[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SRM] proposed stable update openldap


I've prepared a proposed update to squeeze for openldap. The maintainers
of that package let me know they would like some help so I've proposed
this update to them last week, and received no objections.

I have installed this update in our LDAP test environment with no issues

It contains 3 changes:
- A data loss bug which has been fixed in unstable for a while now;
- Three low-prio security updates which have been in Ubuntu for some time;
- A grave problem when reconfiguring the package.

Changelog follows, debdiff is attached. Please let me know if it's OK to

openldap (2.4.23-7.1) stable; urgency=low

  * Non-maintainer upload targeted at stable.
  * Picked the following patches from various sources:

  [ Matthijs Möhlmann ]
  * Update patch service-operational-before-detach (Closes: #616164, #598361)

  [ Ubuntu Security Team / Jamie Strandboge ]
  * SECURITY UPDATE: fix successful anonymous bind via chain overlay when
    using forwarded authentication failures
    - debian/patches/CVE-2011-1024
    - CVE-2011-1024
  * SECURITY UPDATE: verify password when authenticating to rootdn and
using ndb
    backend. Note: Debian is not compiled with --enable-ndb by default
    - debian/patches/CVE-2011-1025
    - CVE-2011-1025
  * SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests
    and requestDN is empty
    - debian/patches/CVE-2011-1081
    - CVE-2011-1081
    - LP: #742104, Closes: 617606

  [ Raphaël Hertzog ]
  * Fix "dpkg-reconfigure slapd". Closes: #596343

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 25 May 2011 16:40:39 +0200


Attachment: openldap_stable.debdiff
Description: Binary data

Reply to: