ldap2dns needs upgrade from version 0.3.1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ldap2dns (Debian) |
New
|
Unknown
|
|||
ldap2dns (Ubuntu) |
Confirmed
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: ldap2dns
so is there some reason why Ubuntu is still using version 0.3.1? current version is 0.4.1
there been numerous bug & security fixes since 0.3.1
is this just a matter of no one being able to produce an updated package for ubuntu?
# $Id: ChangeLog 381 2006-10-19 18:29:16Z bklang $
Version 0.4.1 (latest)
* Updated scripts/
* Fixed parser bugs in scripts/
Adrian Goins)
* Added missing option -M (Thanks Jason Chambers)
* Change default record limit to LDAP_NO_LIMIT
* Tightned up LDAP search scope when calculating the checksum (Thanks Jason
Chambers for the bug report)
* Fixed bug reading the LDAP bind password out of the environment (Thanks Nick
Gregory for the bug report)
* Updated FAQ
Version 0.4.0
+ Corrected segfault when using BIND output with SRV records (Thanks Fred Leitz)
+ Fixed off-by-one string termination problem
+ Fixed a number of possible segfaults if required cmdline options were missing
Thanks Steve Ayotte (sayotte.
+ Added more verbose LDAP error and sanity checking output
+ Replaced all deprecated LDAP API calls
+ Converted to getopt_long and added double-dash options (--help)
+ Added search timeout and max record count options
+ Added warnings when zero records are returned from searches
Version 0.3.7
+ Changed default location of ldap.conf to /etc/ldap.conf
+ Added note on potential security vulns in deprecated/webadmin to README
+ Changed port declarations/format strings from int to unsigned short
to match standards
+ Updated doc/README.html
+ Added security audit result patch from Erik Cabetas (erik.cabetas.com)
+ Fixed typo in ldap2dns.spec.in
+ Updated example ldif in doc/ (Thanks Marc Huot)
Version 0.3.6
+ New maintainer: Ben Klang <email address hidden>
+ Fixed bug with duplicate OIDs in dns.schema from partially applied patch
+ Renamed schema file to ldap2dns.schema
+ Updated RPM specfile
+ Removed already merged patchfiles
+ Restructured file layout, created doc directory
+ Deprecated unfinished webadmin work. Will be replaced with Beatnik
+ Deprecated OpenLDAP 2.0 schema support
+ Deprecated djbdns-1.0.5 native LDAP patch (status of patch unknown)
+ Removed old index.html
+ Removed TODO.schema
+ Updated Makefile
+ Modified ldap2dns-conf to behave more like tinydns-conf
+ Altered default behavior (via ldap2dns-conf) to run ldap2dns as non-root
+ Updated FAQ
+ Deprecated askldap.c and askldap.h
+ Created TODO file
+ Added TinyDNS data file import script (scripts/
+ Moved AXFR import script (formerly import.pl) to scripts/
+ Deprecated export-ldap.pl (Possibly old ldap2dns 0.2->0.3 upgrade script?)
Version 0.3.5 - 2005/11/30
+ Added support for DNS SRV records
Version 0.3.3
- Removed a bug which caused ldap2dns to etablish more than one connections
to the LDAP server.
Version 0.3.2
+ Only patches from Martin Lesser <email address hidden>
applied. Nothing from myself.
+ connecting to a ldap-server where the server is given as URI works
(both ldap:// [with TLS] and ldaps://)
+ we use location-codes here, so ldap2dns.c was extended to make use of
them, this also requires an extension of dns.schema.
Changed in ldap2dns: | |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
Changed in ldap2dns (Debian): | |
status: | Unknown → New |
summary: |
- needs upgrade from version 0.3.1 + ldap2dns needs upgrade from version 0.3.1 |
Well, the same version (0.3.1-3ubuntu2) is still in Intrepid as well as Hardy. It looks like this package has had / is having problems with a stable maintainer upstream since the same version appears to be in Debian. Can anyone chime in with some more details? For being marked as a security vulnerability for over 3 months, I am surprised no one has said anything.