[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#870760: RFS: openldap/2.4.45+dfsg-1~bpo9+1

Package: sponsorship-requests
Severity: normal

Dear mentors and backporters,

I am looking for a sponsor to upload openldap to stretch-backports. I have built and tested the package in a clean stretch chroot.

While the libraries and tools are fairly stable, the server (slapd) is more of a moving target, and users often request to be able to run the latest upstream version on stable. I have maintained openldap backports in wheezy-bpo and jessie-bpo for the same reason.

The source package can be found on mentors.d.n:


This upload will be NEW in stretch-backports. The changes since the version in stretch are listed below.

Thanks for considering,


openldap (2.4.45+dfsg-1~bpo9+1) stretch-backports; urgency=medium

 * Rebuild for stretch-backports.
 * Revert "Fix build with Heimdal 7.2.0" as stretch contains a lower version
   of heimdal.

-- Ryan Tandy <ryan@nardis.ca>  Wed, 02 Aug 2017 09:05:55 -0700

openldap (2.4.45+dfsg-1) unstable; urgency=medium

 * New upstream release.
   - fixed a use-after-free in GnuTLS options handling
     (ITS#8385) (Closes: #820244) (LP: #1557248)
   - fixed unsafe concurrent SASL calls causing memory corruption
     (ITS#8648) (Closes: #860947) (LP: #1688575)
   - fixed syncrepl infinite looping with multi-master delta-syncrepl
     (ITS#8432) (Closes: #868753)
 * Rebase patches to apply cleanly:
   - do-not-second-guess-sonames
 * Drop patches applied upstream:
   - ITS-8554-kFreeBSD-is-like-BSD.patch
   - ITS-8644-wait-for-slapd-to-start-in-test064.patch
   - ITS-8655-paged-results-double-free.patch
 * Upgrade to debhelper compat level 10.
   - Depend on debhelper 10.
   - Stop enabling parallel and autoreconf explicitly. They are now enabled
     by default.
   - Drop dh-autoreconf from build-depends since debhelper requires it.
 * Add -Wno-format-extra-args to CFLAGS to reduce the noise in the build
   logs, as this warning is emitted on each use of the Debug() macro.
 * Drop libldap-2.4-4-dbg and slapd-dbg binary packages in favour of
   automatic dbgsym packages.
 * Update Standards-Version to 4.0.0; no changes required.
 * Drop Priority and Section from binary package stanzas when they only
   duplicate information from the source stanza.
 * Update Priority of slapd-smbk5pwd and libldap2-dev to optional to match
   the archive.
 * Remove retired developer, Roland Bauerschmidt, from Uploaders.
   (Closes: #856422)
 * Remove Timo Aaltonen from Uploaders, with his agreement.
 * debian/patches/ITS8650-retry-gnutls_handshake-after-GNUTLS_E_AGAIN.patch:
   If gnutls_handshake() returns EAGAIN, call it again. Fixes TLS handshake
   failures when the ServerHello message exceeds 16K.
   (ITS#8650) (Closes: #861838)
 * Drop time from Build-Depends. The upstream testsuite no longer calls it.

-- Ryan Tandy <ryan@nardis.ca>  Thu, 27 Jul 2017 18:04:41 -0700

openldap (2.4.44+dfsg-8) unstable; urgency=medium

 * Disable test060-mt-hot on ppc64el temporarily to avoid failing tests until
   the underlying kernel bug #866122 is fixed.
 * Fix FTBFS with Heimdal 7.2.0: Drop patch heimdal-fix as the
   hdb_generate_key_set_password change was reverted in heimdal. Depend on an
   appropriate minimum version of heimdal.

-- Ryan Tandy <ryan@nardis.ca>  Sun, 16 Jul 2017 12:57:41 -0700

openldap (2.4.44+dfsg-7) unstable; urgency=medium

 * Relax the dependency of libldap-2.4-2 on libldap-common to also permit
   later versions. (Closes: #860774)

-- Ryan Tandy <ryan@nardis.ca>  Tue, 27 Jun 2017 18:53:12 -0700

openldap (2.4.44+dfsg-6) unstable; urgency=medium

 * Update the list of non-translatable strings for the
   slapd/ppolicy_schema_needs_update template. Thanks Ferenc Wágner.
 * Fix upgrade failure when olcSuffix contains a backslash. (Closes: #864719)

-- Ryan Tandy <ryan@nardis.ca>  Mon, 26 Jun 2017 19:42:02 -0700

Reply to: