release:    - CVE-2022-29155, which has already been addressed in Jammy Current versions in supported releases that got updates:  openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Standing MRE - Consider last updates as template: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable.
2022-06-10 02:09:23 Sergio Durigan Junior description [ Impact ]  * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ]  * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/ [ Test Plan ]  * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298  * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/  * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass. * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606268441/buildlog_ubuntu-jammy-amd64.openldap_2.5.12+dfsg-1ubuntu0.22.04.1_BUILDING.txt.gz [ Where problems could occur ]  * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ]  * This is a reoccurring MRE. See below for previous MRE's links.  * CVEs fixed by this release:    - CVE-2022-29155, which has already been addressed in Jammy Current versions in supported releases that got updates:  openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Standing MRE - Consider last updates as template: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable. [ Impact ]  * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ]  * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/ * In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify as a security upload. [ Test Plan ]  * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298  * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/  * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass.  * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606268441/buildlog_ubuntu-jammy-amd64.openldap_2.5.12+dfsg-1ubuntu0.22.04.1_BUILDING.txt.gz [ Where problems could occur ]  * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ]  * This is a reoccurring MRE. See below for previous MRE's links.  * CVEs fixed by this release:    - CVE-2022-29155, which has already been addressed in Jammy Current versions in supported releases that got updates:  openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Standing MRE - Consider last updates as template: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable.
2022-06-10 02:10:51 Sergio Durigan Junior description [ Impact ]  * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ]  * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/ * In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify as a security upload. [ Test Plan ]  * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298  * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/  * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass.  * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606268441/buildlog_ubuntu-jammy-amd64.openldap_2.5.12+dfsg-1ubuntu0.22.04.1_BUILDING.txt.gz [ Where problems could occur ]  * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ]  * This is a reoccurring MRE. See below for previous MRE's links.  * CVEs fixed by this release:    - CVE-2022-29155, which has already been addressed in Jammy Current versions in supported releases that got updates:  openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Standing MRE - Consider last updates as template: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable. [ Impact ]  * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ]  * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/  * In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify as a security upload. [ Test Plan ]  * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298  * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/  * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass.  * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606268441/buildlog_ubuntu-jammy-amd64.openldap_2.5.12+dfsg-1ubuntu0.22.04.1_BUILDING.txt.gz [ Where problems could occur ]  * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ]  * This is a reoccurring MRE. See below for previous MRE's links.  * CVEs fixed by this release:    - CVE-2022-29155, which has already been addressed in Jammy Current versions in supported releases that got updates:  openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Previous MREs for OpenLDAP: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable.
2022-06-13 21:04:54 Sergio Durigan Junior description [ Impact ]  * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ]  * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/  * In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify as a security upload. [ Test Plan ]  * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298  * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/  * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass.  * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606268441/buildlog_ubuntu-jammy-amd64.openldap_2.5.12+dfsg-1ubuntu0.22.04.1_BUILDING.txt.gz [ Where problems could occur ]  * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ]  * This is a reoccurring MRE. See below for previous MRE's links.  * CVEs fixed by this release:    - CVE-2022-29155, which has already been addressed in Jammy Current versions in supported releases that got updates:  openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Previous MREs for OpenLDAP: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable. [ Impact ]  * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ]  * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/  * In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify as a security upload. [ Test Plan ]  * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298  * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/  * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass.  * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606922528/buildlog_ubuntu-jammy-amd64.openldap_2.5.12+dfsg-0ubuntu0.22.04.1_BUILDING.txt.gz * Bileto ticket: https://bileto.ubuntu.com/#/ticket/4868 [ Where problems could occur ]  * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ]  * This is a reoccurring MRE. See below for links to previous OpenLDAP MREs.  * CVEs fixed by this release:    - CVE-2022-29155, which has already been addressed in Jammy. Current versions in supported releases that got updates:  openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Previous MREs for OpenLDAP: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable.
2022-06-14 17:10:19 Brian Murray openldap (Ubuntu Jammy): status In Progress Fix Committed
2022-06-14 17:10:21 Brian Murray bug added subscriber Ubuntu Stable Release Updates Team
2022-06-14 17:10:23 Brian Murray bug added subscriber SRU Verification
2022-06-14 17:10:28 Brian Murray tags needs-mre-backport server-todo needs-mre-backport server-todo verification-needed verification-needed-jammy
2022-06-14 18:38:25 Sergio Durigan Junior description [ Impact ]  * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ]  * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/  * In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify as a security upload. [ Test Plan ]  * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298  * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/  * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass.  * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606922528/buildlog_ubuntu-jammy-amd64.openldap_2.5.12+dfsg-0ubuntu0.22.04.1_BUILDING.txt.gz * Bileto ticket: https://bileto.ubuntu.com/#/ticket/4868 [ Where problems could occur ]  * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ]  * This is a reoccurring MRE. See below for links to previous OpenLDAP MREs.  * CVEs fixed by this release:    - CVE-2022-29155, which has already been addressed in Jammy. Current versions in supported releases that got updates:  openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Previous MREs for OpenLDAP: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable. [ Impact ]  * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/OpenLDAPUpdates. [ Major Changes ]  * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/  * In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify as a security upload. [ Test Plan ]  * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298  * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/  * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass.  * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606922528/buildlog_ubuntu-jammy-amd64.openldap_2.5.12+dfsg-0ubuntu0.22.04.1_BUILDING.txt.gz  * Bileto ticket: https://bileto.ubuntu.com/#/ticket/4868 [ Where problems could occur ]  * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ]  * This is a reoccurring MRE. See below for links to previous OpenLDAP MREs.  * CVEs fixed by this release:    - CVE-2022-29155, which has already been addressed in Jammy. Current versions in supported releases that got updates:  openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Previous MREs for OpenLDAP: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable.
2022-06-15 14:52:04 Sergio Durigan Junior tags needs-mre-backport server-todo verification-needed verification-needed-jammy needs-mre-backport server-todo verification-done-jammy
2022-06-17 19:56:44 Sergio Durigan Junior openldap (Ubuntu): status New Invalid
2022-06-21 13:44:57 Christian Ehrhardt  tags needs-mre-backport server-todo verification-done-jammy needs-mre-backport server-todo verification-done verification-done-jammy
2022-06-21 21:37:20 Launchpad Janitor openldap (Ubuntu Jammy): status Fix Committed Fix Released
2022-06-21 21:37:20 Launchpad Janitor cve linked 2022-29155
2022-06-21 21:37:24 Brian Murray removed subscriber Ubuntu Stable Release Updates Team