Comment 28 for bug 215904

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openldap2.3 - 2.4.9-1ubuntu1

---------------
openldap2.3 (2.4.9-1ubuntu1) intrepid; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/apparmor-profile: add AppArmor profile
    - debian/slapd.postinst: Reload AA profile on configuration
    - updated debian/slapd.README.Debian for note on AppArmor
    - debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6
    - debian/control: Conflicts with apparmor-profiles << 2.1+1075-0ubuntu4
      to make sure that if earlier version of apparmour-profiles gets
      installed it won't overwrite our profile.
    - Modify Maintainer value to match the DebianMaintainerField
      speficication.
    - follow ApparmorProfileMigration and force apparmor compalin mode on
      some upgrades (LP: #203529)
    - debian/slapd.dirs: add etc/apparmor.d/force-complain
    - debian/slapd.preinst: create symlink for force-complain on pre-feisty
      upgrades, upgrades where apparmor-profiles profile is unchanged (ie
      non-enforcing) and upgrades where apparmor profile does not exist.
    - debian/slapd.postrm: remove symlink in force-complain/ on purge
    - debian/rules, debian/slapd.links: use hard links to slapd instead of
      symlinks for slap* so these applications aren't confined by apparmor
      (LP: #203898)
    - debian/patches/fix-assertion-io.patch: Fixes ber_flush2 assertion.
      (LP: #215904)
    - debian/patches/fix-dnpretty-assertion.patch: Fix dnPrettyNormal assertion
      error. (LP: #234196)
    - dropped debian/patches/fix-notify-crasher.patch: Fix modify timestamp crashes.
      (LP: #220724)
    - dropped debian/patches/SECURITY_CVE-2008-0658.patch. Already applied
      upstream.
   * Added debian/patches/fix-ucred-libc due to changes how newer glibc handle
     the ucred struct now.

openldap2.3 (2.4.9-1) unstable; urgency=low

  [ Updated debconf translations ]
  * French, thanks to Christian Perrier <email address hidden>.
    Closes: #471792.
  * Finnish, thanks to Esko Arajärvi <email address hidden>. Closes: #475238.
  * Czech, thanks to Miroslav Kure <email address hidden>.
    Closes: #480138.
  * Basque, thanks to Piarres Beobide <email address hidden>.
    Closes: #480177.
  * Vietnamese, thanks to Clytie Siddall <email address hidden>.
    Closes: #480181.
  * Galician, thanks to Jacobo Tarrio <email address hidden>. Closes: #480218.
  * Japanese, thanks to Kenshi Muto <email address hidden>. Closes: #480247.
  * Italian, thanks to Luca Monducci <email address hidden>. (Closes: #477718)
  * Brazilian Portuguese, thanks to Eder L. Marques <email address hidden>
    (Closes: #480172)
  * Portuguese, thanks to Tiago Fernandes <email address hidden>
    (Closes: #481126)
  * Russian, thanks to Yuri Kozlov <email address hidden> (Closes: #481214)
  * Dutch, thanks to "cobaco (aka Bart Cornelis)" <email address hidden>.
    Closes: #483014.

  [ Matthijs Mohlmann ]
  * New upstream release.
    - Bad entryUUID no longer crashes slapd. (Closes: #471867)
    - Fix assertion failure in some modify operations. (Closes: #474161)
    - Mention index in slapd.conf's man page. (Closes: #414650)
    - Fixes to slapd include handling. (Closes: #457261)
    - Fix syncrepl cookie truncation. (Closes: #464024)
    - Fix memory allocation in ldap_parse_page_control. (Closes: #464877)
    - Fix slapd crash when accessed by multiple threads. (Closes: #479237)
  * Acknowledge NMU.
    (Closes: #474976, #471225, #475856, #474652, #465875)
  * Bump Standards-Version to 3.7.3
  * Add versioned build dependency on libgnutls-dev (Closes: #466558)

  [ Russ Allbery ]
  * Use MAXPATHLEN rather than PATH_MAX, since OpenLDAP defines the
    former and the latter isn't defined on GNU Hurd. Thanks, Samuel
    Thibault. (Closes: #475744)

openldap2.3 (2.4.7-6.3) unstable; urgency=low

  * Non-maintainer upload.
  * Install all slapd relevant manpages into slapd package.
    (closes: #474976)
  * Make libldap-2.4-2 conflict against libldap2. (closes: #475856)

openldap2.3 (2.4.7-6.2) unstable; urgency=low

   * Non-maintainer upload to solve release goal issues.
   * Add LSB dependency header to init.d scripts (Closes: #474652)

openldap2.3 (2.4.7-6.1) unstable; urgency=high

  * Non-maintainer upload by security team.
  * Fix possible remote denial of service vulnerability in the BDB backend
    via a modrdn operation with a NOOP control
    (CVE-2008-0658; Closes: #465875).

 -- Chuck Short <email address hidden> Fri, 30 May 2008 17:09:53 +0100