summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Debian OpenLDAP Maintainers [Fri, 22 Jan 2021 03:54:40 +0000 (03:54 +0000)]
ldapi-socket-place
Move the ldapi socket to /var/run/slapd from /var/run, since /var/run
is only writable by root and slapd runs as openldap.
Debian-specific.
Gbp-Pq: Name ldapi-socket-place
Debian OpenLDAP Maintainers [Fri, 22 Jan 2021 03:54:40 +0000 (03:54 +0000)]
slapi-errorlog-file
The slapi error log file defaults to /var/errors given our setting
of --localstatedir. Move it to /var/log/slapi-errors instead.
Debian-specific.
Gbp-Pq: Name slapi-errorlog-file
Debian OpenLDAP Maintainers [Fri, 22 Jan 2021 03:54:40 +0000 (03:54 +0000)]
evolution-ntlm
Patch from evolution-exchange (2.10.3). The ldap_ntlm_bind function is
actually called by evolution-data-server, checked at version 1.12.2.
Without this patch, the Exchange addressbook integration uses simple binds
with cleartext passwords.
Russ checked with openldap-software for upstream's opinion on this patch
on 2007-12-21. Upstream had never received it as a patch submission and
given that it's apparently only for older Exchange servers that can't do
SASL and DIGEST-MD5, it's not very appealing.
Bug#457374 filed against evolution-data-server asking if this support is
still required on 2007-12-21.
Gbp-Pq: Name evolution-ntlm
Debian OpenLDAP Maintainers [Fri, 22 Jan 2021 03:54:40 +0000 (03:54 +0000)]
man-slapd
Patch the slapd man page to not refer to a header file that isn't
installed with the slapd package and to reference the correct path
for slapd.
Debian-specific.
Gbp-Pq: Name man-slapd
Ryan Tandy [Fri, 22 Jan 2021 03:54:40 +0000 (03:54 +0000)]
openldap (2.4.47+dfsg-3+deb10u5) buster-security; urgency=high
* Fix slapd crashes in Certificate Exact Assertion processing
(ITS#9404, ITS#9424) (CVE-2020-36221)
* Fix slapd assertion failures in saslAuthzTo validation
(ITS#9406, ITS#9407) (CVE-2020-36222)
* Fix slapd crash in Values Return Filter control handling
(ITS#9408) (CVE-2020-36223)
* Fix slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413)
(CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
* Fix slapd assertion failure in X.509 DN parsing
(ITS#9423) (CVE-2020-36230)
* Fix slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
* Fix slapd crash in Certificate List Exact Assertion processing
(ITS#9427) (CVE-2020-36228)
* Fix slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227)
[dgit import unpatched openldap 2.4.47+dfsg-3+deb10u5]
Ryan Tandy [Fri, 22 Jan 2021 03:54:40 +0000 (03:54 +0000)]
Import openldap_2.4.47+dfsg-3+deb10u5.debian.tar.xz
[dgit import tarball openldap 2.4.47+dfsg-3+deb10u5 openldap_2.4.47+dfsg-3+deb10u5.debian.tar.xz]
Ryan Tandy [Sun, 23 Dec 2018 20:50:40 +0000 (20:50 +0000)]
Import openldap_2.4.47+dfsg.orig.tar.gz
[dgit import orig openldap_2.4.47+dfsg.orig.tar.gz]
projects / openldap.git / log