New upstream microrelease 2.5.12
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openldap (Ubuntu) |
Invalid
|
High
|
Unassigned | ||
Jammy |
Fix Released
|
High
|
Sergio Durigan Junior |
Bug Description
[ Impact ]
* MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12.
This update includes bugfixes only following the SRU policy exception defined at https:/
[ Major Changes ]
* See the list of bugs fixed in this release here:
https://<email address hidden>
* In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+
[ Test Plan ]
* Upstream gitlab pipeline results: https:/
* Upstream "call for testing": https://<email address hidden>
* As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass.
* Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https:/
* Bileto ticket: https:/
[ Where problems could occur ]
* Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users.
[ Other Info ]
* This is a reoccurring MRE. See below for links to previous OpenLDAP MREs.
* CVEs fixed by this release:
- CVE-2022-29155, which has already been addressed in Jammy.
Current versions in supported releases that got updates:
openldap | 2.5.11+
Special cases:
- None.
Previous MREs for OpenLDAP:
- None so far.
As usual we test and prep from the PPA and then push through SRU/Security as applicable.
Related branches
- git-ubuntu bot: Approve
- Athos Ribeiro (community): Approve
- Canonical Server: Pending requested
- Canonical Server packageset reviewers: Pending requested
-
Diff: 1976 lines (+489/-393)36 files modifiedCHANGES (+30/-0)
build/dir.mk (+5/-5)
build/version.var (+4/-4)
contrib/slapd-modules/vc/vc.c (+2/-4)
debian/changelog (+14/-0)
debian/patches/series (+0/-1)
dev/null (+0/-274)
doc/guide/admin/guide.html (+1/-1)
doc/man/man3/ldap_get_option.3 (+22/-1)
doc/man/man5/slapd-config.5 (+2/-3)
doc/man/man5/slapd.conf.5 (+2/-3)
include/ldap_pvt.h (+2/-2)
libraries/libldap/ldif.c (+5/-0)
libraries/libldap/result.c (+10/-4)
libraries/libldap/tls_o.c (+4/-0)
servers/slapd/back-asyncmeta/add.c (+1/-0)
servers/slapd/back-asyncmeta/config.c (+5/-3)
servers/slapd/back-asyncmeta/meta_result.c (+11/-4)
servers/slapd/back-asyncmeta/search.c (+1/-0)
servers/slapd/back-ldap/config.c (+5/-3)
servers/slapd/back-mdb/monitor.c (+2/-1)
servers/slapd/back-meta/config.c (+17/-13)
servers/slapd/back-sql/search.c (+105/-18)
servers/slapd/bconfig.c (+24/-7)
servers/slapd/connection.c (+10/-8)
servers/slapd/daemon.c (+13/-1)
servers/slapd/overlays/dynlist.c (+7/-4)
servers/slapd/overlays/pcache.c (+3/-2)
servers/slapd/overlays/ppolicy.c (+12/-8)
servers/slapd/overlays/syncprov.c (+1/-0)
servers/slapd/overlays/translucent.c (+23/-1)
servers/slapd/proto-slap.h (+1/-0)
servers/slapd/syncrepl.c (+122/-18)
tests/data/dynlist.out (+4/-0)
tests/scripts/test034-translucent (+8/-0)
tests/scripts/test044-dynlist (+11/-0)
CVE References
Changed in openldap (Ubuntu Jammy): | |
status: | New → Confirmed |
importance: | Undecided → High |
assignee: | nobody → Sergio Durigan Junior (sergiodj) |
Changed in openldap (Ubuntu): | |
assignee: | Sergio Durigan Junior (sergiodj) → nobody |
status: | Confirmed → Invalid |
Changed in openldap (Ubuntu): | |
status: | Invalid → New |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in openldap (Ubuntu): | |
status: | New → Invalid |
tags: | added: verification-done |
Bileto ticket: https:/ /bileto. ubuntu. com/#/ticket/ 4868