commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2023-11-05 12:18:28
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.17445 (New)
Package is "openldap2"
Sun Nov 5 12:18:28 2023 rev:182 rq:1122990 version:2.6.6
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2023-09-13
20:43:14.403256382 +0200
+++ /work/SRC/openSUSE:Factory/.openldap2.new.17445/openldap2.changes
2023-11-05 12:18:30.976526003 +0100
@@ -1,0 +2,8 @@
+Fri Nov 3 06:33:07 UTC 2023 - Jan Engelhardt
+
+- Update to release 2.6.6
+ * Fixed libldap handling of TCP KEEPALIVE options
+ * Fixed slapd callback handling with overlays that do extended
+operations
+
+---
Old:
openldap-2.6.4.tgz
openldap-2.6.4.tgz.asc
New:
openldap-2.6.6.tgz
openldap-2.6.6.tgz.asc
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.QLxWkr/_old 2023-11-05 12:18:32.108567531 +0100
+++ /var/tmp/diff_new_pack.QLxWkr/_new 2023-11-05 12:18:32.108567531 +0100
@@ -26,11 +26,11 @@
%endif
Name: openldap2%{name_suffix}
+Version:2.6.6
+Release:0
Summary:An open source implementation of the Lightweight Directory
Access Protocol
License:OLDAP-2.8
Group: Productivity/Networking/LDAP/Servers
-Version:2.6.4
-Release:0
URL:https://www.openldap.org
Source0:
https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz
Source1:
https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz.asc
@@ -56,8 +56,6 @@
Patch5: 0005-pie-compile.dif
Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch
Patch16:0016-Clear-shared-key-only-in-close-function.patch
-
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: argon2-devel
BuildRequires: cyrus-sasl-devel
BuildRequires: db-devel
@@ -240,12 +238,7 @@
Servers
%prep
-%setup -q -a 9 -n openldap-%{version}
-%patch1 -p1
-%patch3 -p1
-%patch5 -p1
-%patch8 -p1
-%patch16 -p1
+%autosetup -a9 -p1 -n openldap-%{version}
cp %{SOURCE5} .
%build
@@ -258,7 +251,7 @@
export CFLAGS="%{optflags} -Wno-format-extra-args -fno-strict-aliasing
-DNDEBUG -DSLAP_CONFIG_DELETE -DSLAP_SCHEMA_EXPOSE -DLDAP_COLLECTIVE_ATTRIBUTES
-DLDAP_USE_NON_BLOCKING_TLS"
export STRIP=""
./configure \
---prefix=/usr \
+--prefix="%_prefix" \
--sysconfdir=%{_sysconfdir} \
--libdir=%{_libdir} \
--libexecdir=%{_libdir} \
++ openldap-2.6.4.tgz -> openldap-2.6.6.tgz ++
/work/SRC/openSUSE:Factory/openldap2/openldap-2.6.4.tgz
/work/SRC/openSUSE:Factory/.openldap2.new.17445/openldap-2.6.6.tgz differ: char
5, line 1
++ openldap2.conf ++
--- /var/tmp/diff_new_pack.QLxWkr/_old 2023-11-05 12:18:32.252572813 +0100
+++ /var/tmp/diff_new_pack.QLxWkr/_new 2023-11-05 12:18:32.256572960 +0100
@@ -1,3 +1,4 @@
# openldap needs a directory in /var/lib/:
d /var/lib/ldap 0750 ldap ldap -
+d /run/slapd 0755 ldap ldap -
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2023-09-13 20:43:13
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.1766 (New)
Package is "openldap2"
Wed Sep 13 20:43:13 2023 rev:181 rq:1110389 version:2.6.4
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2023-06-20
16:48:25.835387468 +0200
+++ /work/SRC/openSUSE:Factory/.openldap2.new.1766/openldap2.changes
2023-09-13 20:43:14.403256382 +0200
@@ -1,0 +2,5 @@
+Tue Sep 5 11:52:49 UTC 2023 - Thorsten Kukuk
+
+- Disable SLP by default for Factory and ALP (bsc#1214884)
+
+---
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.KKvSb5/_old 2023-09-13 20:43:18.095387642 +0200
+++ /var/tmp/diff_new_pack.KKvSb5/_new 2023-09-13 20:43:18.095387642 +0200
@@ -64,7 +64,9 @@
BuildRequires: groff
BuildRequires: libopenssl-devel
BuildRequires: libtool
+%if 0%{?suse_version} < 1600
BuildRequires: openslp-devel
+%endif
BuildRequires: sysuser-tools
BuildRequires: unixODBC-devel
# avoid cycle with krb5
@@ -279,7 +281,9 @@
--enable-sql=mod \
--enable-mdb=mod \
--enable-relay=mod \
+%if 0%{?suse_version} < 1600
--enable-slp \
+%endif
--enable-overlays=mod \
--enable-syncprov=mod \
--enable-ppolicy=mod \
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2023-06-20 16:48:01 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.15902 (New) Package is "openldap2" Tue Jun 20 16:48:01 2023 rev:180 rq:1093975 version:2.6.4 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2023-04-16 16:06:50.968738862 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.15902/openldap2.changes 2023-06-20 16:48:25.835387468 +0200 @@ -7 +7 @@ - * Fixed libldap ldif_open_urlto check for failure (ITS#9904) + * Fixed libldap ldif_open_urlto check for failure (ITS#9904 CVE-2023-2953 boo#1211795) Other differences: --
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2023-04-16 16:06:47
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.19717 (New)
Package is "openldap2"
Sun Apr 16 16:06:47 2023 rev:179 rq:1079577 version:2.6.4
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-12-11
17:16:25.561810899 +0100
+++ /work/SRC/openSUSE:Factory/.openldap2.new.19717/openldap2.changes
2023-04-16 16:06:50.968738862 +0200
@@ -1,0 +2,55 @@
+Sat Apr 15 10:42:10 UTC 2023 - Dirk Müller
+
+- update to 2.6.4:
+ * Fixed client tools to remove 'h' and 'p' options
+ * Fixed ldapsearch memory leak with paged results (ITS#9860)
+ * Fixed libldap ldif_open_urlto check for failure (ITS#9904)
+ * Fixed libldap ldap_url_parsehosts check for failure
+ * Fixed liblunicode UTF8bvnormalize buffer size (ITS#9955)
+ * Fixed lloadd memory leaks (ITS#9907)
+ * Fixed lloadd shutdown code to protect memory correctly
+ * Fixed lloadd race in epoch.c (ITS#9947)
+ * Fixed lloadd potential deadlock with cn=monitor (ITS#9951)
+ * Fixed lloadd to keep listener base around when not active
+ * Fixed lloadd object reclamation sequencing (ITS#9983)
+ * Fixed slapd memory leak with olcAuthIDRewrite (ITS#6035)
+ * Fixed slapd free of redundant cmdline option (ITS#9912)
+ * Fixed slapd transactions extended operations cleanup after
+ * Fixed slapd deadlock with replicated cn=config
+ * Fixed slapd connection close logic (ITS#9991)
+ * Fixed slapd bconfig locking of cn=config entries (ITS#9045)
+ * Fixed slapd-mdb max number of index databases to 256
+ * Fixed slapd-mdb to always release entries from ADD operations
+ * Fixed slapd-mdb to fully init empty DN in tool_entry_get
+ * Fixed slapd-monitor memory leaks with lloadd (ITS#9906)
+ * Fixed slapd-monitor to free remembered cookies (ITS#9339)
+ * Fixed slapo-accesslog reqStart ordering matching rule
+ * Fixed slapo-deref memory leak (ITS#9924)
+ * Fixed slapo-dynlist to ignore irrelevant objectClasses
+ * Fixed slapo-dynlist to avoid unnecessary searches (ITS#9929)
+ * Fixed slapo-dynlist to mark internal searches as such
+ * Fixed slapo-pcache crash in consistency_check (ITS#9966)
+ * Fixed slapo-remoteauth memory leaks (ITS#9438)
+ * Fixed slapo-rwm memory leaks (ITS#9817)
+ * Build Environment
+ * Fixed ancient DOS related ifdef checks (ITS#9925)
+ * Fixed build process to not use gmake specific features
+ * Fixed source tree to remove symlinks (ITS#9926)
+ * Fixed slapo-otp testdir creation (ITS#9437)
+ * Fixed slapd-tester memory leak (ITS#9908)
+ * Fixed usage of non-standard C syntax (ITS#9898, ITS#9899,
+ITS#9901)
+ * Fixed usage of bashism (ITS#9900)
+ * Fixed test suite portability (ITS#9931)
+ * Documentation
+ * Fixed ldap_bind(3) to document ber_bvfree in ldap_sasl_bind
+(ITS#9976)
+ * Fixed slapo-asyncmeta(5) to clarify scheduling for target
+connections (ITS#9941)
