commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2023-11-05 12:18:28 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.17445 (New) Package is "openldap2" Sun Nov 5 12:18:28 2023 rev:182 rq:1122990 version:2.6.6 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2023-09-13 20:43:14.403256382 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.17445/openldap2.changes 2023-11-05 12:18:30.976526003 +0100 @@ -1,0 +2,8 @@ +Fri Nov 3 06:33:07 UTC 2023 - Jan Engelhardt + +- Update to release 2.6.6 + * Fixed libldap handling of TCP KEEPALIVE options + * Fixed slapd callback handling with overlays that do extended +operations + +--- Old: openldap-2.6.4.tgz openldap-2.6.4.tgz.asc New: openldap-2.6.6.tgz openldap-2.6.6.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.QLxWkr/_old 2023-11-05 12:18:32.108567531 +0100 +++ /var/tmp/diff_new_pack.QLxWkr/_new 2023-11-05 12:18:32.108567531 +0100 @@ -26,11 +26,11 @@ %endif Name: openldap2%{name_suffix} +Version:2.6.6 +Release:0 Summary:An open source implementation of the Lightweight Directory Access Protocol License:OLDAP-2.8 Group: Productivity/Networking/LDAP/Servers -Version:2.6.4 -Release:0 URL:https://www.openldap.org Source0: https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz Source1: https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz.asc @@ -56,8 +56,6 @@ Patch5: 0005-pie-compile.dif Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch Patch16:0016-Clear-shared-key-only-in-close-function.patch - -BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: argon2-devel BuildRequires: cyrus-sasl-devel BuildRequires: db-devel @@ -240,12 +238,7 @@ Servers %prep -%setup -q -a 9 -n openldap-%{version} -%patch1 -p1 -%patch3 -p1 -%patch5 -p1 -%patch8 -p1 -%patch16 -p1 +%autosetup -a9 -p1 -n openldap-%{version} cp %{SOURCE5} . %build @@ -258,7 +251,7 @@ export CFLAGS="%{optflags} -Wno-format-extra-args -fno-strict-aliasing -DNDEBUG -DSLAP_CONFIG_DELETE -DSLAP_SCHEMA_EXPOSE -DLDAP_COLLECTIVE_ATTRIBUTES -DLDAP_USE_NON_BLOCKING_TLS" export STRIP="" ./configure \ ---prefix=/usr \ +--prefix="%_prefix" \ --sysconfdir=%{_sysconfdir} \ --libdir=%{_libdir} \ --libexecdir=%{_libdir} \ ++ openldap-2.6.4.tgz -> openldap-2.6.6.tgz ++ /work/SRC/openSUSE:Factory/openldap2/openldap-2.6.4.tgz /work/SRC/openSUSE:Factory/.openldap2.new.17445/openldap-2.6.6.tgz differ: char 5, line 1 ++ openldap2.conf ++ --- /var/tmp/diff_new_pack.QLxWkr/_old 2023-11-05 12:18:32.252572813 +0100 +++ /var/tmp/diff_new_pack.QLxWkr/_new 2023-11-05 12:18:32.256572960 +0100 @@ -1,3 +1,4 @@ # openldap needs a directory in /var/lib/: d /var/lib/ldap 0750 ldap ldap - +d /run/slapd 0755 ldap ldap -
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2023-09-13 20:43:13 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1766 (New) Package is "openldap2" Wed Sep 13 20:43:13 2023 rev:181 rq:1110389 version:2.6.4 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2023-06-20 16:48:25.835387468 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1766/openldap2.changes 2023-09-13 20:43:14.403256382 +0200 @@ -1,0 +2,5 @@ +Tue Sep 5 11:52:49 UTC 2023 - Thorsten Kukuk + +- Disable SLP by default for Factory and ALP (bsc#1214884) + +--- Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.KKvSb5/_old 2023-09-13 20:43:18.095387642 +0200 +++ /var/tmp/diff_new_pack.KKvSb5/_new 2023-09-13 20:43:18.095387642 +0200 @@ -64,7 +64,9 @@ BuildRequires: groff BuildRequires: libopenssl-devel BuildRequires: libtool +%if 0%{?suse_version} < 1600 BuildRequires: openslp-devel +%endif BuildRequires: sysuser-tools BuildRequires: unixODBC-devel # avoid cycle with krb5 @@ -279,7 +281,9 @@ --enable-sql=mod \ --enable-mdb=mod \ --enable-relay=mod \ +%if 0%{?suse_version} < 1600 --enable-slp \ +%endif --enable-overlays=mod \ --enable-syncprov=mod \ --enable-ppolicy=mod \
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2023-06-20 16:48:01 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.15902 (New) Package is "openldap2" Tue Jun 20 16:48:01 2023 rev:180 rq:1093975 version:2.6.4 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2023-04-16 16:06:50.968738862 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.15902/openldap2.changes 2023-06-20 16:48:25.835387468 +0200 @@ -7 +7 @@ - * Fixed libldap ldif_open_urlto check for failure (ITS#9904) + * Fixed libldap ldif_open_urlto check for failure (ITS#9904 CVE-2023-2953 boo#1211795) Other differences: --
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2023-04-16 16:06:47 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.19717 (New) Package is "openldap2" Sun Apr 16 16:06:47 2023 rev:179 rq:1079577 version:2.6.4 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-12-11 17:16:25.561810899 +0100 +++ /work/SRC/openSUSE:Factory/.openldap2.new.19717/openldap2.changes 2023-04-16 16:06:50.968738862 +0200 @@ -1,0 +2,55 @@ +Sat Apr 15 10:42:10 UTC 2023 - Dirk Müller + +- update to 2.6.4: + * Fixed client tools to remove 'h' and 'p' options + * Fixed ldapsearch memory leak with paged results (ITS#9860) + * Fixed libldap ldif_open_urlto check for failure (ITS#9904) + * Fixed libldap ldap_url_parsehosts check for failure + * Fixed liblunicode UTF8bvnormalize buffer size (ITS#9955) + * Fixed lloadd memory leaks (ITS#9907) + * Fixed lloadd shutdown code to protect memory correctly + * Fixed lloadd race in epoch.c (ITS#9947) + * Fixed lloadd potential deadlock with cn=monitor (ITS#9951) + * Fixed lloadd to keep listener base around when not active + * Fixed lloadd object reclamation sequencing (ITS#9983) + * Fixed slapd memory leak with olcAuthIDRewrite (ITS#6035) + * Fixed slapd free of redundant cmdline option (ITS#9912) + * Fixed slapd transactions extended operations cleanup after + * Fixed slapd deadlock with replicated cn=config + * Fixed slapd connection close logic (ITS#9991) + * Fixed slapd bconfig locking of cn=config entries (ITS#9045) + * Fixed slapd-mdb max number of index databases to 256 + * Fixed slapd-mdb to always release entries from ADD operations + * Fixed slapd-mdb to fully init empty DN in tool_entry_get + * Fixed slapd-monitor memory leaks with lloadd (ITS#9906) + * Fixed slapd-monitor to free remembered cookies (ITS#9339) + * Fixed slapo-accesslog reqStart ordering matching rule + * Fixed slapo-deref memory leak (ITS#9924) + * Fixed slapo-dynlist to ignore irrelevant objectClasses + * Fixed slapo-dynlist to avoid unnecessary searches (ITS#9929) + * Fixed slapo-dynlist to mark internal searches as such + * Fixed slapo-pcache crash in consistency_check (ITS#9966) + * Fixed slapo-remoteauth memory leaks (ITS#9438) + * Fixed slapo-rwm memory leaks (ITS#9817) + * Build Environment + * Fixed ancient DOS related ifdef checks (ITS#9925) + * Fixed build process to not use gmake specific features + * Fixed source tree to remove symlinks (ITS#9926) + * Fixed slapo-otp testdir creation (ITS#9437) + * Fixed slapd-tester memory leak (ITS#9908) + * Fixed usage of non-standard C syntax (ITS#9898, ITS#9899, +ITS#9901) + * Fixed usage of bashism (ITS#9900) + * Fixed test suite portability (ITS#9931) + * Documentation + * Fixed ldap_bind(3) to document ber_bvfree in ldap_sasl_bind +(ITS#9976) + * Fixed slapo-asyncmeta(5) to clarify scheduling for target +connections (ITS#9941) + * Fixed slapo-dynlist(5) to clarify configuration settings +(ITS#9957) + * Fixed slapo-unique(5) to clarify when quoting should be used +(ITS#9915) + * Minor cleanup + +--- Old: openldap-2.6.3.tgz openldap-2.6.3.tgz.asc New: openldap-2.6.4.tgz openldap-2.6.4.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.goFC4X/_old 2023-04-16 16:06:53.492753412 +0200 +++ /var/tmp/diff_new_pack.goFC4X/_new 2023-04-16 16:06:53.496753435 +0200 @@ -1,7 +1,7 @@ # # spec file # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,6 @@ %define run_test_suite 0 -%define version_main 2.6.3 %define slapdrundir %{_rundir}/slapd %define flavor @BUILD_FLAVOR@%{nil} %if "%flavor" == "contrib" @@ -30,11 +29,11 @@ Summary:An open source implementation of the Lightweight Directory Access Protocol License:OLDAP-2.8 Group: Productivity/Networking/LDAP/Servers -Version:%{version_main} +Version:2.6.4 Release:0 URL:https://www.openldap.org -Source0: https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version_main}.tgz -Source1: https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version_main}.tgz.asc +Source0: https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz +Source1:
