Back to openldap PTS page

Accepted openldap 2.4.23-7.3+deb6u1 (source) into squeeze-lts

To: debian-lts-changes@lists.debian.org
Subject: Accepted openldap 2.4.23-7.3+deb6u1 (source) into squeeze-lts
From: Ryan Tandy <ryan@nardis.ca>
Date: Sat, 18 Apr 2015 15:19:15 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1YjUWZ-00022V-Mi@franck.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 17 Apr 2015 18:39:40 -0700
Source: openldap
Binary: slapd slapd-smbk5pwd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source
Version: 2.4.23-7.3+deb6u1
Distribution: squeeze-lts
Urgency: high
Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Changed-By: Ryan Tandy <ryan@nardis.ca>
Description:
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
 slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd.
Closes: 663644 729367 761406 776988
Changes:
 openldap (2.4.23-7.3+deb6u1) squeeze-lts; urgency=high
 .
   * debian/slapd.init.ldif: Disallow modifying one's own entry by default,
     except specific attributes. (CVE-2014-9713) (Closes: #761406)
   * debian/slapd.{config,templates}: On upgrade, if an access rule begins with
     "to * by self write", show a debconf note warning that it should be
     changed.
   * debian/slapd.README.debian: Add information about how to remove "to * by
     self write" from existing ACLs.
   * debian/po/*: Add translations of debconf warning.
   * debian/patches/ITS7723-fix-reference-counting.patch: Import upstream patch
     to fix a crash in the rwm overlay when a search is immediately followed by
     an unbind. (ITS#7723) (CVE-2013-4449) (Closes: #729367)
   * debian/patches/ITS8027-deref-reject-empty-attr-list.patch: Import upstream
     patch to fix a crash when a search includes the Deref control with an
     empty attribute list. (ITS#8027) (CVE-2015-1545) (Closes: #776988)
   * debian/patches/ITS7143-fix-attr_dup2-when-attrsOnly.patch: Import upstream
     patch to fix a crash when doing an attrsOnly search of a database
     configured with both the rwm and translucent overlays. (ITS#7143)
     (CVE-2012-1164) (Closes: #663644)
Checksums-Sha1:
 1c6613375b3790e37e03e45ebf31e4bc7264366e 2815 openldap_2.4.23-7.3+deb6u1.dsc
 bfc98011bbd0c141a57475e3834c38bc4f93cffe 158490 openldap_2.4.23-7.3+deb6u1.diff.gz
Checksums-Sha256:
 33675c439af8d610864a245cb5f1e64503d31702db306c711fd5da99e0151739 2815 openldap_2.4.23-7.3+deb6u1.dsc
 bb22b677fea356751bf0db75facd99e27ee33fd365b81694a333d2bfceba2ee2 158490 openldap_2.4.23-7.3+deb6u1.diff.gz
Files:
 162d12730ed2e79a03ad36ba527dfce5 2815 net optional openldap_2.4.23-7.3+deb6u1.dsc
 dd93ab71922f8b61ebf20088cf9b8147 158490 net optional openldap_2.4.23-7.3+deb6u1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIVAwUBVTJiLwkauFYGmqocAQrn6w/9HD9K0wcQmVR2F1o2bSfhHtmwexVczipm
WjswT0jPdAxLiZ/QZNJNbqun8Bh6EaHYDJ+6Gs/+Pusok1Ci/pCaFrAHeQq10F7G
8ty1GltHkcz381HcVE9E47hjFvJtGxvDoFcRqOLOgYfFoO2oRsM0x707KKiEljDr
lIhq6YYdwxnYuh5Rl7j45s4HSA0mDMfOBT9u0APozHsYugxJr8P8BCe5B5/CBj8/
l4HKxYPuKHW0AFT8g6eIXttlg6Ar/XztQ+XEsRS8meh5Qses4baokHZlXMvGIBwM
EX3sad5d8gZPPn/YQ5P8qUXJkowujrPVWdKNiEk1DaMlMt3uw+gYz8z/VnRGMaw6
BdZoTgTRjE/FfFC8HLJudCC/700rWMUmDIxozF4ySaK33Ocnws1Q0CeVhhEK2SbH
QvuMjQLkPldaT5wMr0S7UlyE48Jm3RlofFD+SL91HxcCR/3xoj4/ughnREaioHe1
66dhHR99saDEmaGnEs5MUVgM+/achHAZNyiShKOVU7Mcfp5N5PS9EPATwFvLlQTl
uijmtRKO2GoF6+5kCi9PMeVjkQcSx8ZuDZRahx/z/2O5m44i/ay6KHSeJB61iyFw
nVjtGCpHZZq25nj/gzDRjQRtFCm3tH8NyuUMYEC+OpD0RBKbC7xGzOL0pOxvqbQx
VmwZzpVJPuo=
=cvbE
-----END PGP SIGNATURE-----