+ * Fixed slapo-dynlist(5) to clarify configuration settings
+(ITS#9957)
+ * Fixed slapo-unique(5) to clarify when quoting should be used
+(ITS#9915)
+ * Minor cleanup
+
+---
Old:
openldap-2.6.3.tgz
openldap-2.6.3.tgz.asc
New:
openldap-2.6.4.tgz
openldap-2.6.4.tgz.asc
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.goFC4X/_old 2023-04-16 16:06:53.492753412 +0200
+++ /var/tmp/diff_new_pack.goFC4X/_new 2023-04-16 16:06:53.496753435 +0200
@@ -1,7 +1,7 @@
#
# spec file
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,6 @@
%define run_test_suite 0
-%define version_main 2.6.3
%define slapdrundir %{_rundir}/slapd
%define flavor @BUILD_FLAVOR@%{nil}
%if "%flavor" == "contrib"
@@ -30,11 +29,11 @@
Summary:An open source implementation of the Lightweight Directory
Access Protocol
License:OLDAP-2.8
Group: Productivity/Networking/LDAP/Servers
-Version:%{version_main}
+Version:2.6.4
Release:0
URL:https://www.openldap.org
-Source0:
https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version_main}.tgz
-Source1:
https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version_main}.tgz.asc
+Source0:
https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz
+Source1:
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2022-12-11 17:16:24
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.1835 (New)
Package is "openldap2"
Sun Dec 11 17:16:24 2022 rev:178 rq:1041973 version:2.6.3
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-10-28
19:29:03.074487176 +0200
+++ /work/SRC/openSUSE:Factory/.openldap2.new.1835/openldap2.changes
2022-12-11 17:16:25.561810899 +0100
@@ -1,0 +2,6 @@
+Sat Dec 10 09:46:56 UTC 2022 - Dirk Müller
+
+- add reproducible.patch to avoid using compile-time specific date/time
+ constructs
+
+---
New:
reproducible.patch
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.LGTB06/_old 2022-12-11 17:16:26.301815021 +0100
+++ /var/tmp/diff_new_pack.LGTB06/_new 2022-12-11 17:16:26.305815043 +0100
@@ -52,6 +52,7 @@
Source22: update-crc.sh
Source23: slapd.conf
Source24: slapd.conf.olctemplate
+Patch1: reproducible.patch
Patch3: 0003-LDAPI-socket-location.dif
Patch5: 0005-pie-compile.dif
Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch
@@ -239,6 +240,7 @@
%prep
%setup -q -a 9 -n openldap-%{version_main}
+%patch1 -p1
%patch3 -p1
%patch5 -p1
%patch8 -p1
++ reproducible.patch ++
Index: openldap-2.6.3/build/mkversion
===
--- openldap-2.6.3.orig/build/mkversion
+++ openldap-2.6.3/build/mkversion
@@ -77,7 +77,7 @@ static const char copyright[] =
"COPYING RESTRICTIONS APPLY\n";
$static $const char $SYMBOL[] =
-"@(#) \$$PACKAGE: $APPLICATION $VERSION (" __DATE__ " " __TIME__ ") \$\n"
+"@(#) \$$PACKAGE: $APPLICATION $VERSION \$\n"
"\t$WHOWHERE\n";
__EOF__
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2022-10-28 19:28:58
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.2275 (New)
Package is "openldap2"
Fri Oct 28 19:28:58 2022 rev:177 rq:1031423 version:2.6.3
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-07-29
16:46:57.446495658 +0200
+++ /work/SRC/openSUSE:Factory/.openldap2.new.2275/openldap2.changes
2022-10-28 19:29:03.074487176 +0200
@@ -1,0 +2,6 @@
+Mon Sep 26 05:16:18 UTC 2022 - William Brown
+
+- bsc#1202931 - CVE-2022-31253 - Openldap start script allowed the ldap user
+ to privilege escalate to root due to unbound chown commands.
+
+---
Other differences:
--
++ slapd.service ++
--- /var/tmp/diff_new_pack.xhBl8f/_old 2022-10-28 19:29:04.486494257 +0200
+++ /var/tmp/diff_new_pack.xhBl8f/_new 2022-10-28 19:29:04.490494277 +0200
@@ -6,6 +6,23 @@
Type=forking
ExecStart=/usr/lib/openldap/start
+# Hardening to prevent security escalation.
+## Future hardening for FS protection.
+# ProtectSystem=full
+# ReadWritePaths=/etc/openldap/slapd.d /var/lib/ldap
+
+RestrictSUIDSGID=true
+NoNewPrivileges=true
+PrivateTmp=true
+PrivateDevices=true
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+MemoryDenyWriteExecute=true
+
[Install]
WantedBy=multi-user.target
++ start ++
--- /var/tmp/diff_new_pack.xhBl8f/_old 2022-10-28 19:29:04.506494358 +0200
+++ /var/tmp/diff_new_pack.xhBl8f/_new 2022-10-28 19:29:04.506494358 +0200
@@ -80,11 +80,17 @@
function chown_database_dirs_bconfig() {
ldapdir=$(find $1 -type f -name "olcDatabase*" | xargs grep -i
olcdbdirectory | awk '{print $2}')
-for dir in $ldapdir; do
+for dir in $(realpath ${ldapdir}); do
+if [[ $dir =~ ^/var/lib/ldap$|^/var/lib/ldap/.* ]]; then
[ -d "$dir" ] && [ -n "$OPENLDAP_USER" ] && \
-chown -R $OPENLDAP_USER $dir 2>/dev/null
+chown -h -R $OPENLDAP_USER $dir 2>/dev/null
[ -d "$dir" ] && [ -n "$OPENLDAP_GROUP" ] && \
-chgrp -R $OPENLDAP_GROUP $dir 2>/dev/null
+chgrp -h -R $OPENLDAP_GROUP $dir 2>/dev/null
+else
+echo "Skipping chown -h of external directory for security
reasons. You must manually run:"
+echo "# chown -h -R $OPENLDAP_USER $dir"
+echo "# chgrp -h -R $OPENLDAP_GROUP $dir"
+fi
done
}
@@ -92,9 +98,9 @@
ldapdir=`grep ^directory $1 | awk '{print $2}'`
for dir in $ldapdir; do
[ -d "$dir" ] && [ -n "$OPENLDAP_USER" ] && \
-chown -R $OPENLDAP_USER $dir 2>/dev/null
+chown -h -R $OPENLDAP_USER $dir 2>/dev/null
[ -d "$dir" ] && [ -n "$OPENLDAP_GROUP" ] && \
-chgrp -R $OPENLDAP_GROUP $dir 2>/dev/null
+chgrp -h -R $OPENLDAP_GROUP $dir 2>/dev/null
done
includes=`grep ^include $1 | awk '{print $2}'`
if [ $depth -le 50 ]; then
@@ -112,30 +118,30 @@
[ ! "x$OPENLDAP_CONFIG_BACKEND" = "xldap" ] && SLAPD_CONFIG_ARG="-f
/etc/openldap/slapd.conf"
-# chown backend directories if OPENLDAP_CHOWN_DIRS ist set
+# chown -h backend directories if OPENLDAP_CHOWN_DIRS ist set
if [ "$(echo "$OPENLDAP_CHOWN_DIRS" | tr 'A-Z' 'a-z')" = "yes" ]; then
if [ -n "$OPENLDAP_USER" -o -n "$OPENLDAP_GROUP" ]; then
if [ -n "$OPENLDAP_CONFIG_BACKEND" -a "$OPENLDAP_CONFIG_BACKEND" =
"ldap" ]; then
-chown -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null
-chgrp -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null
+chown -h -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null
+chgrp -h -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null
chown_database_dirs_bconfig "/etc/openldap/slapd.d"
# assume back-config usage if slapd.conf is not present but slapd.d is
elif [ ! -f /etc/openldap/slapd.conf -a /etc/openldap/slapd.d ]; then
-chown -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null
-chgrp -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null
+chown -h -R $OPENLDAP_USER /etc/openldap/slapd.d 2>/dev/null
+chgrp -h -R $OPENLDAP_GROUP /etc/openldap/slapd.d 2>/dev/null
chown_database_dirs_bconfig "/etc/openldap/slapd.d"
else
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2022-07-29 16:46:54
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.1533 (New)
Package is "openldap2"
Fri Jul 29 16:46:54 2022 rev:176 rq:990644 version:2.6.3
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-06-03
14:15:30.457226143 +0200
+++ /work/SRC/openSUSE:Factory/.openldap2.new.1533/openldap2.changes
2022-07-29 16:46:57.446495658 +0200
@@ -1,0 +2,25 @@
+Thu Jul 14 21:22:41 UTC 2022 - Michael Str??der
+
+- removed obsolete 0017-Resolve-error-handling-in-new-ctx-when-global.patch
+- update to 2.6.3
+ * Fixed librewrite declaration of calloc (ITS#9841)
+ * Fixed libldap to check for NULL ld (ITS#9157)
+ * Fixed libldap memory leaks (ITS#9876)