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2022-12-11 17:16:24 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1835 (New) Package is "openldap2" Sun Dec 11 17:16:24 2022 rev:178 rq:1041973 version:2.6.3 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-10-28 19:29:03.074487176 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1835/openldap2.changes 2022-12-11 17:16:25.561810899 +0100 @@ -1,0 +2,6 @@ +Sat Dec 10 09:46:56 UTC 2022 - Dirk Müller + +- add reproducible.patch to avoid using compile-time specific date/time + constructs + +--- New: reproducible.patch Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.LGTB06/_old 2022-12-11 17:16:26.301815021 +0100 +++ /var/tmp/diff_new_pack.LGTB06/_new 2022-12-11 17:16:26.305815043 +0100 @@ -52,6 +52,7 @@ Source22: update-crc.sh Source23: slapd.conf Source24: slapd.conf.olctemplate +Patch1: reproducible.patch Patch3: 0003-LDAPI-socket-location.dif Patch5: 0005-pie-compile.dif Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch @@ -239,6 +240,7 @@ %prep %setup -q -a 9 -n openldap-%{version_main} +%patch1 -p1 %patch3 -p1 %patch5 -p1 %patch8 -p1 ++ reproducible.patch ++ Index: openldap-2.6.3/build/mkversion === --- openldap-2.6.3.orig/build/mkversion +++ openldap-2.6.3/build/mkversion @@ -77,7 +77,7 @@ static const char copyright[] = "COPYING RESTRICTIONS APPLY\n"; $static $const char $SYMBOL[] = -"@(#) \$$PACKAGE: $APPLICATION $VERSION (" __DATE__ " " __TIME__ ") \$\n" +"@(#) \$$PACKAGE: $APPLICATION $VERSION \$\n" "\t$WHOWHERE\n"; __EOF__
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2022-10-28 19:28:58 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.2275 (New) Package is "openldap2" Fri Oct 28 19:28:58 2022 rev:177 rq:1031423 version:2.6.3 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-07-29 16:46:57.446495658 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.2275/openldap2.changes 2022-10-28 19:29:03.074487176 +0200 @@ -1,0 +2,6 @@ +Mon Sep 26 05:16:18 UTC 2022 - William Brown + +- bsc#1202931 - CVE-2022-31253 - Openldap start script allowed the ldap user + to privilege escalate to root due to unbound chown commands. + +--- Other differences: -- ++ slapd.service ++ --- /var/tmp/diff_new_pack.xhBl8f/_old 2022-10-28 19:29:04.486494257 +0200 +++ /var/tmp/diff_new_pack.xhBl8f/_new 2022-10-28 19:29:04.490494277 +0200 @@ -6,6 +6,23 @@ Type=forking ExecStart=/usr/lib/openldap/start +# Hardening to prevent security escalation. +## Future hardening for FS protection. +# ProtectSystem=full +# ReadWritePaths=/etc/openldap/slapd.d /var/lib/ldap + +RestrictSUIDSGID=true +NoNewPrivileges=true +PrivateTmp=true +PrivateDevices=true +ProtectHostname=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +MemoryDenyWriteExecute=true + [Install] WantedBy=multi-user.target ++ start ++ --- /var/tmp/diff_new_pack.xhBl8f/_old 2022-10-28 19:29:04.506494358 +0200 +++ /var/tmp/diff_new_pack.xhBl8f/_new 2022-10-28 19:29:04.506494358 +0200 @@ -80,11 +80,17 @@ function chown_database_dirs_bconfig() { ldapdir=$(find $1 -type f -name "olcDatabase*" | xargs grep -i olcdbdirectory | awk '{print $2}') -for dir in $ldapdir; do +for dir in $(realpath ${ldapdir}); do +if [[ $dir =~ ^/var/lib/ldap$|^/var/lib/ldap/.* ]]; then [ -d "$dir" ] && [ -n "$OPENLDAP_USER" ] && \ -chown -R $OPENLDAP_USER $dir 2>/dev/null +chown -h -R $OPENLDAP_USER $dir 2>/dev/null [ -d "$dir" ] && [ -n "$OPENLDAP_GROUP" ] && \ -chgrp -R $OPENLDAP_GROUP $dir 2>/dev/null +chgrp -h -R $OPENLDAP_GROUP $dir 2>/dev/null +else +echo "Skipping chown -h of external directory for security reasons. You must manually run:" +echo "# chown -h -R $OPENLDAP_USER $dir" +echo "# chgrp -h -R $OPENLDAP_GROUP $dir" +fi done } @@ -92,9 +98,9 @@ ldapdir=`grep ^directory $1 | awk '{print $2}'` for dir in $ldapdir; do [ -d "$dir" ] && [ -n "$OPENLDAP_USER" ] && \ -chown -R $OPENLDAP_USER $dir 2>/dev/null +chown -h -R $OPENLDAP_USER $dir 2>/dev/null [ -d "$dir" ] && [ -n "$OPENLDAP_GROUP" ] && \ -chgrp -R $OPENLDAP_GROUP $dir 2>/dev/null +chgrp -h -R $OPENLDAP_GROUP $dir 2>/dev/null done includes=`grep ^include $1 | awk '{print $2}'` if [ $depth -le 50 ]; then @@ -112,30 +118,30 @@ [ ! "x$OPENLDAP_CONFIG_BACKEND" = "xldap" ] && SLAPD_CONFIG_ARG="-f /etc/openldap/slapd.conf" -# chown backend directories if OPENLDAP_CHOWN_DIRS ist set +# chown -h backend directories if OPENLDAP_CHOWN_DIRS ist set if [ "$(echo "$OPENLDAP_CHOWN_DIRS" | tr 'A-Z' 'a-z')" = "yes" ]; then if [ -n "$OPENLDAP_USER" -o -n "$OPENLDAP_GROUP" ]; then if [ -n "$OPENLDAP_CONFIG_BACKEND" -a "$OPENLDAP_CONFIG_BACKEND" = "ldap" ]; then -chown -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null -chgrp -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null +chown -h -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null +chgrp -h -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null chown_database_dirs_bconfig "/etc/openldap/slapd.d" # assume back-config usage if slapd.conf is not present but slapd.d is elif [ ! -f /etc/openldap/slapd.conf -a /etc/openldap/slapd.d ]; then -chown -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null -chgrp -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null +chown -h -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null +chgrp -h -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null chown_database_dirs_bconfig "/etc/openldap/slapd.d" else
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2022-07-29 16:46:54 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1533 (New) Package is "openldap2" Fri Jul 29 16:46:54 2022 rev:176 rq:990644 version:2.6.3 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-06-03 14:15:30.457226143 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1533/openldap2.changes 2022-07-29 16:46:57.446495658 +0200 @@ -1,0 +2,25 @@ +Thu Jul 14 21:22:41 UTC 2022 - Michael Str??der + +- removed obsolete 0017-Resolve-error-handling-in-new-ctx-when-global.patch +- update to 2.6.3 + * Fixed librewrite declaration of calloc (ITS#9841) + * Fixed libldap to check for NULL ld (ITS#9157) + * Fixed libldap memory leaks (ITS#9876) + * Fixed lloadd to correctly tag Notice of Disconnection (ITS#9856) + * Fixed slapd delta-sync DN leak on ADD ops (ITS#9866) + * Fixed slapd replication with back-glue (ITS#9868) + * Fixed slapd lastbind replication with chaining (ITS#9863) + * Fixed slapd-ldap to correctly set authzid (ITS#9863) + * Fixed slapd-mdb to check for stale readers on +MDB_READERS_FULL (ITS#7165) + * Fixed slapd-mdb indexer task with replicated config (ITS#9858) + * Fixed slapo-accesslog onetime memory leak (ITS#9864) + * Fixed slapo-ppolicy interaction with slapo-rwm (ITS#9871) + * Fixed slapo-rwm to handle escaping special characters (ITS#9817) + * Fixed slapo-syncprov memory leaks (ITS#9867) + * Fixed slapo-syncprov fallback in delta-sync mode (ITS#9823) + * Fixed slapo-unique to not release NULL entry (ITS#8245) + * doc: Fixed ldap_get_option(3) to clarify ldap_get/set_option +restrictions (ITS#9824) + +--- Old: 0017-Resolve-error-handling-in-new-ctx-when-global.patch openldap-2.6.2.tgz openldap-2.6.2.tgz.asc New: openldap-2.6.3.tgz openldap-2.6.3.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.kJCpW5/_old 2022-07-29 16:46:58.426498384 +0200 +++ /var/tmp/diff_new_pack.kJCpW5/_new 2022-07-29 16:46:58.430498395 +0200 @@ -17,7 +17,7 @@ %define run_test_suite 0 -%define version_main 2.6.2 +%define version_main 2.6.3 %define slapdrundir %{_rundir}/slapd %define flavor @BUILD_FLAVOR@%{nil} %if "%flavor" == "contrib" @@ -56,7 +56,6 @@ Patch5: 0005-pie-compile.dif Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch Patch16:0016-Clear-shared-key-only-in-close-function.patch -Patch17:0017-Resolve-error-handling-in-new-ctx-when-global.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: argon2-devel @@ -244,7 +243,6 @@ %patch5 -p1 %patch8 -p1 %patch16 -p1 -%patch17 -p1 cp %{SOURCE5} . %build ++ openldap-2.6.2.tgz -> openldap-2.6.3.tgz ++ /work/SRC/openSUSE:Factory/openldap2/openldap-2.6.2.tgz /work/SRC/openSUSE:Factory/.openldap2.new.1533/openldap-2.6.3.tgz differ: char 5, line 1
