enterprise-support team mailing list archive

Thread
Date
[Bug 1946883] [NEW] Merge openldap from Debian unstable for 22.04

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Bryce Harrington <1946883@xxxxxxxxxxxxxxxxxx>
Date: Wed, 13 Oct 2021 04:05:31 -0000
Reply-to: Bug 1946883 <1946883@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
Public bug reported:

Scheduled-For: 22.12
Upstream: tbd
Debian:   2.4.59+dfsg-1    2.5.7+dfsg-1~exp1
Ubuntu:   2.5.6+dfsg-1~exp1ubuntu1


Debian new has 2.5.7+dfsg-1~exp1


### New Debian Changes ###

openldap (2.4.59+dfsg-1) unstable; urgency=medium

  * New upstream release.
  * Fix FTBFS with autoconf 2.71 (Closes: #993032):
    - Backport upstream changes to support Autoconf 2.69 instead of simply
      disabling automake in debian/rules. Fixes FTBFS due to autoreconf
      thinking files required by Automake are missing, even though Automake is
      not actually used.
    - Stop running autoreconf in contrib/ldapc++ since we don't build it.
    - Drop custom config.{guess,sub} handling. dh_update_autotools_config does
      the right thing for us.
  * Update Standards-Version to 4.6.0; no changes required.
  * Add a superficial autopkgtest for smbk5pwd.
  * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug
    (#866122) is fixed in all relevant suites by now.

 -- Ryan Tandy <ryan@xxxxxxxxx>  Fri, 27 Aug 2021 09:42:31 -0700

openldap (2.4.57+dfsg-3) unstable; urgency=medium

  * Link smbk5pwd with -lkrb5. (Closes: #988565)

 -- Ryan Tandy <ryan@xxxxxxxxx>  Sat, 15 May 2021 16:03:34 -0700

openldap (2.4.57+dfsg-2) unstable; urgency=medium

  * Fix slapd assertion failure in Certificate List Exact Assertion validation
    (ITS#9454) (CVE-2021-27212)

 -- Ryan Tandy <ryan@xxxxxxxxx>  Sun, 14 Feb 2021 09:26:41 -0800

openldap (2.4.57+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - Fixed slapd crashes in Certificate Exact Assertion processing
      (ITS#9404, ITS#9424) (CVE-2020-36221)
    - Fixed slapd assertion failures in saslAuthzTo validation
      (ITS#9406, ITS#9407) (CVE-2020-36222)
    - Fixed slapd crash in Values Return Filter control handling
      (ITS#9408) (CVE-2020-36223)
    - Fixed slapd crashes in saslAuthzTo processing
      (ITS#9409, ITS#9412, ITS#9413)
      (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
    - Fixed slapd assertion failure in X.509 DN parsing
      (ITS#9423) (CVE-2020-36230)
    - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
    - Fixed slapd crash in Certificate List Exact Assertion processing
      (ITS#9427) (CVE-2020-36228)
    - Fixed slapd infinite loop with Cancel operation
      (ITS#9428) (CVE-2020-36227)

 -- Ryan Tandy <ryan@xxxxxxxxx>  Sat, 23 Jan 2021 08:57:07 -0800

openldap (2.4.56+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - Fixed slapd abort due to assertion failure in Certificate List syntax
      validation (ITS#9383) (CVE-2020-25709)
    - Fixed slapd abort due to assertion failure in CSN normalization with
      invalid input (ITS#9384) (CVE-2020-25710)

 -- Ryan Tandy <ryan@xxxxxxxxx>  Wed, 11 Nov 2020 09:13:56 -0800

openldap (2.4.55+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - Fixed slapd normalization handling with modrdn
      (ITS#9370) (CVE-2020-25692)

 -- Ryan Tandy <ryan@xxxxxxxxx>  Tue, 27 Oct 2020 21:07:29 -0700

openldap (2.4.54+dfsg-1) unstable; urgency=medium

  * New upstream release.
  * Change upstream Homepage and get-orig-source URLs to HTTPS.
  * Create debian/gbp.conf.

 -- Ryan Tandy <ryan@xxxxxxxxx>  Sun, 18 Oct 2020 16:03:46 +0000

openldap (2.4.53+dfsg-1) unstable; urgency=medium

  * New upstream release.

 -- Ryan Tandy <ryan@xxxxxxxxx>  Mon, 07 Sep 2020 09:47:28 -0700

openldap (2.4.51+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
  * Merge some changes from Ubuntu:
    - slapd.default, slapd.README.Debian: update to refer to slapd.d instead
      of slapd.conf.
    - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
      variable.
  * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
    slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
  * debian/patches/set-maintainer-name: Extract maintainer address dynamically
    from debian/control. (Closes: #960448)
  * Fix Torsten's email address in a historic debian/changelog entry to
    resolve a Lintian error (bogus-mail-host-in-debian-changelog).


### Old Ubuntu Delta ###

openldap (2.5.6+dfsg-1~exp1ubuntu1) impish; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - Enable AppArmor support:
      + d/apparmor-profile: add AppArmor profile
      + d/rules: use dh_apparmor
      + d/control: Build-Depends on dh-apparmor
      + d/slapd.README.Debian: add note about AppArmor
    - Enable ufw support:
      + d/control: suggest ufw.
      + d/rules: install ufw profile.
      + d/slapd.ufw.profile: add ufw profile.
    - d/{rules,slapd.py}: Add apport hook.
    - d/rules: better regexp to match the Maintainer tag in d/control,
      needed in the Ubuntu case because of XSBC-Original-Maintainer
      (Closes #960448, LP #1875697)

 -- Sergio Durigan Junior <sergio.durigan@xxxxxxxxxxxxx>  Tue, 17 Aug
2021 14:06:00 -0400

** Affects: openldap (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: needs-merge

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to openldap in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1946883

Title:
  Merge openldap from Debian unstable for 22.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1946883/+subscriptions
Follow ups

[Bug 1946883] Re: Merge openldap from Debian unstable for 22.04
From: Launchpad Bug Tracker, 2022-01-26