+ * Fixed lloadd to correctly tag Notice of Disconnection (ITS#9856)
+ * Fixed slapd delta-sync DN leak on ADD ops (ITS#9866)
+ * Fixed slapd replication with back-glue (ITS#9868)
+ * Fixed slapd lastbind replication with chaining (ITS#9863)
+ * Fixed slapd-ldap to correctly set authzid (ITS#9863)
+ * Fixed slapd-mdb to check for stale readers on
+MDB_READERS_FULL (ITS#7165)
+ * Fixed slapd-mdb indexer task with replicated config (ITS#9858)
+ * Fixed slapo-accesslog onetime memory leak (ITS#9864)
+ * Fixed slapo-ppolicy interaction with slapo-rwm (ITS#9871)
+ * Fixed slapo-rwm to handle escaping special characters (ITS#9817)
+ * Fixed slapo-syncprov memory leaks (ITS#9867)
+ * Fixed slapo-syncprov fallback in delta-sync mode (ITS#9823)
+ * Fixed slapo-unique to not release NULL entry (ITS#8245)
+ * doc: Fixed ldap_get_option(3) to clarify ldap_get/set_option
+restrictions (ITS#9824)
+
+---
Old:
0017-Resolve-error-handling-in-new-ctx-when-global.patch
openldap-2.6.2.tgz
openldap-2.6.2.tgz.asc
New:
openldap-2.6.3.tgz
openldap-2.6.3.tgz.asc
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.kJCpW5/_old 2022-07-29 16:46:58.426498384 +0200
+++ /var/tmp/diff_new_pack.kJCpW5/_new 2022-07-29 16:46:58.430498395 +0200
@@ -17,7 +17,7 @@
%define run_test_suite 0
-%define version_main 2.6.2
+%define version_main 2.6.3
%define slapdrundir %{_rundir}/slapd
%define flavor @BUILD_FLAVOR@%{nil}
%if "%flavor" == "contrib"
@@ -56,7 +56,6 @@
Patch5: 0005-pie-compile.dif
Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch
Patch16:0016-Clear-shared-key-only-in-close-function.patch
-Patch17:0017-Resolve-error-handling-in-new-ctx-when-global.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: argon2-devel
@@ -244,7 +243,6 @@
%patch5 -p1
%patch8 -p1
%patch16 -p1
-%patch17 -p1
cp %{SOURCE5} .
%build
++ openldap-2.6.2.tgz -> openldap-2.6.3.tgz ++
/work/SRC/openSUSE:Factory/openldap2/openldap-2.6.2.tgz
/work/SRC/openSUSE:Factory/.openldap2.new.1533/openldap-2.6.3.tgz differ: char
5, line 1
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2022-06-03 14:15:20
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.1548 (New)
Package is "openldap2"
Fri Jun 3 14:15:20 2022 rev:175 rq:980334 version:2.6.2
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-05-23
15:51:44.562646212 +0200
+++ /work/SRC/openSUSE:Factory/.openldap2.new.1548/openldap2.changes
2022-06-03 14:15:30.457226143 +0200
@@ -1,0 +2,44 @@
+Mon May 23 10:51:45 UTC 2022 - Michael Str??der
+
+- Update to release 2.6.2
+ * Added support for OpenSSL 3.0 (ITS#9436)
+ * Fixed ldapdelete to prune LDAP subentries (ITS#9737)
+ * Fixed libldap to drop connection when non-LDAP data is
+received (ITS#9803)
+ * Fixed libldap to allow newlines at end of included file
+(ITS#9811)
+ * Fixed slapd slaptest conversion of olcLastBind (ITS#9808)
+ * Fixed slapd to correctly init global_host earlier (ITS#9787)
+ * Fixed slapd bconfig locking for cn=config replication
+(ITS#9584)
+ * Fixed slapd usage of thread local counters (ITS#9789)
+ * Fixed slapd to clear runqueue task correctly (ITS#9785)
+ * Fixed slapd idletimeout handling (ITS#9820)
+ * Fixed slapd syncrepl handling of new sessions (ITS#9584)
+ * Fixed slapd to clear connections on bind (ITS#9799)
+ * Fixed slapd to correctly advance connections index (ITS#9831)
+ * Fixed slapd syncrepl ODSEE replication of unknown attr
+(ITS#9801)
+ * Fixed slapd-asyncmeta memory leak in keepalive setting,
+slapd-ldap memory leak in keepalive setting, SEGV on config
+rewrite, ordering on config rewrite, memory leak in keepalive
+setting (ITS#9802)
+ * Fixed slapo-pcache SEGV & slapd-monitor SEGV on shutdown
+(ITS#9809)
+ * Fixed slapd-monitor crash when hitting sizelimit (ITS#9832)
+ * Fixed slapd-sql to properly escape filter value (ITS#9815)
+ * Fixed slapo-dynlist dynamic group regression (ITS#9825)
+ * Fixed slapo-ppolicy operation handling to be consistent
+(ITS#9794)
+ * Fixed slapo-translucent to correctly duplicate substring
+filters (ITS#9818)
+ * Contrib:
+ * Update ppm module to the 2.1 release (ITS#9814)
+ * Documentation:
+ * admin26: Document new lloadd features (ITS#9780)
+ * Fixed slapd.conf(5)/slapd-config(5) syncrepl
+sizelimit/timelimit documentation (ITS#9804)
+ * Fixed slapd-sock(5) to clarify "sockresps result" behavior
+(ITS#8255)
+
+---
Old:
openldap-2.6.1.tgz
openldap-2.6.1.tgz.asc
New:
openldap-2.6.2.tgz
openldap-2.6.2.tgz.asc
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.Jcd7i9/_old 2022-06-03 14:15:31.565227583 +0200
+++ /var/tmp/diff_new_pack.Jcd7i9/_new 2022-06-03 14:15:31.569227588 +0200
@@ -17,7 +17,7 @@
%define run_test_suite 0
-%define version_main 2.6.1
+%define version_main 2.6.2
%define slapdrundir %{_rundir}/slapd
%define flavor @BUILD_FLAVOR@%{nil}
%if "%flavor" == "contrib"
++ 0003-LDAPI-socket-location.dif ++
--- /var/tmp/diff_new_pack.Jcd7i9/_old 2022-06-03 14:15:31.605227635 +0200
+++ /var/tmp/diff_new_pack.Jcd7i9/_new 2022-06-03 14:15:31.609227640 +0200
@@ -1,23 +1,13 @@
-From 73f1a31ec1d90872ac6f09ffac5adfb199eba963 Mon Sep 17 00:00:00 2001
-From: Ralf Haferkamp
-Date: Wed, 16 Jun 2010 14:06:42 +0200
-Subject: LDAPI socket location
-
-
-diff --git a/include/ldap_defaults.h b/include/ldap_defaults.h
-index 9dba666..b9780bc 100644
a/include/ldap_defaults.h
-+++ b/include/ldap_defaults.h
-@@ -39,7 +39,7 @@
- #define LDAP_ENV_PREFIX "LDAP"
+diff -ur openldap-2.6.2.orig/include/ldap_defaults.h
openldap-2.6.2/include/ldap_defaults.h
+--- openldap-2.6.2.orig/include/ldap_defaults.h2022-05-04
16:55:23.0 +0200
openldap-2.6.2/include/ldap_defaults.h 2022-05-23 12:55:05.059335200
+0200
+@@ -40,7 +40,7 @@
/* default ldapi:// socket */
+ #ifndef LDAPI_SOCK
-#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"
+#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "ldapi"
+ #endif
/*
- * SLAPD DEFINITIONS
---
-1.7.10.4
-
++ openldap-2.6.1.tgz -> openldap-2.6.2.tgz ++
/work/SRC/openSUSE:Factory/openldap2/openldap-2.6.1.tgz
/work/SRC/openSUSE:Factory/.openldap2.new.1548/openldap-2.6.2.tgz differ: char
5, line 1
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2022-05-23 15:51:43
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.2254 (New)
Package is "openldap2"
Mon May 23 15:51:43 2022 rev:174 rq:978469 version:2.6.1
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-04-14
17:23:25.879120739 +0200
+++ /work/SRC/openSUSE:Factory/.openldap2.new.2254/openldap2.changes
2022-05-23 15:51:44.562646212 +0200
@@ -1,0 +2,6 @@
+Thu May 12 02:48:19 UTC 2022 - William Brown
+
+- bsc#1199277 - Resolve segfault when calling new ctx with global ctx
+* 0017-Resolve-error-handling-in-new-ctx-when-global.patch
+
+---
New:
0017-Resolve-error-handling-in-new-ctx-when-global.patch
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.d5aPkT/_old 2022-05-23 15:51:45.282646891 +0200
+++ /var/tmp/diff_new_pack.d5aPkT/_new 2022-05-23 15:51:45.290646899 +0200
@@ -56,6 +56,7 @@
Patch5: 0005-pie-compile.dif
Patch8: 0008-In-monitor-backend-do-not-return-Connection0-entries.patch
Patch16:0016-Clear-shared-key-only-in-close-function.patch
+Patch17:0017-Resolve-error-handling-in-new-ctx-when-global.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: argon2-devel
@@ -243,6 +244,7 @@
%patch5 -p1
%patch8 -p1
%patch16 -p1
+%patch17 -p1
cp %{SOURCE5} .