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2022-06-03 14:15:20 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1548 (New) Package is "openldap2" Fri Jun 3 14:15:20 2022 rev:175 rq:980334 version:2.6.2 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-05-23 15:51:44.562646212 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1548/openldap2.changes 2022-06-03 14:15:30.457226143 +0200 @@ -1,0 +2,44 @@ +Mon May 23 10:51:45 UTC 2022 - Michael Str??der + +- Update to release 2.6.2 + * Added support for OpenSSL 3.0 (ITS#9436) + * Fixed ldapdelete to prune LDAP subentries (ITS#9737) + * Fixed libldap to drop connection when non-LDAP data is +received (ITS#9803) + * Fixed libldap to allow newlines at end of included file +(ITS#9811) + * Fixed slapd slaptest conversion of olcLastBind (ITS#9808) + * Fixed slapd to correctly init global_host earlier (ITS#9787) + * Fixed slapd bconfig locking for cn=config replication +(ITS#9584) + * Fixed slapd usage of thread local counters (ITS#9789) + * Fixed slapd to clear runqueue task correctly (ITS#9785) + * Fixed slapd idletimeout handling (ITS#9820) + * Fixed slapd syncrepl handling of new sessions (ITS#9584) + * Fixed slapd to clear connections on bind (ITS#9799) + * Fixed slapd to correctly advance connections index (ITS#9831) + * Fixed slapd syncrepl ODSEE replication of unknown attr +(ITS#9801) + * Fixed slapd-asyncmeta memory leak in keepalive setting, +slapd-ldap memory leak in keepalive setting, SEGV on config +rewrite, ordering on config rewrite, memory leak in keepalive +setting (ITS#9802) + * Fixed slapo-pcache SEGV & slapd-monitor SEGV on shutdown +(ITS#9809) + * Fixed slapd-monitor crash when hitting sizelimit (ITS#9832) + * Fixed slapd-sql to properly escape filter value (ITS#9815) + * Fixed slapo-dynlist dynamic group regression (ITS#9825) + * Fixed slapo-ppolicy operation handling to be consistent +(ITS#9794) + * Fixed slapo-translucent to correctly duplicate substring +filters (ITS#9818) + * Contrib: + * Update ppm module to the 2.1 release (ITS#9814) + * Documentation: + * admin26: Document new lloadd features (ITS#9780) + * Fixed slapd.conf(5)/slapd-config(5) syncrepl +sizelimit/timelimit documentation (ITS#9804) + * Fixed slapd-sock(5) to clarify "sockresps result" behavior +(ITS#8255) + +--- Old: openldap-2.6.1.tgz openldap-2.6.1.tgz.asc New: openldap-2.6.2.tgz openldap-2.6.2.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.Jcd7i9/_old 2022-06-03 14:15:31.565227583 +0200 +++ /var/tmp/diff_new_pack.Jcd7i9/_new 2022-06-03 14:15:31.569227588 +0200 @@ -17,7 +17,7 @@ %define run_test_suite 0 -%define version_main 2.6.1 +%define version_main 2.6.2 %define slapdrundir %{_rundir}/slapd %define flavor @BUILD_FLAVOR@%{nil} %if "%flavor" == "contrib" ++ 0003-LDAPI-socket-location.dif ++ --- /var/tmp/diff_new_pack.Jcd7i9/_old 2022-06-03 14:15:31.605227635 +0200 +++ /var/tmp/diff_new_pack.Jcd7i9/_new 2022-06-03 14:15:31.609227640 +0200 @@ -1,23 +1,13 @@ -From 73f1a31ec1d90872ac6f09ffac5adfb199eba963 Mon Sep 17 00:00:00 2001 -From: Ralf Haferkamp -Date: Wed, 16 Jun 2010 14:06:42 +0200 -Subject: LDAPI socket location - - -diff --git a/include/ldap_defaults.h b/include/ldap_defaults.h -index 9dba666..b9780bc 100644 a/include/ldap_defaults.h -+++ b/include/ldap_defaults.h -@@ -39,7 +39,7 @@ - #define LDAP_ENV_PREFIX "LDAP" +diff -ur openldap-2.6.2.orig/include/ldap_defaults.h openldap-2.6.2/include/ldap_defaults.h +--- openldap-2.6.2.orig/include/ldap_defaults.h2022-05-04 16:55:23.0 +0200 openldap-2.6.2/include/ldap_defaults.h 2022-05-23 12:55:05.059335200 +0200 +@@ -40,7 +40,7 @@ /* default ldapi:// socket */ + #ifndef LDAPI_SOCK -#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi" +#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "ldapi" + #endif /* - * SLAPD DEFINITIONS --- -1.7.10.4 - ++ openldap-2.6.1.tgz -> openldap-2.6.2.tgz ++ /work/SRC/openSUSE:Factory/openldap2/openldap-2.6.1.tgz /work/SRC/openSUSE:Factory/.openldap2.new.1548/openldap-2.6.2.tgz differ: char 5, line 1
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2022-05-23 15:51:43 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.2254 (New) Package is "openldap2" Mon May 23 15:51:43 2022 rev:174 rq:978469 version:2.6.1 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-04-14 17:23:25.879120739 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.2254/openldap2.changes 2022-05-23 15:51:44.562646212 +0200 @@ -1,0 +2,6 @@ +Thu May 12 02:48:19 UTC 2022 - William Brown + +- bsc#1199277 - Resolve segfault when calling new ctx with global ctx +* 0017-Resolve-error-handling-in-new-ctx-when-global.patch + +--- New: 0017-Resolve-error-handling-in-new-ctx-when-global.patch Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.d5aPkT/_old 2022-05-23 15:51:45.282646891 +0200 +++ /var/tmp/diff_new_pack.d5aPkT/_new 2022-05-23 15:51:45.290646899 +0200 @@ -56,6 +56,7 @@ Patch5: 0005-pie-compile.dif Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch Patch16:0016-Clear-shared-key-only-in-close-function.patch +Patch17:0017-Resolve-error-handling-in-new-ctx-when-global.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: argon2-devel @@ -243,6 +244,7 @@ %patch5 -p1 %patch8 -p1 %patch16 -p1 +%patch17 -p1 cp %{SOURCE5} . %build ++ 0017-Resolve-error-handling-in-new-ctx-when-global.patch ++ >From 43778f8b24f86af411fb5ed6df69851459abe561 Mon Sep 17 00:00:00 2001 From: William Brown Date: Thu, 12 May 2022 12:46:57 +1000 Subject: [PATCH] Resolve error handling in new ctx when global --- libraries/libldap/tls2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c index 6d36db1984..f18992e781 100644 --- a/libraries/libldap/tls2.c +++ b/libraries/libldap/tls2.c @@ -989,7 +989,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg ) lo->ldo_tls_ctx = NULL; errmsg[0] = 0; rc = ldap_int_tls_init_ctx( lo, *(int *)arg, errmsg ); - if ( rc && errmsg[0] ) { + if ( ld && rc && errmsg[0] ) { if ( ld->ld_error ) LDAP_FREE( ld->ld_error ); ld->ld_error = LDAP_STRDUP( errmsg ); -- 2.36.1
