Ubuntu
openldap2.2 package

lp:ubuntu/edgy-security/openldap2.2

Edgy (6.10)
edgy-security

Created by James Westby on 2009-09-28 and last modified on 2009-09-28

Get this branch:: bzr branch lp:ubuntu/edgy-security/openldap2.2

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Development

Recent revisions

11. By Jamie Strandboge on 2008-03-04

* SECURITY UPDATE: slapd crash when using the bdb backend and processing
  crafted modify and modrdn requests
* patch to back-bdb/add.c, back-bdb/ctxcsn.c, back-bdb/delete.c,
  back-bdb/modify.c, back-bdb/modrdn.c to properly check for NOOP option
* References:
  CVE-2007-6698
  CVE-2008-0658
  LP: #197077

10. By Jamie Strandboge on 2007-11-30

* SECURITY UPDATE: slapd crash when processing crafted modify requests
* debian/patches/SECURITY_CVE-2007-5707.patch: properly reset slap_mod_list
  when normalization fails in servers/slapd/modify.c
* References
  CVE-2007-5707
  Fixes LP #163740

9. By Kees Cook on 2006-11-11

* SECURITY UPDATE: Denial of service possible with a crafted remote
  LDAP BIND request due to an assert failure.
* libraries/libldap/getdn.c: check for string end conditions, as done
  in upstream CVS.
* References
  http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/getdn.c.diff?r1=1.133&r2=1.134
  CVE-2006-5779

8. By Martin Pitt on 2006-06-26

* SECURITY UPDATE: Crash/arbitrary code execution with crafted host names.
* servers/slurpd/st.c, St_read():
  - Do not sprintf arbitrarily long strings into fixed-size tbuf.
  - Patch ported from upstream CVS commit:
    http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c.diff?
    r1=1.21&r2=1.22&hideattic=1&sortbydate=0&f=u
  - CVE-2006-2754

7. By Scott James Remnant (Canonical) on 2006-04-11

Create /var/run/slapd in the init script.

6. By Fabio Massimo Di Nitto on 2006-02-13

* Switch default config to use ssl-cert-snakeoil certificates.
* Add Depends on ssl-cert.

5. By Martin Pitt on 2006-01-30

Rebuild against openssl 0.9.8.

4. By Torsten Landschoff on 2005-10-31

Steve Langasek <email address hidden>:
* debian/slapd.templates: Fix typo durin -> during; re-run
debconf-updatepo, fixing up the fuzzies (closes: #319596).

Torsten Landschoff <email address hidden>:
* debian/control: Remove conflicts with ldap-server and ldap-client
virtual packages in preparation for new OpenLDAP packages.
* debian/slapd.scripts-common: Wipe the admin password from the
debconf database after installation (closes: #260204).
* Semi-automatic update of config.sub and config.guess.

3. By Torsten Landschoff on 2005-07-03

[SECURITY] Applied the patch available at
http://bugzilla.padl.com/show_bug.cgi?id=210
to force libldap to really use TLS when requested in /etc/ldap/ldap.conf
(cf. CAN-2005-2069). Clients still will use libldap2 from openldap2
source package so this is only to prepare unleashing the libraries of
OpenLDAP 2.2 for unstable...

2. By Torsten Landschoff on 2005-05-30

debian/DB_CONFIG: Fixed the log cache configuration (used the wrong
command so there was about no effect).

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntuopenldap2.2 package