%build
++ 0017-Resolve-error-handling-in-new-ctx-when-global.patch ++
>From 43778f8b24f86af411fb5ed6df69851459abe561 Mon Sep 17 00:00:00 2001
From: William Brown
Date: Thu, 12 May 2022 12:46:57 +1000
Subject: [PATCH] Resolve error handling in new ctx when global
---
libraries/libldap/tls2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
index 6d36db1984..f18992e781 100644
--- a/libraries/libldap/tls2.c
+++ b/libraries/libldap/tls2.c
@@ -989,7 +989,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
lo->ldo_tls_ctx = NULL;
errmsg[0] = 0;
rc = ldap_int_tls_init_ctx( lo, *(int *)arg, errmsg );
- if ( rc && errmsg[0] ) {
+ if ( ld && rc && errmsg[0] ) {
if ( ld->ld_error )
LDAP_FREE( ld->ld_error );
ld->ld_error = LDAP_STRDUP( errmsg );
--
2.36.1
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2022-04-14 17:23:15
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.1941 (New)
Package is "openldap2"
Thu Apr 14 17:23:15 2022 rev:173 rq:969284 version:2.6.1
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2022-04-02
18:19:57.906662662 +0200
+++ /work/SRC/openSUSE:Factory/.openldap2.new.1941/openldap2.changes
2022-04-14 17:23:25.879120739 +0200
@@ -1,0 +2,17 @@
+Mon Apr 11 20:52:33 UTC 2022 - Michael Str??der
+
+- Use libargon2 instead of libsodium because it supports p>1
+- Added new contrib overlays: authzid, datamorph, variant, vc
+
+---
+Sat Apr 2 22:57:29 UTC 2022 - Jan Engelhardt
+
+- Update to release 2.6.1
+ * Ability to log directly to a file bypassing syslog
+ * back-ndb is retired
+ * back-sql and back-perl are deprecated
+ * lloadd(8): Additional load balancing strategies.
+ * lloadd(8): Additional options to improve coherence with certain
+controls and extended operations.
+
+---
Old:
openldap-2.5.9.tgz
openldap-2.5.9.tgz.asc
New:
openldap-2.6.1.tgz
openldap-2.6.1.tgz.asc
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.QU94rl/_old 2022-04-14 17:23:26.819121837 +0200
+++ /var/tmp/diff_new_pack.QU94rl/_new 2022-04-14 17:23:26.823121842 +0200
@@ -17,7 +17,7 @@
%define run_test_suite 0
-%define version_main 2.5.9
+%define version_main 2.6.1
%define slapdrundir %{_rundir}/slapd
%define flavor @BUILD_FLAVOR@%{nil}
%if "%flavor" == "contrib"
@@ -58,11 +58,11 @@
Patch16:0016-Clear-shared-key-only-in-close-function.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+BuildRequires: argon2-devel
BuildRequires: cyrus-sasl-devel
BuildRequires: db-devel
BuildRequires: groff
BuildRequires: libopenssl-devel
-BuildRequires: libsodium-devel
BuildRequires: libtool
BuildRequires: openslp-devel
BuildRequires: sysuser-tools
@@ -78,7 +78,7 @@
%{?systemd_requires}
%endif
Requires: /usr/bin/awk
-Requires: libldap-2_5-0 = %{version_main}
+Requires: libldap2 = %{version_main}
Recommends: cyrus-sasl
Conflicts: openldap
PreReq: %fillup_prereq
@@ -152,7 +152,9 @@
allop
allowed Generates attributes indicating access rights
autogroup
+authzid implements RFC 3829 support
cloak
+datamorph store enumerated values and fixed size integers
denyop
lastbind writes last bind timestamp to entry
noopsrch handles no-op search control
@@ -160,6 +162,8 @@
pw-pbkdf2 generates/validates PBKDF2 password hashes
smbk5pwd generates Samba3 password hashes (heimdal krb disabled)
trace traces overlay invocation
+variant allows attributes/values to be shared between several entries
+vcimplements the verify credentials extended operation
%package doc
Summary:OpenLDAP Documentation
@@ -173,7 +177,7 @@
%package client
Summary:OpenLDAP client utilities
Group: Productivity/Networking/LDAP/Clients
-Requires: libldap-2_5-0 = %{version_main}
+Requires: libldap2 = %{version_main}
%description client
OpenLDAP client utilities such as ldapadd, ldapsearch, ldapmodify.
@@ -187,7 +191,7 @@
%endif
#
Conflicts: openldap-devel
-Requires: libldap-2_5-0 = %{version_main}
+Requires: libldap2 = %{version_main}
Recommends: cyrus-sasl-devel
%description devel
@@ -205,18 +209,18 @@
This package provides the static versions of the OpenLDAP libraries
for development.
-%package -n libldap-2_5-0
+%package -n libldap2
Summary:OpenLDAP Client Libraries
Group: Productivity/Networking/LDAP/Clients
Recommends: libldap-data >= %{version_main}
-%description -n libldap-2_5-0
+%description -n libldap2
This package contains the OpenLDAP client libraries.
%package -n libldapcpp-devel
Summary:C++ wrapper around openLDAP API
Group: Development/Libraries/C and C++
-Requires: libldapcpp0 = %{version}
+Requires: libldapcpp0 = %{version_main}
Requires: openldap2-devel
%description -n libldapcpp-devel
@@ -226,7 +230,7 @@
%package -n libldapcpp0
Summary:C++ wrapper around openLDAP API
Group: Development/Libraries/C and C++
-Provides: ldapcpplib = %{version}
+Provides: ldapcpplib = %{version_main}
Obsoletes: ldapcpplib <= 0.0.5
%description -n libldapcpp0
@@ -234,7 +238,6
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2022-04-02 18:19:54 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1900 (New) Package is "openldap2" Sat Apr 2 18:19:54 2022 rev:172 rq:965879 version:2.5.9 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-10-21 10:21:24.563897504 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1900/openldap2.changes 2022-04-02 18:19:57.906662662 +0200 @@ -1,0 +2,110 @@ +Sat Mar 26 14:08:57 UTC 2022 - Stephan Kulow + +- Add _multibuild support to integrate the build of libldapcpp-devel + to drop the outdated copy + +--- +Mon Oct 25 22:03:53 UTC 2021 - Michael Str??der + +- update to 2.5.9 + +OpenLDAP 2.5.9 Release (2021/10/25) +Fixed slapo-accesslog to initialize minCSN on import of 2.4 databases (ITS#9720) + +--- +Mon Oct 11 18:46:13 UTC 2021 - Michael Str??der + +- update to 2.5.8 + +OpenLDAP 2.5.8 Release (2021/10/11) +Fixed libldap ldap_int_tls_connect: isdigit() requires unsigned char (ITS#9668) +Fixed libldap memory leak in ldap_get_option LDAP_OPT_X_TLS_PEERCERT (ITS#9696) +Fixed slapd to allow normalized values for namingContexts in cn=monitor (ITS#8341) +Fixed slapd to normalize the suffix in rootDSE (ITS#9664) +Fixed slapd slapadd to avoid destroying configDB prematurely (ITS#9678) +Fixed slapd to not spam logs with lastbind information (ITS#9156) +Fixed slapd slaptest migration to correctly set olcTSLVerifyClient (ITS#9711) +Fixed slapd-mdb multival delete handling (ITS#9712) +Fixed slapd-sql ldap_entry_objectclass table for mariadb/mysql (ITS#9679) +Fixed slapd-wt multiple issues (ITS#9463) +Fixed slapd-wt to close cache db correctly (ITS#9631) +Fixed slapo-ppolicy to restore OpenLDAP 2.4 compatibilty (ITS#9671) +Fixed slapo-syncprov to free uuid list when finished replaying sessionlog (ITS#6467) +Build +Fixed libldap result.c compilation on musl systems (ITS#9648) +Fixed slapd duplicate definition of peerbv (ITS#9659) +Fixed test suite with memberof modular builds (ITS#9464) +Contrib +Added man page for ppm contrib module (ITS#9644) +Fix crash when pwdCheckModuleArg is not defined for ppm (ITS#9656) +Documentation +Fixed guide download link for heimdal (ITS#9669) +Fixed guide documentation for TLSECName (ITS#9687) +Fixed guide documentation missing tags (ITS#9693) +Fixed guide loadbalancer typo (ITS#9699) +Fixed guide synprov-nopresent redundant text (ITS#9689) +Fixed guide various typos and fix config alignment (ITS#9706) +Removed ppolicy.schema from servers/slapd/schema/README (ITS#9156) +Fixed slapd.conf(5)/slapd-config(5) to document default for database monitoring (ITS#9674) +Fixed slapd-meta(5)/slapd-asyncmeta(5) verbiage for try-propagate (ITS#9646) +Fixed slapo-syncprov(5) to note entryCSN indexing is highly recommended (ITS#9688) + +--- +Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner + +- Update to upstream version 2.5.7 + Fixed lloadd client state tracking (ITS#9624) + Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) + Fixed slapd-ldif duplicate controls response (ITS#9497) + Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) + Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) + Fixed slapd-mdb idlexp maximum size handling (ITS#9637) + Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) + Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) + Fixed slapd-sql to close transactions after bind and search (ITS#9630) + Fixed slapo-accesslog to make reqMod optional (ITS#9569) + Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) + Documentation + slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) + slapo-accesslog(5) note that reqMod is optional (ITS#9569) + Add ldapvc(1) man page (ITS#9549) + Add guide section on load balancer (ITS#9443) + Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) + Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) + Updated guide to document removal of deprecated options from client tools (ITS#9200) +
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-10-21 10:21:23 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1890 (New) Package is "openldap2" Thu Oct 21 10:21:23 2021 rev:171 rq: version:unknown Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-10-20 20:22:58.661329682 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1890/openldap2.changes 2021-10-21 10:21:24.563897504 +0200 @@ -2,96 +1,0 @@ -Mon Oct 11 18:46:13 UTC 2021 - Michael Str??der - -- update to 2.5.8 - -OpenLDAP 2.5.8 Release (2021/10/11) -Fixed libldap ldap_int_tls_connect: isdigit() requires unsigned char (ITS#9668) -Fixed libldap memory leak in ldap_get_option LDAP_OPT_X_TLS_PEERCERT (ITS#9696) -Fixed slapd to allow normalized values for namingContexts in cn=monitor (ITS#8341) -Fixed slapd to normalize the suffix in rootDSE (ITS#9664) -Fixed slapd slapadd to avoid destroying configDB prematurely (ITS#9678) -Fixed slapd to not spam logs with lastbind information (ITS#9156) -Fixed slapd slaptest migration to correctly set olcTSLVerifyClient (ITS#9711) -Fixed slapd-mdb multival delete handling (ITS#9712) -Fixed slapd-sql ldap_entry_objectclass table for mariadb/mysql (ITS#9679) -Fixed slapd-wt multiple issues (ITS#9463) -Fixed slapd-wt to close cache db correctly (ITS#9631) -Fixed slapo-ppolicy to restore OpenLDAP 2.4 compatibilty (ITS#9671) -Fixed slapo-syncprov to free uuid list when finished replaying sessionlog (ITS#6467) -Build -Fixed libldap result.c compilation on musl systems (ITS#9648) -Fixed slapd duplicate definition of peerbv (ITS#9659) -Fixed test suite with memberof modular builds (ITS#9464) -Contrib -Added man page for ppm contrib module (ITS#9644) -Fix crash when pwdCheckModuleArg is not defined for ppm (ITS#9656) -Documentation -Fixed guide download link for heimdal (ITS#9669) -Fixed guide documentation for TLSECName (ITS#9687) -Fixed guide documentation missing tags (ITS#9693) -Fixed guide loadbalancer typo (ITS#9699) -Fixed guide synprov-nopresent redundant text (ITS#9689) -Fixed guide various typos and fix config alignment (ITS#9706) -Removed ppolicy.schema from servers/slapd/schema/README (ITS#9156) -Fixed slapd.conf(5)/slapd-config(5) to document default for database monitoring (ITS#9674) -Fixed slapd-meta(5)/slapd-asyncmeta(5) verbiage for try-propagate (ITS#9646) -Fixed slapo-syncprov(5) to note entryCSN indexing is highly recommended (ITS#9688) - -Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner - -- Update to upstream version 2.5.7 - Fixed lloadd client state tracking (ITS#9624) - Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) - Fixed slapd-ldif duplicate controls response (ITS#9497) - Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) - Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) - Fixed slapd-mdb idlexp maximum size handling (ITS#9637) - Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) - Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) - Fixed slapd-sql to close transactions after bind and search (ITS#9630) - Fixed slapo-accesslog to make reqMod optional (ITS#9569) - Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) - Documentation - slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) - slapo-accesslog(5) note that reqMod is optional (ITS#9569) - Add ldapvc(1) man page (ITS#9549) - Add guide section on load balancer (ITS#9443) - Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) - Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) - Updated guide to document removal of deprecated options from client tools (ITS#9200) - -Fri Jul 30 13:30:05 UTC 2021 - Philipp Wagner - -- Major version update to 2.5.6 - See https://www.openldap.org/software/release/announce.html for a list of - changes. -- The threaded version of the OpenLDAP libraries, libldap_r, has been merged - with libldap with 2.5. Removed all related downstream changes, including the - openldap-r-only.dif patch. - Introduce a new compatibility symlink in the other direction: libldap_r -
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-10-20 20:22:46 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1890 (New) Package is "openldap2" Wed Oct 20 20:22:46 2021 rev:170 rq:924764 version:2.5.8 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-09-05 08:45:44.972186056 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1890/openldap2.changes 2021-10-20 20:22:58.661329682 +0200 @@ -1,0 +2,96 @@ +Mon Oct 11 18:46:13 UTC 2021 - Michael Str??der + +- update to 2.5.8 + +OpenLDAP 2.5.8 Release (2021/10/11) +Fixed libldap ldap_int_tls_connect: isdigit() requires unsigned char (ITS#9668) +Fixed libldap memory leak in ldap_get_option LDAP_OPT_X_TLS_PEERCERT (ITS#9696) +Fixed slapd to allow normalized values for namingContexts in cn=monitor (ITS#8341) +Fixed slapd to normalize the suffix in rootDSE (ITS#9664) +Fixed slapd slapadd to avoid destroying configDB prematurely (ITS#9678) +Fixed slapd to not spam logs with lastbind information (ITS#9156) +Fixed slapd slaptest migration to correctly set olcTSLVerifyClient (ITS#9711) +Fixed slapd-mdb multival delete handling (ITS#9712) +Fixed slapd-sql ldap_entry_objectclass table for mariadb/mysql (ITS#9679) +Fixed slapd-wt multiple issues (ITS#9463) +Fixed slapd-wt to close cache db correctly (ITS#9631) +Fixed slapo-ppolicy to restore OpenLDAP 2.4 compatibilty (ITS#9671) +Fixed slapo-syncprov to free uuid list when finished replaying sessionlog (ITS#6467) +Build +Fixed libldap result.c compilation on musl systems (ITS#9648) +Fixed slapd duplicate definition of peerbv (ITS#9659) +Fixed test suite with memberof modular builds (ITS#9464) +Contrib +Added man page for ppm contrib module (ITS#9644) +Fix crash when pwdCheckModuleArg is not defined for ppm (ITS#9656) +Documentation +Fixed guide download link for heimdal (ITS#9669) +Fixed guide documentation for TLSECName (ITS#9687) +Fixed guide documentation missing tags (ITS#9693) +Fixed guide loadbalancer typo (ITS#9699) +Fixed guide synprov-nopresent redundant text (ITS#9689) +Fixed guide various typos and fix config alignment (ITS#9706) +Removed ppolicy.schema from servers/slapd/schema/README (ITS#9156) +Fixed slapd.conf(5)/slapd-config(5) to document default for database monitoring (ITS#9674) +Fixed slapd-meta(5)/slapd-asyncmeta(5) verbiage for try-propagate (ITS#9646) +Fixed slapo-syncprov(5) to note entryCSN indexing is highly recommended (ITS#9688) + +--- +Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner + +- Update to upstream version 2.5.7 + Fixed lloadd client state tracking (ITS#9624) + Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) + Fixed slapd-ldif duplicate controls response (ITS#9497) + Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) + Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) + Fixed slapd-mdb idlexp maximum size handling (ITS#9637) + Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) + Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) + Fixed slapd-sql to close transactions after bind and search (ITS#9630) + Fixed slapo-accesslog to make reqMod optional (ITS#9569) + Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) + Documentation + slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) + slapo-accesslog(5) note that reqMod is optional (ITS#9569) + Add ldapvc(1) man page (ITS#9549) + Add guide section on load balancer (ITS#9443) + Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) + Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) + Updated guide to document removal of deprecated options from client tools (ITS#9200) + +--- +Fri Jul 30 13:30:05 UTC 2021 - Philipp Wagner + +- Major version update to 2.5.6 + See https://www.openldap.org/software/release/announce.html for a list of + changes. +- The threaded version of the OpenLDAP libraries, libldap_r, has been merged + with libldap with 2.5. Removed all related downstream changes, including the + openldap-r-only.dif patch. + Introduce a new compatibility symlink in the other direction: libldap_r
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-09-05 08:45:43 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1899 (New) Package is "openldap2" Sun Sep 5 08:45:43 2021 rev:169 rq: version:unknown Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-09-03 21:25:43.758149060 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1899/openldap2.changes 2021-09-05 08:45:44.972186056 +0200 @@ -2,58 +1,0 @@ -Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner - -- Update to upstream version 2.5.7 - Fixed lloadd client state tracking (ITS#9624) - Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) - Fixed slapd-ldif duplicate controls response (ITS#9497) - Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) - Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) - Fixed slapd-mdb idlexp maximum size handling (ITS#9637) - Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) - Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) - Fixed slapd-sql to close transactions after bind and search (ITS#9630) - Fixed slapo-accesslog to make reqMod optional (ITS#9569) - Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) - Documentation - slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) - slapo-accesslog(5) note that reqMod is optional (ITS#9569) - Add ldapvc(1) man page (ITS#9549) - Add guide section on load balancer (ITS#9443) - Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) - Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) - Updated guide to document removal of deprecated options from client tools (ITS#9200) - -Fri Jul 30 13:30:05 UTC 2021 - Philipp Wagner - -- Major version update to 2.5.6 - See https://www.openldap.org/software/release/announce.html for a list of - changes. -- The threaded version of the OpenLDAP libraries, libldap_r, has been merged - with libldap with 2.5. Removed all related downstream changes, including the - openldap-r-only.dif patch. - Introduce a new compatibility symlink in the other direction: libldap_r - pointing to libldap. -- Removed the ppolicy-check-password module. It is unmaintained and does not - build any more. As part of that also remove the patch - patch 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch, which - is applied to this module. -- Removed patch 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch - Fixed upstream in 2.5 (ITS#8866) -- Updated patch 0005-pie-compile.dif - Removed the hunks on back-bdb and back-hdb, which are retired backends in 2.5. -- Removed patch 0007-Recover-on-DB-version-change.dif - The back-bdb backend was retired. -- Removed patch 0011-openldap-re24-its7796.patch - Fixed upstream in 2.5 (ITS#7796) -- Remove non-existant configure arguments: - --enable-rewrite, --enable-monitor, --enable-lmpasswd -- Add the --enable-dynacl configure option, which is required for --enable-aci -- Add the --with-argon2 configure option and remove it from the contrib - modules, since it is now official (ITS#9453). -- Pass mandir to smbk5pwd to ensure the man page ends up in /usr/share. -- Include the new overlays in libdir/openldap in the packages. -- Add the pkgconfig files to the devel package. -- Remove compat macro for _fillupdir, which was introduced in Nov 2017 and - should be widely available now. - @@ -3315,0 +3258 @@ + Old: openldap-2.5.7.tgz openldap-2.5.7.tgz.asc New: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch 0007-Recover-on-DB-version-change.dif 0011-openldap-re24-its7796.patch 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch openldap-2.4.59.tgz openldap-2.4.59.tgz.asc openldap-r-only.dif ppolicy-check-password-1.2.tar.gz ppolicy-check-password.5 ppolicy-check-password.Makefile ppolicy-check-password.conf Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.Zgm5Z6/_old 2021-09-05 08:45:45.888187094 +0200 +++ /var/tmp/diff_new_pack.Zgm5Z6/_new 2021-09-05 08:45:45.888187094 +0200 @@ -16,8 +16,16 @@ # +#Compat macro for new _fillupdir macro introduced in Nov 2017 +%if !
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2021-09-03 21:25:35 Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.1899 (New) Package is "openldap2" Fri Sep 3 21:25:35 2021 rev:168 rq:914629 version:2.5.7 Changes: --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-06-09 21:51:11.966356818 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.1899/openldap2.changes 2021-09-03 21:25:43.758149060 +0200 @@ -1,0 +2,58 @@ +Tue Aug 24 13:04:36 UTC 2021 - Philipp Wagner + +- Update to upstream version 2.5.7 + Fixed lloadd client state tracking (ITS#9624) + Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611) + Fixed slapd-ldif duplicate controls response (ITS#9497) + Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621) + Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958) + Fixed slapd-mdb idlexp maximum size handling (ITS#9637) + Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628) + Fixed slapd-sql to add support for ppolicy attributes (ITS#9629) + Fixed slapd-sql to close transactions after bind and search (ITS#9630) + Fixed slapo-accesslog to make reqMod optional (ITS#9569) + Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625) + Documentation + slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637) + slapo-accesslog(5) note that reqMod is optional (ITS#9569) + Add ldapvc(1) man page (ITS#9549) + Add guide section on load balancer (ITS#9443) + Updated guide to document multiprovider as replacement for mirrormode (ITS#9200) + Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200) + Updated guide to document removal of deprecated options from client tools (ITS#9200) + +--- +Fri Jul 30 13:30:05 UTC 2021 - Philipp Wagner + +- Major version update to 2.5.6 + See https://www.openldap.org/software/release/announce.html for a list of + changes. +- The threaded version of the OpenLDAP libraries, libldap_r, has been merged + with libldap with 2.5. Removed all related downstream changes, including the + openldap-r-only.dif patch. + Introduce a new compatibility symlink in the other direction: libldap_r + pointing to libldap. +- Removed the ppolicy-check-password module. It is unmaintained and does not + build any more. As part of that also remove the patch + patch 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch, which + is applied to this module. +- Removed patch 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch + Fixed upstream in 2.5 (ITS#8866) +- Updated patch 0005-pie-compile.dif + Removed the hunks on back-bdb and back-hdb, which are retired backends in 2.5. +- Removed patch 0007-Recover-on-DB-version-change.dif + The back-bdb backend was retired. +- Removed patch 0011-openldap-re24-its7796.patch + Fixed upstream in 2.5 (ITS#7796) +- Remove non-existant configure arguments: + --enable-rewrite, --enable-monitor, --enable-lmpasswd +- Add the --enable-dynacl configure option, which is required for --enable-aci +- Add the --with-argon2 configure option and remove it from the contrib + modules, since it is now official (ITS#9453). +- Pass mandir to smbk5pwd to ensure the man page ends up in /usr/share. +- Include the new overlays in libdir/openldap in the packages. +- Add the pkgconfig files to the devel package. +- Remove compat macro for _fillupdir, which was introduced in Nov 2017 and + should be widely available now. + +--- @@ -3258 +3315,0 @@ - Old: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch 0007-Recover-on-DB-version-change.dif 0011-openldap-re24-its7796.patch 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch openldap-2.4.59.tgz openldap-2.4.59.tgz.asc openldap-r-only.dif ppolicy-check-password-1.2.tar.gz ppolicy-check-password.5 ppolicy-check-password.Makefile ppolicy-check-password.conf New: openldap-2.5.7.tgz openldap-2.5.7.tgz.asc Other differences: -- ++ openldap2.spec ++ --- /var/tmp/diff_new_pack.dterPe/_old 2021-09-03 21:25:44.798150144 +0200 +++ /var/tmp/diff_new_pack.dterPe/_new 2021-09-03 21:25:44.802150148 +0200 @@ -16,16 +16,8 @@ # -#Compat macro for new _fillupdir macro introduced in Nov 2017 -%if !