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2022-04-14 17:23:15 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1941 (New) Package is "openldap2" Thu Apr 14 17:23:15 2022 rev:173 rq:969284 version:2.6.1 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-04-02 18:19:57.906662662 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1941/openldap2.changes 2022-04-14 17:23:25.879120739 +0200 @@ -1,0 +2,17 @@ +Mon Apr 11 20:52:33 UTC 2022 - Michael Str??der + +- Use libargon2 instead of libsodium because it supports p>1 +- Added new contrib overlays: authzid, datamorph, variant, vc + +--- +Sat Apr 2 22:57:29 UTC 2022 - Jan Engelhardt + +- Update to release 2.6.1 + * Ability to log directly to a file bypassing syslog + * back-ndb is retired + * back-sql and back-perl are deprecated + * lloadd(8): Additional load balancing strategies. + * lloadd(8): Additional options to improve coherence with certain +controls and extended operations. + +--- Old: openldap-2.5.9.tgz openldap-2.5.9.tgz.asc New: openldap-2.6.1.tgz openldap-2.6.1.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.QU94rl/_old 2022-04-14 17:23:26.819121837 +0200 +++ /var/tmp/diff_new_pack.QU94rl/_new 2022-04-14 17:23:26.823121842 +0200 @@ -17,7 +17,7 @@ %define run_test_suite 0 -%define version_main 2.5.9 +%define version_main 2.6.1 %define slapdrundir %{_rundir}/slapd %define flavor @BUILD_FLAVOR@%{nil} %if "%flavor" == "contrib" @@ -58,11 +58,11 @@ Patch16:0016-Clear-shared-key-only-in-close-function.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildRequires: argon2-devel BuildRequires: cyrus-sasl-devel BuildRequires: db-devel BuildRequires: groff BuildRequires: libopenssl-devel -BuildRequires: libsodium-devel BuildRequires: libtool BuildRequires: openslp-devel BuildRequires: sysuser-tools @@ -78,7 +78,7 @@ %{?systemd_requires} %endif Requires: /usr/bin/awk -Requires: libldap-2_5-0 = %{version_main} +Requires: libldap2 = %{version_main} Recommends: cyrus-sasl Conflicts: openldap PreReq: %fillup_prereq @@ -152,7 +152,9 @@ allop allowed Generates attributes indicating access rights autogroup +authzid implements RFC 3829 support cloak +datamorph store enumerated values and fixed size integers denyop lastbind writes last bind timestamp to entry noopsrch handles no-op search control @@ -160,6 +162,8 @@ pw-pbkdf2 generates/validates PBKDF2 password hashes smbk5pwd generates Samba3 password hashes (heimdal krb disabled) trace traces overlay invocation +variant allows attributes/values to be shared between several entries +vcimplements the verify credentials extended operation %package doc Summary:OpenLDAP Documentation @@ -173,7 +177,7 @@ %package client Summary:OpenLDAP client utilities Group: Productivity/Networking/LDAP/Clients -Requires: libldap-2_5-0 = %{version_main} +Requires: libldap2 = %{version_main} %description client OpenLDAP client utilities such as ldapadd, ldapsearch, ldapmodify. @@ -187,7 +191,7 @@ %endif # Conflicts: openldap-devel -Requires: libldap-2_5-0 = %{version_main} +Requires: libldap2 = %{version_main} Recommends: cyrus-sasl-devel %description devel @@ -205,18 +209,18 @@ This package provides the static versions of the OpenLDAP libraries for development. -%package -n libldap-2_5-0 +%package -n libldap2 Summary:OpenLDAP Client Libraries Group: Productivity/Networking/LDAP/Clients Recommends: libldap-data >= %{version_main} -%description -n libldap-2_5-0 +%description -n libldap2 This package contains the OpenLDAP client libraries. %package -n libldapcpp-devel Summary:C++ wrapper around openLDAP API Group: Development/Libraries/C and C++ -Requires: libldapcpp0 = %{version} +Requires: libldapcpp0 = %{version_main} Requires: openldap2-devel %description -n libldapcpp-devel @@ -226,7 +230,7 @@ %package -n libldapcpp0 Summary:C++ wrapper around openLDAP API Group: Development/Libraries/C and C++ -Provides: ldapcpplib = %{version} +Provides: ldapcpplib = %{version_main} Obsoletes: ldapcpplib <= 0.0.5 %description -n libldapcpp0 @@ -234,7 +238,6
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2022-04-02 18:19:54 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1900 (New) Package is "openldap2" Sat Apr 2 18:19:54 2022 rev:172 rq:965879 version:2.5.9 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-10-21 10:21:24.563897504 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1900/openldap2.changes 2022-04-02 18:19:57.906662662 +0200 @@ -1,0 +2,110 @@ +Sat Mar 26 14:08:57 UTC 2022 - Stephan Kulow + +- Add _multibuild support to integrate the build of libldapcpp-devel + to drop the outdated copy + +--- +Mon Oct 25 22:03:53 UTC 2021 - Michael Str??der + +- update to 2.5.9 + +OpenLDAP 2.5.9 Release (2021/10/25) +Fixed slapo-accesslog to initialize minCSN on import of 2.4 databases (ITS#9720) + +--- +Mon Oct 11 18:46:13 UTC 2021 - Michael Str??der + +- update to 2.5.8 + +OpenLDAP 2.5.8 Release (2021/10/11) +Fixed libldap ldap_int_tls_connect: isdigit() requires unsigned char (ITS#9668) +Fixed libldap memory leak in ldap_get_option LDAP_OPT_X_TLS_PEERCERT (ITS#9696) +Fixed slapd to allow normalized values for namingContexts in cn=monitor (ITS#8341) +Fixed slapd to normalize the suffix in rootDSE (ITS#9664) +Fixed slapd slapadd to avoid destroying configDB prematurely (ITS#9678) +Fixed slapd to not spam logs with lastbind information (ITS#9156) +Fixed slapd slaptest migration to correctly set olcTSLVerifyClient (ITS#9711) +Fixed slapd-mdb multival delete handling (ITS#9712) +Fixed slapd-sql ldap_entry_objectclass table for mariadb/mysql (ITS#9679) +Fixed slapd-wt multiple issues (ITS#9463) +Fixed slapd-wt to close cache db correctly (ITS#9631) +Fixed slapo-ppolicy to restore OpenLDAP 2.4 compatibilty (ITS#9671) +Fixed slapo-syncprov to free uuid list when finished replaying sessionlog (ITS#6467) +Build +Fixed libldap result.c compilation on musl systems (ITS#9648) +Fixed slapd duplicate definition of peerbv (ITS#9659) +Fixed test suite with memberof modular builds (ITS#9464) +Contrib +Added man page for ppm contrib module (ITS#9644) +Fix crash when pwdCheckModuleArg is not defined for ppm (ITS#9656) +Documentation +Fixed guide download link for heimdal (ITS#9669) +Fixed guide documentation for TLSECName (ITS#9687) +Fixed guide documentation missing tags (ITS#9693) +Fixed guide loadbalancer typo (ITS#9699) +Fixed guide synprov-nopresent redundant text (ITS#9689) +Fixed guide various typos and fix config alignment (ITS#9706) +Removed ppolicy.schema from servers/slapd/schema/README (ITS#9156) +Fixed slapd.conf(5)/slapd-config(5) to document default for database monitoring (ITS#9674) +Fixed slapd-meta(5)/slapd-asyncmeta(5) verbiage for try-propagate (ITS#9646) +Fixed slapo-syncprov(5) to note entryCSN indexing is highly recommended (ITS#9688) + +--- +Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner + +- Update to upstream version 2.5.7 + Fixed lloadd client state tracking (ITS#9624) + Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) + Fixed slapd-ldif duplicate controls response (ITS#9497) + Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) + Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) + Fixed slapd-mdb idlexp maximum size handling (ITS#9637) + Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) + Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) + Fixed slapd-sql to close transactions after bind and search (ITS#9630) + Fixed slapo-accesslog to make reqMod optional (ITS#9569) + Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) + Documentation + slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) + slapo-accesslog(5) note that reqMod is optional (ITS#9569) + Add ldapvc(1) man page (ITS#9549) + Add guide section on load balancer (ITS#9443) + Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) + Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) + Updated guide to document removal of deprecated options from client tools (ITS#9200) +
