Your message dated Sun, 21 May 2006 07:42:18 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#343113: fixed in openldap2.3 2.3.23-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: slapd
Version: 2.2.26-5
Severity: important
Clear slapd installation of mentioned version results in wrong admin
password. After some debugging I have found out following:
function crypt_admin_pass is called twice:
first time with correct password entered in the process of configuration
second time with slapd/password1 cleared to empty string
Therefore empty string is hashed and stored in the LDAP database as an
admin password.
In my humble opinion it's better to clean all passwords in one
function wipe_admin_password for instance:
db_set slapd/internal/adminpw ""
db_set slapd/password1 ""
db_set slapd/password2 ""
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14.2
Locale: LANG=en_US, LC_CTYPE=sk_SK (charmap=ISO-8859-1) (ignored: LC_ALL
set to en_US)
--- End Message ---
--- Begin Message ---
Source: openldap2.3
Source-Version: 2.3.23-1
We believe that the bug you reported is fixed in the latest version of
openldap2.3, which is due to be installed in the Debian FTP archive:
ldap-utils_2.3.23-1_i386.deb
to pool/main/o/openldap2.3/ldap-utils_2.3.23-1_i386.deb
libldap-2.3-0_2.3.23-1_i386.deb
to pool/main/o/openldap2.3/libldap-2.3-0_2.3.23-1_i386.deb
openldap2.3_2.3.23-1.diff.gz
to pool/main/o/openldap2.3/openldap2.3_2.3.23-1.diff.gz
openldap2.3_2.3.23-1.dsc
to pool/main/o/openldap2.3/openldap2.3_2.3.23-1.dsc
openldap2.3_2.3.23.orig.tar.gz
to pool/main/o/openldap2.3/openldap2.3_2.3.23.orig.tar.gz
slapd_2.3.23-1_i386.deb
to pool/main/o/openldap2.3/slapd_2.3.23-1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Matthijs Mohlmann <[EMAIL PROTECTED]> (supplier of updated openldap2.3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 13 May 2006 00:28:11 +0200
Source: openldap2.3
Binary: slapd ldap-utils libldap-2.3-0
Architecture: source i386
Version: 2.3.23-1
Distribution: unstable
Urgency: low
Maintainer: Debian OpenLDAP Maintainers <[EMAIL PROTECTED]>
Changed-By: Matthijs Mohlmann <[EMAIL PROTECTED]>
Description:
ldap-utils - OpenLDAP utilities
libldap-2.3-0 - OpenLDAP libraries
slapd - OpenLDAP server (slapd)
Closes: 190165 195079 236097 294701 299100 301292 308416 308906 310282 310282
315158 319155 319596 319706 320739 327808 332053 335618 343113 347725 353877
353897 356554
Changes:
openldap2.3 (2.3.23-1) unstable; urgency=low
.
[ Matthijs Mohlmann ]
* New upstream release. (Closes: #308906, #310282, #353877, #335618, #315158)
(Closes: #310282, #319155)
* OpenLDAP checks database before starting up.
(Closes: #190165, #195079, #294701, #308416)
* move_old_database_away isn't called in a while loop anymore (which would
kill debconf interaction) (Closes: #299100)
* BDB_CONFIG file will be installed on new installations (Closes: #301292)
* Move to dh_install.
* Move to quilt patch system.
* Fix manpage.
* Make ldiftopasswd and fix_ldif executable. (fixes lintian warnings)
* Wipe passwords after we created the initial configuration.
* The config scripts is runned twice, this causes the password in
slapd/internal/adminpw to be empty. This fixes the issue with having an
empty password in the ldap database. (Closes: #343113, #347725)
* Added #DEBHELPER# token to fix a lintian warning.
* bdb has changed between major versions, so dump the database and import it
again for versions before 2.3.19.
* Remove comments from debian/control (The out commented control information
is actually in debian/control.dev)
* Enable all backends and overlays with: --enable-backends=mod and
--enable-overlays=mod
* Add | debconf-2.0 to unblock cdebconf transition (Closes: #332053)
* Added Danish debconf translation (Closes: #353897)
* Updated French debconf translation (Closes: #320739)
* Updated Vietnamese debconf translation (Closes: #319706)
* Updated Czech debconf translation (Closes: #356554)
* Encode the organization to utf8 (Closes: #236097)
* Disabled the LDBM backend. Break in preinstallation if user doesn't want
to migrate to BDB backend.
* Removed choice for LDBM backend from slapd templates. And some explanation
in that question about the LDBM backend.
* Add sizelimit and tool-threads and some documentation to slapd.conf
(Closes: #327808)
* slapd.scripts-common had two functions with the same name.
* Don't return a error message if hostname fails.
* Backup the config only once on upgrade.
* For new installations do not install a DB_CONFIG file but use the
slapd.conf as file for BDB/HDB configuration parameters. See: slapd-bdb(5)
* Added various "exit 0" to the installation scripts.
* Add configure.in patch to fix C comparison what should be bash (ITS#4416)
* Raise debconf configuration level from low to medium for
slapd/no_configuration.
* Updated Standards-Version to 3.7.2.0
* Added build-dependency on perl which is used in the debian/rules file.
Considered by lintian.
* Added lintian override for too-long-extended-description-in-templates, it
is an explanation about the backends.
.
[ Steve Langasek ]
* debian/slapd.templates: Fix typo durin -> during; re-run
debconf-updatepo, fixing up the fuzzies (closes: #319596).
.
[ Torsten Landschoff ]
* debian/slapd.scripts-common: Rename backend_supported to
upgrade_supported_from_backend for more clarity.
Files:
86488a5e5fa100878ec20e128001c3a8 1161 net optional openldap2.3_2.3.23-1.dsc
46b5a2f92c798d542f7bb545f118b04a 3755995 net optional
openldap2.3_2.3.23.orig.tar.gz
a8156d1c6bb10e57eca456ff4223f7a9 173993 net optional
openldap2.3_2.3.23-1.diff.gz
889e786d0ff9bd94a071f6e3a3c97338 1139104 net optional slapd_2.3.23-1_i386.deb
64a97a9b2b0c3ecd4bad2d8bd4673d8b 150784 net optional
ldap-utils_2.3.23-1_i386.deb
55b72a1a97d0a6c77a3663e6128e3c5a 263674 libs important
libldap-2.3-0_2.3.23-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEbwYydQgHtVUb5EcRArQqAJ9o5ocaBwJ1Ya6QpYk/YirgtsoNYgCZAcAR
TFbLgjcMnbzQPfe0LsZ1ic8=
=PeFU
-----END PGP SIGNATURE-----
--- End Message ---