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2021-06-09 21:51:11
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.32437 (New)
Package is "openldap2"
Wed Jun 9 21:51:11 2021 rev:167 rq:897312 version:unknown
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-03-19
16:39:58.861856899 +0100
+++ /work/SRC/openSUSE:Factory/.openldap2.new.32437/openldap2.changes
2021-06-09 21:51:11.966356818 +0200
@@ -1,0 +2,18 @@
+Fri Jun 4 00:06:15 UTC 2021 - Michael Str??der
+
+- updated to 2.4.59
+
+OpenLDAP 2.4.59 Release (2021/06/03)
+Fixed libldap TLSv1.3 cipher suites with OpenSSL 1.1.1 (ITS#9521)
+Fixed libldap double free of LDAP_OPT_DEFBASE (ITS#9530)
+Fixed slapd syncrepl handling of add+delete on single value attr (ITS#9295)
+Fixed slapd-mdb cursor init check (ITS#9526)
+Fixed slapd-mdb deletion of context entry (ITS#9531)
+Fixed slapd-mdb off-by-one affecting search scope (ITS#9557)
+Fixed slapo-pcache locking during expiration (ITS#9529)
+Contrib
+Fixed slapo-autogroup to not thrash thread context (ITS#9494)
+Documentation
+ldap_modify(3) - Delete non-existent mod_next parameter (ITS#9559)
+
+---
Old:
openldap-2.4.58.tgz
openldap-2.4.58.tgz.asc
New:
openldap-2.4.59.tgz
openldap-2.4.59.tgz.asc
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.kluxit/_old 2021-06-09 21:51:12.822358344 +0200
+++ /var/tmp/diff_new_pack.kluxit/_new 2021-06-09 21:51:12.826358351 +0200
@@ -22,7 +22,7 @@
%endif
%define run_test_suite 0
-%define version_main 2.4.58
+%define version_main 2.4.59
%define name_ppolicy_check_module ppolicy-check-password
%define version_ppolicy_check_module 1.2
%define ppolicy_docdir
%{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module}
++ openldap-2.4.58.tgz -> openldap-2.4.59.tgz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openldap-2.4.58/CHANGES new/openldap-2.4.59/CHANGES
--- old/openldap-2.4.58/CHANGES 2021-03-16 18:09:58.0 +0100
+++ new/openldap-2.4.59/CHANGES 2021-06-03 20:40:31.0 +0200
@@ -1,5 +1,18 @@
OpenLDAP 2.4 Change Log
+OpenLDAP 2.4.59 Release (2021/06/03)
+ Fixed libldap TLSv1.3 cipher suites with OpenSSL 1.1.1 (ITS#9521)
+ Fixed libldap double free of LDAP_OPT_DEFBASE (ITS#9530)
+ Fixed slapd syncrepl handling of add+delete on single value attr
(ITS#9295)
+ Fixed slapd-mdb cursor init check (ITS#9526)
+ Fixed slapd-mdb deletion of context entry (ITS#9531)
+ Fixed slapd-mdb off-by-one affecting search scope (ITS#9557)
+ Fixed slapo-pcache locking during expiration (ITS#9529)
+ Contrib
+ Fixed slapo-autogroup to not thrash thread context (ITS#9494)
+ Documentation
+ ldap_modify(3) - Delete non-existent mod_next parameter
(ITS#9559)
+
OpenLDAP 2.4.58 Release (2021/03/16)
Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9454)
Fixed slapd to alloc new conn struct after freeing old one (ITS#9458)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openldap-2.4.58/build/version.var
new/openldap-2.4.59/build/version.var
--- old/openldap-2.4.58/build/version.var 2021-03-16 18:09:58.0
+0100
+++ new/openldap-2.4.59/build/version.var 2021-06-03 20:40:31.0
+0200
@@ -15,9 +15,9 @@
ol_package=OpenLDAP
ol_major=2
ol_minor=4
-ol_patch=58
-ol_api_inc=20458
+ol_patch=59
+ol_api_inc=20459
ol_api_current=13
-ol_api_revision=6
+ol_api_revision=7
ol_api_age=11
-ol_release_date="2021/03/16"
+ol_release_date="2021/06/03"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/openldap-2.4.58/contrib/slapd-modules/autogroup/autogroup.c
new/openldap-2.4.59/contrib/slapd-modules/autogroup/autogroup.c
--- old/openldap-2.4.58/contrib/slapd-modules/autogroup/autogroup.c
2021-03-16 18:09:58.0 +0100
+++ new/openldap-2.4.59/contrib/slapd-modules/autogroup/autogroup.c
2021-06-03 20:40:31.0 +0200
@@ -2071,7 +2071,7 @@
return 0;
}
- connection_fake_init( , , thrctx );
+ connection_fake_init2( , , thrctx, 0 );
op = _op;
op->ors_attrsonly = 0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openldap-2.4.58/doc/guide/admin/guide.html
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2021-03-19 16:39:53
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.2401 (New)
Package is "openldap2"
Fri Mar 19 16:39:53 2021 rev:166 rq:879500 version:unknown
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2021-01-20
18:23:13.475299835 +0100
+++ /work/SRC/openSUSE:Factory/.openldap2.new.2401/openldap2.changes
2021-03-19 16:39:58.861856899 +0100
@@ -1,0 +2,11 @@
+Tue Mar 16 20:15:53 UTC 2021 - Michael Str??der
+
+- updated to 2.4.58
+
+OpenLDAP 2.4.58 Release (2021/03/16)
+Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9454)
+Fixed slapd to alloc new conn struct after freeing old one (ITS#9458)
+Fixed slapd syncrepl to check all contextCSNs (ITS#9282)
+Fixed slapd-bdb lockdetect config (ITS#9449)
+
+---
Old:
openldap-2.4.57.tgz
openldap-2.4.57.tgz.asc
New:
openldap-2.4.58.tgz
openldap-2.4.58.tgz.asc
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.AyGUAJ/_old 2021-03-19 16:39:59.649857962 +0100
+++ /var/tmp/diff_new_pack.AyGUAJ/_new 2021-03-19 16:39:59.653857967 +0100
@@ -22,7 +22,7 @@
%endif
%define run_test_suite 0
-%define version_main 2.4.57
+%define version_main 2.4.58
%define name_ppolicy_check_module ppolicy-check-password
%define version_ppolicy_check_module 1.2
%define ppolicy_docdir
%{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module}
@@ -229,7 +229,8 @@
URL:https://github.com/onyxpoint/ppolicy-check-password
BuildRequires: cracklib-devel
Requires: openldap2 = %version_main
-Recommends: cracklib cracklib-dict-full
+Recommends: cracklib
+Recommends: cracklib-dict-full
%description ppolicy-check-password
An implementation of password quality check module, based on the original
++ openldap-2.4.57.tgz -> openldap-2.4.58.tgz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openldap-2.4.57/CHANGES new/openldap-2.4.58/CHANGES
--- old/openldap-2.4.57/CHANGES 2021-01-18 21:08:39.0 +0100
+++ new/openldap-2.4.58/CHANGES 2021-03-16 18:09:58.0 +0100
@@ -1,5 +1,11 @@
OpenLDAP 2.4 Change Log
+OpenLDAP 2.4.58 Release (2021/03/16)
+ Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9454)
+ Fixed slapd to alloc new conn struct after freeing old one (ITS#9458)
+ Fixed slapd syncrepl to check all contextCSNs (ITS#9282)
+ Fixed slapd-bdb lockdetect config (ITS#9449)
+
OpenLDAP 2.4.57 Release (2021/01/18)
Fixed ldapexop to use correct return code (ITS#9417)
Fixed slapd to remove asserts in UUIDNormalize (ITS#9391)
@@ -79,7 +85,7 @@
Fix test064 so it no longer uses bashisms (ITS#9263)
Contrib
Fix default prefix value for pw-argon2, pw-pbkdf2 modules
(ITS#9248)
- slapo-allowed - Fix usage of unitialized variable (ITS#9308)
+ slapo-allowed - Fix usage of uninitialized variable (ITS#9308)
Documentation
ldap_parse_result(3) - Document ldap_parse_intermediate
(ITS#9271)
@@ -156,7 +162,7 @@
Fixed libldap to correctly close TLS connection (ITS#8755)
Fixed libldap with non-blocking TLS and referals (ITS#8167)
Fixed libldap_r handling of deprecated OpenSSL function (ITS#8353)
- Fixed liblunicode case correspondance (ITS#8508)
+ Fixed liblunicode case correspondence (ITS#8508)
Fixed slapd with an idletimeout of less than four seconds (ITS#8952)
Fixed slapd config parser variable for Windows64 (ITS#9012)