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-10-21 10:21:23 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1890 (New) Package is "openldap2" Thu Oct 21 10:21:23 2021 rev:171 rq: version:unknown Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-10-20 20:22:58.661329682 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1890/openldap2.changes 2021-10-21 10:21:24.563897504 +0200 @@ -2,96 +1,0 @@ -Mon Oct 11 18:46:13 UTC 2021 - Michael Str??der - -- update to 2.5.8 - -OpenLDAP 2.5.8 Release (2021/10/11) -Fixed libldap ldap_int_tls_connect: isdigit() requires unsigned char (ITS#9668) -Fixed libldap memory leak in ldap_get_option LDAP_OPT_X_TLS_PEERCERT (ITS#9696) -Fixed slapd to allow normalized values for namingContexts in cn=monitor (ITS#8341) -Fixed slapd to normalize the suffix in rootDSE (ITS#9664) -Fixed slapd slapadd to avoid destroying configDB prematurely (ITS#9678) -Fixed slapd to not spam logs with lastbind information (ITS#9156) -Fixed slapd slaptest migration to correctly set olcTSLVerifyClient (ITS#9711) -Fixed slapd-mdb multival delete handling (ITS#9712) -Fixed slapd-sql ldap_entry_objectclass table for mariadb/mysql (ITS#9679) -Fixed slapd-wt multiple issues (ITS#9463) -Fixed slapd-wt to close cache db correctly (ITS#9631) -Fixed slapo-ppolicy to restore OpenLDAP 2.4 compatibilty (ITS#9671) -Fixed slapo-syncprov to free uuid list when finished replaying sessionlog (ITS#6467) -Build -Fixed libldap result.c compilation on musl systems (ITS#9648) -Fixed slapd duplicate definition of peerbv (ITS#9659) -Fixed test suite with memberof modular builds (ITS#9464) -Contrib -Added man page for ppm contrib module (ITS#9644) -Fix crash when pwdCheckModuleArg is not defined for ppm (ITS#9656) -Documentation -Fixed guide download link for heimdal (ITS#9669) -Fixed guide documentation for TLSECName (ITS#9687) -Fixed guide documentation missing tags (ITS#9693) -Fixed guide loadbalancer typo (ITS#9699) -Fixed guide synprov-nopresent redundant text (ITS#9689) -Fixed guide various typos and fix config alignment (ITS#9706) -Removed ppolicy.schema from servers/slapd/schema/README (ITS#9156) -Fixed slapd.conf(5)/slapd-config(5) to document default for database monitoring (ITS#9674) -Fixed slapd-meta(5)/slapd-asyncmeta(5) verbiage for try-propagate (ITS#9646) -Fixed slapo-syncprov(5) to note entryCSN indexing is highly recommended (ITS#9688) - -Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner - -- Update to upstream version 2.5.7 - Fixed lloadd client state tracking (ITS#9624) - Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) - Fixed slapd-ldif duplicate controls response (ITS#9497) - Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) - Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) - Fixed slapd-mdb idlexp maximum size handling (ITS#9637) - Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) - Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) - Fixed slapd-sql to close transactions after bind and search (ITS#9630) - Fixed slapo-accesslog to make reqMod optional (ITS#9569) - Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) - Documentation - slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) - slapo-accesslog(5) note that reqMod is optional (ITS#9569) - Add ldapvc(1) man page (ITS#9549) - Add guide section on load balancer (ITS#9443) - Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) - Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) - Updated guide to document removal of deprecated options from client tools (ITS#9200) - -Fri Jul 30 13:30:05 UTC 2021 - Philipp Wagner - -- Major version update to 2.5.6 - See https://www.openldap.org/software/release/announce.html for a list of - changes. -- The threaded version of the OpenLDAP libraries, libldap_r, has been merged - with libldap with 2.5. Removed all related downstream changes, including the - openldap-r-only.dif patch. - Introduce a new compatibility symlink in the other direction: libldap_r -
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-10-20 20:22:46 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1890 (New) Package is "openldap2" Wed Oct 20 20:22:46 2021 rev:170 rq:924764 version:2.5.8 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-09-05 08:45:44.972186056 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1890/openldap2.changes 2021-10-20 20:22:58.661329682 +0200 @@ -1,0 +2,96 @@ +Mon Oct 11 18:46:13 UTC 2021 - Michael Str??der + +- update to 2.5.8 + +OpenLDAP 2.5.8 Release (2021/10/11) +Fixed libldap ldap_int_tls_connect: isdigit() requires unsigned char (ITS#9668) +Fixed libldap memory leak in ldap_get_option LDAP_OPT_X_TLS_PEERCERT (ITS#9696) +Fixed slapd to allow normalized values for namingContexts in cn=monitor (ITS#8341) +Fixed slapd to normalize the suffix in rootDSE (ITS#9664) +Fixed slapd slapadd to avoid destroying configDB prematurely (ITS#9678) +Fixed slapd to not spam logs with lastbind information (ITS#9156) +Fixed slapd slaptest migration to correctly set olcTSLVerifyClient (ITS#9711) +Fixed slapd-mdb multival delete handling (ITS#9712) +Fixed slapd-sql ldap_entry_objectclass table for mariadb/mysql (ITS#9679) +Fixed slapd-wt multiple issues (ITS#9463) +Fixed slapd-wt to close cache db correctly (ITS#9631) +Fixed slapo-ppolicy to restore OpenLDAP 2.4 compatibilty (ITS#9671) +Fixed slapo-syncprov to free uuid list when finished replaying sessionlog (ITS#6467) +Build +Fixed libldap result.c compilation on musl systems (ITS#9648) +Fixed slapd duplicate definition of peerbv (ITS#9659) +Fixed test suite with memberof modular builds (ITS#9464) +Contrib +Added man page for ppm contrib module (ITS#9644) +Fix crash when pwdCheckModuleArg is not defined for ppm (ITS#9656) +Documentation +Fixed guide download link for heimdal (ITS#9669) +Fixed guide documentation for TLSECName (ITS#9687) +Fixed guide documentation missing tags (ITS#9693) +Fixed guide loadbalancer typo (ITS#9699) +Fixed guide synprov-nopresent redundant text (ITS#9689) +Fixed guide various typos and fix config alignment (ITS#9706) +Removed ppolicy.schema from servers/slapd/schema/README (ITS#9156) +Fixed slapd.conf(5)/slapd-config(5) to document default for database monitoring (ITS#9674) +Fixed slapd-meta(5)/slapd-asyncmeta(5) verbiage for try-propagate (ITS#9646) +Fixed slapo-syncprov(5) to note entryCSN indexing is highly recommended (ITS#9688) + +--- +Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner + +- Update to upstream version 2.5.7 + Fixed lloadd client state tracking (ITS#9624) + Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) + Fixed slapd-ldif duplicate controls response (ITS#9497) + Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) + Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) + Fixed slapd-mdb idlexp maximum size handling (ITS#9637) + Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) + Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) + Fixed slapd-sql to close transactions after bind and search (ITS#9630) + Fixed slapo-accesslog to make reqMod optional (ITS#9569) + Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) + Documentation + slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) + slapo-accesslog(5) note that reqMod is optional (ITS#9569) + Add ldapvc(1) man page (ITS#9549) + Add guide section on load balancer (ITS#9443) + Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) + Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) + Updated guide to document removal of deprecated options from client tools (ITS#9200) + +--- +Fri Jul 30 13:30:05 UTC 2021 - Philipp Wagner + +- Major version update to 2.5.6 + See https://www.openldap.org/software/release/announce.html for a list of + changes. +- The threaded version of the OpenLDAP libraries, libldap_r, has been merged + with libldap with 2.5. Removed all related downstream changes, including the + openldap-r-only.dif patch. + Introduce a new compatibility symlink in the other direction: libldap_r
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-09-05 08:45:43 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1899 (New) Package is "openldap2" Sun Sep 5 08:45:43 2021 rev:169 rq: version:unknown Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-09-03 21:25:43.758149060 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1899/openldap2.changes 2021-09-05 08:45:44.972186056 +0200 @@ -2,58 +1,0 @@ -Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner - -- Update to upstream version 2.5.7 - Fixed lloadd client state tracking (ITS#9624) - Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) - Fixed slapd-ldif duplicate controls response (ITS#9497) - Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) - Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) - Fixed slapd-mdb idlexp maximum size handling (ITS#9637) - Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) - Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) - Fixed slapd-sql to close transactions after bind and search (ITS#9630) - Fixed slapo-accesslog to make reqMod optional (ITS#9569) - Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) - Documentation - slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) - slapo-accesslog(5) note that reqMod is optional (ITS#9569) - Add ldapvc(1) man page (ITS#9549) - Add guide section on load balancer (ITS#9443) - Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) - Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) - Updated guide to document removal of deprecated options from client tools (ITS#9200) - -Fri Jul 30 13:30:05 UTC 2021 - Philipp Wagner - -- Major version update to 2.5.6 - See https://www.openldap.org/software/release/announce.html for a list of - changes. -- The threaded version of the OpenLDAP libraries, libldap_r, has been merged - with libldap with 2.5. Removed all related downstream changes, including the - openldap-r-only.dif patch. - Introduce a new compatibility symlink in the other direction: libldap_r - pointing to libldap. -- Removed the ppolicy-check-password module. It is unmaintained and does not - build any more. As part of that also remove the patch - patch 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch, which - is applied to this module. -- Removed patch 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch - Fixed upstream in 2.5 (ITS#8866) -- Updated patch 0005-pie-compile.dif - Removed the hunks on back-bdb and back-hdb, which are retired backends in 2.5. -- Removed patch 0007-Recover-on-DB-version-change.dif - The back-bdb backend was retired. -- Removed patch 0011-openldap-re24-its7796.patch - Fixed upstream in 2.5 (ITS#7796) -- Remove non-existant configure arguments: - --enable-rewrite, --enable-monitor, --enable-lmpasswd -- Add the --enable-dynacl configure option, which is required for --enable-aci -- Add the --with-argon2 configure option and remove it from the contrib - modules, since it is now official (ITS#9453). -- Pass mandir to smbk5pwd to ensure the man page ends up in /usr/share. -- Include the new overlays in libdir/openldap in the packages. -- Add the pkgconfig files to the devel package. -- Remove compat macro for _fillupdir, which was introduced in Nov 2017 and - should be widely available now. - @@ -3315,0 +3258 @@ + Old: openldap-2.5.7.tgz openldap-2.5.7.tgz.asc New: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch 0007-Recover-on-DB-version-change.dif 0011-openldap-re24-its7796.patch 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch openldap-2.4.59.tgz openldap-2.4.59.tgz.asc openldap-r-only.dif ppolicy-check-password-1.2.tar.gz ppolicy-check-password.5 ppolicy-check-password.Makefile ppolicy-check-password.conf Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.Zgm5Z6/_old 2021-09-05 08:45:45.888187094 +0200 +++ /var/tmp/diff_new_pack.Zgm5Z6/_new 2021-09-05 08:45:45.888187094 +0200 @@ -16,8 +16,16 @@ # +#Compat macro for new _fillupdir macro introduced in Nov 2017 +%if !
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-09-03 21:25:35 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1899 (New) Package is "openldap2" Fri Sep 3 21:25:35 2021 rev:168 rq:914629 version:2.5.7 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-06-09 21:51:11.966356818 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1899/openldap2.changes 2021-09-03 21:25:43.758149060 +0200 @@ -1,0 +2,58 @@ +Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner + +- Update to upstream version 2.5.7 + Fixed lloadd client state tracking (ITS#9624) + Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) + Fixed slapd-ldif duplicate controls response (ITS#9497) + Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) + Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) + Fixed slapd-mdb idlexp maximum size handling (ITS#9637) + Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) + Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) + Fixed slapd-sql to close transactions after bind and search (ITS#9630) + Fixed slapo-accesslog to make reqMod optional (ITS#9569) + Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) + Documentation + slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) + slapo-accesslog(5) note that reqMod is optional (ITS#9569) + Add ldapvc(1) man page (ITS#9549) + Add guide section on load balancer (ITS#9443) + Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) + Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) + Updated guide to document removal of deprecated options from client tools (ITS#9200) + +--- +Fri Jul 30 13:30:05 UTC 2021 - Philipp Wagner + +- Major version update to 2.5.6 + See https://www.openldap.org/software/release/announce.html for a list of + changes. +- The threaded version of the OpenLDAP libraries, libldap_r, has been merged + with libldap with 2.5. Removed all related downstream changes, including the + openldap-r-only.dif patch. + Introduce a new compatibility symlink in the other direction: libldap_r + pointing to libldap. +- Removed the ppolicy-check-password module. It is unmaintained and does not + build any more. As part of that also remove the patch + patch 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch, which + is applied to this module. +- Removed patch 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch + Fixed upstream in 2.5 (ITS#8866) +- Updated patch 0005-pie-compile.dif + Removed the hunks on back-bdb and back-hdb, which are retired backends in 2.5. +- Removed patch 0007-Recover-on-DB-version-change.dif + The back-bdb backend was retired. +- Removed patch 0011-openldap-re24-its7796.patch + Fixed upstream in 2.5 (ITS#7796) +- Remove non-existant configure arguments: + --enable-rewrite, --enable-monitor, --enable-lmpasswd +- Add the --enable-dynacl configure option, which is required for --enable-aci +- Add the --with-argon2 configure option and remove it from the contrib + modules, since it is now official (ITS#9453). +- Pass mandir to smbk5pwd to ensure the man page ends up in /usr/share. +- Include the new overlays in libdir/openldap in the packages. +- Add the pkgconfig files to the devel package. +- Remove compat macro for _fillupdir, which was introduced in Nov 2017 and + should be widely available now. + +--- @@ -3258 +3315,0 @@ - Old: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch 0007-Recover-on-DB-version-change.dif 0011-openldap-re24-its7796.patch 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch openldap-2.4.59.tgz openldap-2.4.59.tgz.asc openldap-r-only.dif ppolicy-check-password-1.2.tar.gz ppolicy-check-password.5 ppolicy-check-password.Makefile ppolicy-check-password.conf New: openldap-2.5.7.tgz openldap-2.5.7.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.dterPe/_old 2021-09-03 21:25:44.798150144 +0200 +++ /var/tmp/diff_new_pack.dterPe/_new 2021-09-03 21:25:44.802150148 +0200 @@ -16,16 +16,8 @@ # -#Compat macro for new _fillupdir macro introduced in Nov 2017 -%if !
