projects / openldap.git / log
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
openldap.git
6 years agoslapi-errorlog-file
commit | commitdiff | tree
Debian OpenLDAP Maintainers [Thu, 25 Jul 2019 15:32:00 +0000 (16:32 +0100)]
slapi-errorlog-file

The slapi error log file defaults to /var/errors given our setting
of --localstatedir.  Move it to /var/log/slapi-errors instead.

Debian-specific.

Gbp-Pq: Name slapi-errorlog-file

6 years agoevolution-ntlm
commit | commitdiff | tree
Debian OpenLDAP Maintainers [Thu, 25 Jul 2019 15:32:00 +0000 (16:32 +0100)]
evolution-ntlm

Patch from evolution-exchange (2.10.3).  The ldap_ntlm_bind function is
actually called by evolution-data-server, checked at version 1.12.2.
Without this patch, the Exchange addressbook integration uses simple binds
with cleartext passwords.

Russ checked with openldap-software for upstream's opinion on this patch
on 2007-12-21.  Upstream had never received it as a patch submission and
given that it's apparently only for older Exchange servers that can't do
SASL and DIGEST-MD5, it's not very appealing.

Bug#457374 filed against evolution-data-server asking if this support is
still required on 2007-12-21.

Gbp-Pq: Name evolution-ntlm

6 years agoman-slapd
commit | commitdiff | tree
Debian OpenLDAP Maintainers [Thu, 25 Jul 2019 15:32:00 +0000 (16:32 +0100)]
man-slapd

Patch the slapd man page to not refer to a header file that isn't
installed with the slapd package and to reference the correct path
for slapd.

Debian-specific.

Gbp-Pq: Name man-slapd

6 years agoopenldap (2.4.48+dfsg-1) unstable; urgency=medium
commit | commitdiff | tree
Ryan Tandy [Thu, 25 Jul 2019 15:32:00 +0000 (16:32 +0100)]
openldap (2.4.48+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - fixed slapd to restrict rootDN proxyauthz to its own databases
      (CVE-2019-13057) (ITS#9038) (Closes: #932997)
    - fixed slapd to enforce sasl_ssf ACL statement on every connection
      (CVE-2019-13565) (ITS#9052) (Closes: #932998)
    - added new openldap.h header with OpenLDAP specific libldap interfaces
      (ITS#8671)
    - updated lastbind overlay to support forwarding authTimestamp updates
      (ITS#7721) (Closes: #880656)
  * Update Standards-Version to 4.4.0.
  * Add a systemd drop-in to set RemainAfterExit=no on the slapd service, so
    that systemd marks the service as dead after it crashes or is killed.
    Thanks to Heitor Alves de Siqueira. (Closes: #926657, LP: #1821343)
  * Use more entropy for generating a random admin password, if none was set
    during initial configuration. Thanks to Judicael Courant.
    (Closes: #932270)
  * Replace debian/rules calls to dpkg-architecture and dpkg-parsechangelog
    with variables provided by dpkg-dev includes.
  * Declare R³: no.
  * Create a simple autopkgtest that tests installing slapd and connecting to
    it with an ldap tool.
  * Install the new openldap.h header in libldap2-dev.

[dgit import unpatched openldap 2.4.48+dfsg-1]

6 years agoImport openldap_2.4.48+dfsg.orig.tar.gz
commit | commitdiff | tree
Ryan Tandy [Thu, 25 Jul 2019 15:32:00 +0000 (16:32 +0100)]
Import openldap_2.4.48+dfsg.orig.tar.gz

[dgit import orig openldap_2.4.48+dfsg.orig.tar.gz]

6 years agoImport openldap_2.4.48+dfsg-1.debian.tar.xz
commit | commitdiff | tree
Ryan Tandy [Thu, 25 Jul 2019 15:32:00 +0000 (16:32 +0100)]
Import openldap_2.4.48+dfsg-1.debian.tar.xz

[dgit import tarball openldap 2.4.48+dfsg-1 openldap_2.4.48+dfsg-1.debian.tar.xz]

Unnamed repository; edit this file 'description' to name the repository.