Fixed slapd syncrepl fallback handling with delta-syncrepl (ITS#9015)
@@ -,7 +1117,7 @@
Fixed slapd-ldap chaining with onelevel scope (ITS#6699)
Fixed slapd-ldap chaining with ppolicy (ITS#6540)
Fixed slapd-ldap with SASL/EXTERNAL (ITS#6642)
- Fixed slapd-ldap crasher on matchedDN (ITS#6793)
+ Fixed slapd-ldap crash on matchedDN (ITS#6793)
Fixed slapd-ldap with unknown objectClasses (ITS#6814)
Fixed slapd-ldif error strings (ITS#6731)
Fixed slapd-ndb to honor rootpw setting (ITS#6661)
@@ -1148,7 +1154,7 @@
Fixed slapo-refint when last group member is deleted (ITS#6663)
Fixed slapo-refint with subtree rename (ITS#6730)
Fixed slapo-rwm double free (ITS#6720)
- Fixed slapo-rwm crasher (ITS#6632,ITS#6727)
+ Fixed slapo-rwm crash (ITS#6632,ITS#6727)
Fixed
commit openldap2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2021-01-20 18:23:10
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.28504 (New)
Package is "openldap2"
Wed Jan 20 18:23:10 2021 rev:165 rq:864146 version:unknown
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2020-12-22
11:25:29.676723121 +0100
+++ /work/SRC/openSUSE:Factory/.openldap2.new.28504/openldap2.changes
2021-01-20 18:23:13.475299835 +0100
@@ -1,0 +2,22 @@
+Mon Jan 18 20:31:58 UTC 2021 - Michael Str??der
+
+- updated to 2.4.57
+
+OpenLDAP 2.4.57 Release (2021/01/18)
+ Fixed ldapexop to use correct return code (ITS#9417)
+ Fixed slapd to remove asserts in UUIDNormalize (ITS#9391)
+ Fixed slapd to remove assert in csnValidate (ITS#9410)
+ Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9411, ITS#9427)
+ Fixed slapd validity checks for serialNumberAndIssuerCheck (ITS#9404,
ITS#9424)
+ Fixed slapd AVA sort with invalid RDN (ITS#9412)
+ Fixed slapd ldap_X509dn2bv to check for invalid BER after RDN count
(ITS#9423, ITS#9425)
+ Fixed slapd saslauthz to remove asserts in validation (ITS#9406, ITS#9407)
+ Fixed slapd saslauthz to use slap_sl_free on normalized DN (ITS#9409)
+ Fixed slapd saslauthz SEGV in slap_parse_user (ITS#9413)
+ Fixed slapd modrdn memory leak (ITS#9420)
+ Fixed slapd double-free in vrfilter (ITS#9408)
+ Fixed slapd cancel operation to correctly terminate (ITS#9428)
+ Fixed slapd-ldap fix binds on retry with closed connection (ITS#9400)
+ Fixed slapo-syncprov to ignore duplicate sessionlog entries (ITS#9394)
+
+---
Old:
openldap-2.4.56.tgz
openldap-2.4.56.tgz.asc
New:
openldap-2.4.57.tgz
openldap-2.4.57.tgz.asc
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.zEYlbV/_old 2021-01-20 18:23:14.503300595 +0100
+++ /var/tmp/diff_new_pack.zEYlbV/_new 2021-01-20 18:23:14.507300598 +0100
@@ -1,7 +1,7 @@
#
# spec file for package openldap2
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@
%endif
%define run_test_suite 0
-%define version_main 2.4.56
+%define version_main 2.4.57
%define name_ppolicy_check_module ppolicy-check-password
%define version_ppolicy_check_module 1.2
%define ppolicy_docdir
%{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module}
++ openldap-2.4.56.tgz -> openldap-2.4.57.tgz ++
14131 lines of diff (skipped)
commit openldap2 for openSUSE:Factory
Hello community,
here is the log from the commit of package openldap2 for openSUSE:Factory
checked in at 2020-12-10 15:56:28
Comparing /work/SRC/openSUSE:Factory/openldap2 (Old)
and /work/SRC/openSUSE:Factory/.openldap2.new.2328 (New)
Package is "openldap2"
Thu Dec 10 15:56:28 2020 rev:163 rq:854039 version:unknown
Changes:
--- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2020-10-30
11:45:53.841613264 +0100
+++ /work/SRC/openSUSE:Factory/.openldap2.new.2328/openldap2.changes
2020-12-10 15:56:30.834762817 +0100
@@ -1,0 +2,10 @@
+Wed Nov 11 12:13:27 UTC 2020 - Michael Ströder
+
+- updated to 2.4.56
+
+OpenLDAP 2.4.56 Release (2020/11/10)
+ Fixed slapd to remove assert in certificateListValidate (ITS#9383)
+ Fixed slapd to remove assert in csnNormalize23 (ITS#9384)
+ Fixed slapd to better parse ldapi listener URIs (ITS#9379)
+
+---
Old:
openldap-2.4.55.tgz
New:
openldap-2.4.56.tgz
Other differences:
--
++ openldap2.spec ++
--- /var/tmp/diff_new_pack.QXGnP9/_old 2020-12-10 15:56:31.850763773 +0100
+++ /var/tmp/diff_new_pack.QXGnP9/_new 2020-12-10 15:56:31.854763777 +0100
@@ -22,7 +22,7 @@
%endif
%define run_test_suite 0
-%define version_main 2.4.55
+%define version_main 2.4.56
%define name_ppolicy_check_module ppolicy-check-password
%define version_ppolicy_check_module 1.2
%define ppolicy_docdir
%{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module}
++ openldap-2.4.55.tgz -> openldap-2.4.56.tgz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openldap-2.4.55/CHANGES new/openldap-2.4.56/CHANGES
--- old/openldap-2.4.55/CHANGES 2020-10-26 20:02:25.0 +0100
+++ new/openldap-2.4.56/CHANGES 2020-11-10 19:22:13.0 +0100
@@ -1,5 +1,10 @@
OpenLDAP 2.4 Change Log
+OpenLDAP 2.4.56 Release (2020/11/10)
+ Fixed slapd to remove assert in certificateListValidate (ITS#9383)
+ Fixed slapd to remove assert in csnNormalize23 (ITS#9384)
+ Fixed slapd to better parse ldapi listener URIs (ITS#9379)
+
OpenLDAP 2.4.55 Release (2020/10/26)
Fixed slapd normalization handling with modrdn (ITS#9370)
Fixed slapd-meta to check ldap_install_tls return code (ITS#9366)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openldap-2.4.55/build/version.var
new/openldap-2.4.56/build/version.var
--- old/openldap-2.4.55/build/version.var 2020-10-26 20:02:25.0
+0100
+++ new/openldap-2.4.56/build/version.var 2020-11-10 19:22:13.0
+0100
@@ -15,9 +15,9 @@
ol_package=OpenLDAP
ol_major=2
ol_minor=4
-ol_patch=55
-ol_api_inc=20455
+ol_patch=56
+ol_api_inc=20456
ol_api_current=13
-ol_api_revision=3
+ol_api_revision=4
ol_api_age=11
-ol_release_date="2020/10/26"
+ol_release_date="2020/11/10"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openldap-2.4.55/doc/guide/admin/guide.html
new/openldap-2.4.56/doc/guide/admin/guide.html
--- old/openldap-2.4.55/doc/guide/admin/guide.html 2020-10-26
21:16:38.0 +0100
+++ new/openldap-2.4.56/doc/guide/admin/guide.html 2020-11-10
19:35:13.0 +0100
@@ -23,7 +23,7 @@
OpenLDAP Software 2.4 Administrator's Guide
The OpenLDAP Project http://www.openldap.org/;>http://www.openldap.org/
-26 October 2020
+10 November 2020
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openldap-2.4.55/servers/slapd/daemon.c
new/openldap-2.4.56/servers/slapd/daemon.c
--- old/openldap-2.4.55/servers/slapd/daemon.c 2020-10-26 20:02:25.0
+0100
+++ new/openldap-2.4.56/servers/slapd/daemon.c 2020-11-10 19:22:13.0
+0100
@@ -1423,6 +1423,14 @@
}
#endif /* LDAP_PF_LOCAL || SLAP_X_LISTENER_MOD */
+ if ( lud->lud_dn && lud->lud_dn[0] ) {
+ sprintf( (char *)url, "%s://%s/", lud->lud_scheme,
lud->lud_host );
+ Debug( LDAP_DEBUG_ANY, "daemon: listener URL %s DN must
be absent (%s)\n",
+ url, lud->lud_dn, 0 );
+ ldap_free_urldesc( lud );
+ return -1;
+ }
+
ldap_free_urldesc( lud );
if ( err ) {
slap_free_listener_addresses(sal);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openldap-2.4.55/servers/slapd/schema_init.c
new/openldap-2.4.56/servers/slapd/schema_init.c
--- old/openldap-2.4.55/servers/slapd/schema_init.c 2020-10-26
20:02:25.0 +0100
+++ new/openldap-2.4.56/servers/slapd/schema_init.c 2020-11-10
19:22:13.0 +0100
@@