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-06-09 21:51:11 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.32437 (New) Package is "openldap2" Wed Jun 9 21:51:11 2021 rev:167 rq:897312 version:unknown Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-03-19 16:39:58.861856899 +0100 +++ /work/SRC/openSUSE:Factory/.openldap2.new.32437/openldap2.changes 2021-06-09 21:51:11.966356818 +0200 @@ -1,0 +2,18 @@ +Fri Jun 4 00:06:15 UTC 2021 - Michael Str??der + +- updated to 2.4.59 + +OpenLDAP 2.4.59 Release (2021/06/03) +Fixed libldap TLSv1.3 cipher suites with OpenSSL 1.1.1 (ITS#9521) +Fixed libldap double free of LDAP_OPT_DEFBASE (ITS#9530) +Fixed slapd syncrepl handling of add+delete on single value attr (ITS#9295) +Fixed slapd-mdb cursor init check (ITS#9526) +Fixed slapd-mdb deletion of context entry (ITS#9531) +Fixed slapd-mdb off-by-one affecting search scope (ITS#9557) +Fixed slapo-pcache locking during expiration (ITS#9529) +Contrib +Fixed slapo-autogroup to not thrash thread context (ITS#9494) +Documentation +ldap_modify(3) - Delete non-existent mod_next parameter (ITS#9559) + +--- Old: openldap-2.4.58.tgz openldap-2.4.58.tgz.asc New: openldap-2.4.59.tgz openldap-2.4.59.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.kluxit/_old 2021-06-09 21:51:12.822358344 +0200 +++ /var/tmp/diff_new_pack.kluxit/_new 2021-06-09 21:51:12.826358351 +0200 @@ -22,7 +22,7 @@ %endif %define run_test_suite 0 -%define version_main 2.4.58 +%define version_main 2.4.59 %define name_ppolicy_check_module ppolicy-check-password %define version_ppolicy_check_module 1.2 %define ppolicy_docdir %{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module} ++ openldap-2.4.58.tgz -> openldap-2.4.59.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.58/CHANGES new/openldap-2.4.59/CHANGES --- old/openldap-2.4.58/CHANGES 2021-03-16 18:09:58.0 +0100 +++ new/openldap-2.4.59/CHANGES 2021-06-03 20:40:31.0 +0200 @@ -1,5 +1,18 @@ OpenLDAP 2.4 Change Log +OpenLDAP 2.4.59 Release (2021/06/03) + Fixed libldap TLSv1.3 cipher suites with OpenSSL 1.1.1 (ITS#9521) + Fixed libldap double free of LDAP_OPT_DEFBASE (ITS#9530) + Fixed slapd syncrepl handling of add+delete on single value attr (ITS#9295) + Fixed slapd-mdb cursor init check (ITS#9526) + Fixed slapd-mdb deletion of context entry (ITS#9531) + Fixed slapd-mdb off-by-one affecting search scope (ITS#9557) + Fixed slapo-pcache locking during expiration (ITS#9529) + Contrib + Fixed slapo-autogroup to not thrash thread context (ITS#9494) + Documentation + ldap_modify(3) - Delete non-existent mod_next parameter (ITS#9559) + OpenLDAP 2.4.58 Release (2021/03/16) Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9454) Fixed slapd to alloc new conn struct after freeing old one (ITS#9458) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.58/build/version.var new/openldap-2.4.59/build/version.var --- old/openldap-2.4.58/build/version.var 2021-03-16 18:09:58.0 +0100 +++ new/openldap-2.4.59/build/version.var 2021-06-03 20:40:31.0 +0200 @@ -15,9 +15,9 @@ ol_package=OpenLDAP ol_major=2 ol_minor=4 -ol_patch=58 -ol_api_inc=20458 +ol_patch=59 +ol_api_inc=20459 ol_api_current=13 -ol_api_revision=6 +ol_api_revision=7 ol_api_age=11 -ol_release_date="2021/03/16" +ol_release_date="2021/06/03" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.58/contrib/slapd-modules/autogroup/autogroup.c new/openldap-2.4.59/contrib/slapd-modules/autogroup/autogroup.c --- old/openldap-2.4.58/contrib/slapd-modules/autogroup/autogroup.c 2021-03-16 18:09:58.0 +0100 +++ new/openldap-2.4.59/contrib/slapd-modules/autogroup/autogroup.c 2021-06-03 20:40:31.0 +0200 @@ -2071,7 +2071,7 @@ return 0; } - connection_fake_init( , , thrctx ); + connection_fake_init2( , , thrctx, 0 ); op = _op; op->ors_attrsonly = 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.58/doc/guide/admin/guide.html
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-03-19 16:39:53 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.2401 (New) Package is "openldap2" Fri Mar 19 16:39:53 2021 rev:166 rq:879500 version:unknown Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-01-20 18:23:13.475299835 +0100 +++ /work/SRC/openSUSE:Factory/.openldap2.new.2401/openldap2.changes 2021-03-19 16:39:58.861856899 +0100 @@ -1,0 +2,11 @@ +Tue Mar 16 20:15:53 UTC 2021 - Michael Str??der + +- updated to 2.4.58 + +OpenLDAP 2.4.58 Release (2021/03/16) +Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9454) +Fixed slapd to alloc new conn struct after freeing old one (ITS#9458) +Fixed slapd syncrepl to check all contextCSNs (ITS#9282) +Fixed slapd-bdb lockdetect config (ITS#9449) + +--- Old: openldap-2.4.57.tgz openldap-2.4.57.tgz.asc New: openldap-2.4.58.tgz openldap-2.4.58.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.AyGUAJ/_old 2021-03-19 16:39:59.649857962 +0100 +++ /var/tmp/diff_new_pack.AyGUAJ/_new 2021-03-19 16:39:59.653857967 +0100 @@ -22,7 +22,7 @@ %endif %define run_test_suite 0 -%define version_main 2.4.57 +%define version_main 2.4.58 %define name_ppolicy_check_module ppolicy-check-password %define version_ppolicy_check_module 1.2 %define ppolicy_docdir %{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module} @@ -229,7 +229,8 @@ URL:https://github.com/onyxpoint/ppolicy-check-password BuildRequires: cracklib-devel Requires: openldap2 = %version_main -Recommends: cracklib cracklib-dict-full +Recommends: cracklib +Recommends: cracklib-dict-full %description ppolicy-check-password An implementation of password quality check module, based on the original ++ openldap-2.4.57.tgz -> openldap-2.4.58.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.57/CHANGES new/openldap-2.4.58/CHANGES --- old/openldap-2.4.57/CHANGES 2021-01-18 21:08:39.0 +0100 +++ new/openldap-2.4.58/CHANGES 2021-03-16 18:09:58.0 +0100 @@ -1,5 +1,11 @@ OpenLDAP 2.4 Change Log +OpenLDAP 2.4.58 Release (2021/03/16) + Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9454) + Fixed slapd to alloc new conn struct after freeing old one (ITS#9458) + Fixed slapd syncrepl to check all contextCSNs (ITS#9282) + Fixed slapd-bdb lockdetect config (ITS#9449) + OpenLDAP 2.4.57 Release (2021/01/18) Fixed ldapexop to use correct return code (ITS#9417) Fixed slapd to remove asserts in UUIDNormalize (ITS#9391) @@ -79,7 +85,7 @@ Fix test064 so it no longer uses bashisms (ITS#9263) Contrib Fix default prefix value for pw-argon2, pw-pbkdf2 modules (ITS#9248) - slapo-allowed - Fix usage of unitialized variable (ITS#9308) + slapo-allowed - Fix usage of uninitialized variable (ITS#9308) Documentation ldap_parse_result(3) - Document ldap_parse_intermediate (ITS#9271) @@ -156,7 +162,7 @@ Fixed libldap to correctly close TLS connection (ITS#8755) Fixed libldap with non-blocking TLS and referals (ITS#8167) Fixed libldap_r handling of deprecated OpenSSL function (ITS#8353) - Fixed liblunicode case correspondance (ITS#8508) + Fixed liblunicode case correspondence (ITS#8508) Fixed slapd with an idletimeout of less than four seconds (ITS#8952) Fixed slapd config parser variable for Windows64 (ITS#9012) Fixed slapd syncrepl fallback handling with delta-syncrepl (ITS#9015) @@ -,7 +1117,7 @@ Fixed slapd-ldap chaining with onelevel scope (ITS#6699) Fixed slapd-ldap chaining with ppolicy (ITS#6540) Fixed slapd-ldap with SASL/EXTERNAL (ITS#6642) - Fixed slapd-ldap crasher on matchedDN (ITS#6793) + Fixed slapd-ldap crash on matchedDN (ITS#6793) Fixed slapd-ldap with unknown objectClasses (ITS#6814) Fixed slapd-ldif error strings (ITS#6731) Fixed slapd-ndb to honor rootpw setting (ITS#6661) @@ -1148,7 +1154,7 @@ Fixed slapo-refint when last group member is deleted (ITS#6663) Fixed slapo-refint with subtree rename (ITS#6730) Fixed slapo-rwm double free (ITS#6720) - Fixed slapo-rwm crasher (ITS#6632,ITS#6727) + Fixed slapo-rwm crash (ITS#6632,ITS#6727) Fixed
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-01-20 18:23:10 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.28504 (New) Package is "openldap2" Wed Jan 20 18:23:10 2021 rev:165 rq:864146 version:unknown Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2020-12-22 11:25:29.676723121 +0100 +++ /work/SRC/openSUSE:Factory/.openldap2.new.28504/openldap2.changes 2021-01-20 18:23:13.475299835 +0100 @@ -1,0 +2,22 @@ +Mon Jan 18 20:31:58 UTC 2021 - Michael Str??der + +- updated to 2.4.57 + +OpenLDAP 2.4.57 Release (2021/01/18) + Fixed ldapexop to use correct return code (ITS#9417) + Fixed slapd to remove asserts in UUIDNormalize (ITS#9391) + Fixed slapd to remove assert in csnValidate (ITS#9410) + Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9411, ITS#9427) + Fixed slapd validity checks for serialNumberAndIssuerCheck (ITS#9404, ITS#9424) + Fixed slapd AVA sort with invalid RDN (ITS#9412) + Fixed slapd ldap_X509dn2bv to check for invalid BER after RDN count (ITS#9423, ITS#9425) + Fixed slapd saslauthz to remove asserts in validation (ITS#9406, ITS#9407) + Fixed slapd saslauthz to use slap_sl_free on normalized DN (ITS#9409) + Fixed slapd saslauthz SEGV in slap_parse_user (ITS#9413) + Fixed slapd modrdn memory leak (ITS#9420) + Fixed slapd double-free in vrfilter (ITS#9408) + Fixed slapd cancel operation to correctly terminate (ITS#9428) + Fixed slapd-ldap fix binds on retry with closed connection (ITS#9400) + Fixed slapo-syncprov to ignore duplicate sessionlog entries (ITS#9394) + +--- Old: openldap-2.4.56.tgz openldap-2.4.56.tgz.asc New: openldap-2.4.57.tgz openldap-2.4.57.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.zEYlbV/_old 2021-01-20 18:23:14.503300595 +0100 +++ /var/tmp/diff_new_pack.zEYlbV/_new 2021-01-20 18:23:14.507300598 +0100 @@ -1,7 +1,7 @@ # # spec file for package openldap2 # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ %endif %define run_test_suite 0 -%define version_main 2.4.56 +%define version_main 2.4.57 %define name_ppolicy_check_module ppolicy-check-password %define version_ppolicy_check_module 1.2 %define ppolicy_docdir %{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module} ++ openldap-2.4.56.tgz -> openldap-2.4.57.tgz ++ 14131 lines of diff (skipped)
commit openldap2 for openSUSE:Factory
Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2020-12-10 15:56:28 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.2328 (New) Package is "openldap2" Thu Dec 10 15:56:28 2020 rev:163 rq:854039 version:unknown Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2020-10-30 11:45:53.841613264 +0100 +++ /work/SRC/openSUSE:Factory/.openldap2.new.2328/openldap2.changes 2020-12-10 15:56:30.834762817 +0100 @@ -1,0 +2,10 @@ +Wed Nov 11 12:13:27 UTC 2020 - Michael Ströder + +- updated to 2.4.56 + +OpenLDAP 2.4.56 Release (2020/11/10) + Fixed slapd to remove assert in certificateListValidate (ITS#9383) + Fixed slapd to remove assert in csnNormalize23 (ITS#9384) + Fixed slapd to better parse ldapi listener URIs (ITS#9379) + +--- Old: openldap-2.4.55.tgz New: openldap-2.4.56.tgz Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.QXGnP9/_old 2020-12-10 15:56:31.850763773 +0100 +++ /var/tmp/diff_new_pack.QXGnP9/_new 2020-12-10 15:56:31.854763777 +0100 @@ -22,7 +22,7 @@ %endif %define run_test_suite 0 -%define version_main 2.4.55 +%define version_main 2.4.56 %define name_ppolicy_check_module ppolicy-check-password %define version_ppolicy_check_module 1.2 %define ppolicy_docdir %{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module} ++ openldap-2.4.55.tgz -> openldap-2.4.56.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.55/CHANGES new/openldap-2.4.56/CHANGES --- old/openldap-2.4.55/CHANGES 2020-10-26 20:02:25.0 +0100 +++ new/openldap-2.4.56/CHANGES 2020-11-10 19:22:13.0 +0100 @@ -1,5 +1,10 @@ OpenLDAP 2.4 Change Log +OpenLDAP 2.4.56 Release (2020/11/10) + Fixed slapd to remove assert in certificateListValidate (ITS#9383) + Fixed slapd to remove assert in csnNormalize23 (ITS#9384) + Fixed slapd to better parse ldapi listener URIs (ITS#9379) + OpenLDAP 2.4.55 Release (2020/10/26) Fixed slapd normalization handling with modrdn (ITS#9370) Fixed slapd-meta to check ldap_install_tls return code (ITS#9366) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.55/build/version.var new/openldap-2.4.56/build/version.var --- old/openldap-2.4.55/build/version.var 2020-10-26 20:02:25.0 +0100 +++ new/openldap-2.4.56/build/version.var 2020-11-10 19:22:13.0 +0100 @@ -15,9 +15,9 @@ ol_package=OpenLDAP ol_major=2 ol_minor=4 -ol_patch=55 -ol_api_inc=20455 +ol_patch=56 +ol_api_inc=20456 ol_api_current=13 -ol_api_revision=3 +ol_api_revision=4 ol_api_age=11 -ol_release_date="2020/10/26" +ol_release_date="2020/11/10" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.55/doc/guide/admin/guide.html new/openldap-2.4.56/doc/guide/admin/guide.html --- old/openldap-2.4.55/doc/guide/admin/guide.html 2020-10-26 21:16:38.0 +0100 +++ new/openldap-2.4.56/doc/guide/admin/guide.html 2020-11-10 19:35:13.0 +0100 @@ -23,7 +23,7 @@ OpenLDAP Software 2.4 Administrator's Guide The OpenLDAP Project http://www.openldap.org/;>http://www.openldap.org/ -26 October 2020 +10 November 2020 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.55/servers/slapd/daemon.c new/openldap-2.4.56/servers/slapd/daemon.c --- old/openldap-2.4.55/servers/slapd/daemon.c 2020-10-26 20:02:25.0 +0100 +++ new/openldap-2.4.56/servers/slapd/daemon.c 2020-11-10 19:22:13.0 +0100 @@ -1423,6 +1423,14 @@ } #endif /* LDAP_PF_LOCAL || SLAP_X_LISTENER_MOD */ + if ( lud->lud_dn && lud->lud_dn[0] ) { + sprintf( (char *)url, "%s://%s/", lud->lud_scheme, lud->lud_host ); + Debug( LDAP_DEBUG_ANY, "daemon: listener URL %s DN must be absent (%s)\n", + url, lud->lud_dn, 0 ); + ldap_free_urldesc( lud ); + return -1; + } + ldap_free_urldesc( lud ); if ( err ) { slap_free_listener_addresses(sal); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.55/servers/slapd/schema_init.c new/openldap-2.4.56/servers/slapd/schema_init.c --- old/openldap-2.4.55/servers/slapd/schema_init.c 2020-10-26 20:02:25.0 +0100 +++ new/openldap-2.4.56/servers/slapd/schema_init.c 2020-11-10 19:22:13.0 +0100 @@