Changelog for
389-ds-1.3.4.5-8.1.x86_64.rpm :
Tue Dec 5 13:00:00 2017 hguoAATTsuse.com
- Cherry pick upstream CVE fixes:
* 0001-Ticket-48375-SimplePagedResults-in-the-search-error-.patch
* 0002-Ticket-48406-Avoid-self-deadlock-by-PR_Lock-conn-c_m.patch
* 0003-Ticket-48924-Fixup-tombstone-task-needs-to-set-prope.patch
* 0004-Subject-PATCH-1-2-Bug-1347760-CVE-2016-4992-389-ds-b.patch
* 0005-Bug-1347760-CVE-2016-4992-389-ds-base-Information-di.patch
* 0006-Bug-1347760-CVE-2016-4992-389-ds-base-Information-di.patch
* 0007-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch
* 0008-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch
* 0009-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch
* 0010-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch
* 0011-Ticket-48986-47808-triggers-overflow-in-uiduniq.c.patch
* 0012-Ticket-49336-SECURITY-1.3.5.x-Locked-account-provide.patch
* 0013-Fix-for-cve-2017-2668-Remote-crash-via-crafted-LDAP-.patch
* 0014-Ticket-48412-worker-threads-do-not-detect-abnormally.patch
For bsc#1051997, bsc#1007004, bsc#1020670, bsc#1069074, bsc#1069067,
bsc#997256 that correspond to CVE-2017-7551, CVE-2016-5405,
CVE-2017-2668, CVE-2017-2668, CVE-2016-4992.
Fri Nov 20 13:00:00 2015 ajAATTajaissle.de
- Update to new upstream release 1.3.4.5
* Various bugs are fixed
Mon Sep 14 14:00:00 2015 hguoAATTsuse.com
- Upgrade from 1.3.3.13 to 1.3.4.4 with accumulated bugfixes.
Wed Sep 9 14:00:00 2015 ajAATTajaissle.de
- Update to new upstream release 1.3.3.13
- Removed 389-ds-1.3.3.11-CVE-2015-3230.patch (included upstream)
Wed Jun 17 14:00:00 2015 ajAATTajaissle.de
- Update to new upstream release 1.3.3.11
- Added 389-ds-1.3.3.11-CVE-2015-3230.patch:
nsSSL3Ciphers preference not enforced on server side
[boo#934934] [CVE-2015-3230]
Wed Apr 29 14:00:00 2015 ajAATTajaissle.de
- Update to new upstream release 1.3.3.10
* One important security bug was fixed:
Bug 1216203 - CVE-2015-1854 389ds-base: access control bypass with modrdn
Wed Apr 15 14:00:00 2015 jengelhAATTinai.de
- Simplify filelist
Mon Apr 13 14:00:00 2015 ajAATTajaissle.de
- Move bin/ and sbin/ to /usr/lib/389-ds/bin resp. sbin/
- Removed conflict with atheme
Sat Mar 28 13:00:00 2015 ajAATTajaissle.de
- Update to new upstream release 1.3.3.9
* Several bugs are fixed including 2 security bugs
Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all]
Ticket 47431 - Duplicate values for the attribute nsslapd-pluginarg are not handled correctly
Ticket 47451 - dynamic plugins - fix crash caused by invalid plugin config
Ticket 47728 - compilation failed with \' incomplete struct/union/enum\' if not set USE_POSIX_RWLOCKS
Ticket 47742 - 64bit problem on big endian: auth method not supported
Ticket 47801 - RHDS keeps on logging write_changelog_and_ruv: failed to update RUV for unknown
Ticket 47828 - DNA scope: allow to exlude some subtrees
Ticket 47836 - Do not return \'0\' as empty fallback value of nsds5replicalastupdatestart and nsds5replicalastupdatestart
Ticket 47901 - After total init, nsds5replicaLastInitStatus can report an erroneous error status (like \'Referral\')
Ticket 47936 - Create a global lock to serialize write operations over several backends
Ticket 47957 - Make ReplicaWaitForAsyncResults configurable
Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD
Ticket 48003 - add template scripts
Ticket 48003 - build \"suite\" framework
Ticket 48005 - ns-slapd crash in shutdown phase
Ticket 48021 - nsDS5ReplicaBindDNGroup checkinterval not working properly
Ticket 48027 - revise the rootdn plugin configuration validation
Ticket 48030 - spec file should run \"systemctl stop\" against each running instance instead of dirsrv.target
Ticket 48048 - Fix coverity issues - 2015/2/24
Ticket 48048 - Fix coverity issues - 2015/3/1
Ticket 48109 - substring index with nssubstrbegin: 1 is not being used with filters like (attr=x
*)
Wed Dec 24 13:00:00 2014 ajAATTajaissle.de
- Conflicts with atheme -- /usr/sbin/dbverify
Tue Dec 9 13:00:00 2014 ajAATTajaissle.de
- Update to new upstream release 1.3.3.5
* Several bugs are fixed.
Tue Sep 9 14:00:00 2014 ajAATTajaissle.de
- Update to new upstream release 1.3.3.0
* First cut of 389-ds-base-1.3.3.x
Fri Aug 29 14:00:00 2014 ajAATTajaissle.de
- Update to new upstream release 1.3.2.23
* Various bugs were fixed
- Highlights since 1.3.2.16:
* Important bugs including memory leaks and crash bugs were fixed
(1.3.2.17)
* Various bugs were fixed (1.3.2.18)
* Various bugs were fixed (1.3.2.19)
* A security bug was fixed (1.3.2.22)
Thu Mar 27 13:00:00 2014 ajAATTajaissle.de
- Update to new upstream release 1.3.2.16
* Directory server is insecurely misinterpreting authzid on a SASL/GSSAPI bind
* Create a normalized dn cache
* Replication retry time attributes cannot be added
* Empty control list causes LDAP protocol error is thrown (dup 47361)
* Failed to compile the DS 389 1.3.2.3 version against Berkeley DB 4.2 version
* Windows Sync group issues
* Size returned by slapi_entry_size is not accurate
* Single valued attribute replicated ADD does not work
* Environment variables are not passed when DS is started via service
* Propagate plugin precedence to all registered function types
* Unresolved external symbol references break loading of the ACL plugin
* Package issue in 389-ds-base
- Fix unresolveable \'Requires:\'
* perl(Mozilla:LDAP) -> perl(Mozilla::LDAP::API), perl(Mozilla::LDAP::Conn),
perl(Mozilla::LDAP::Entry), perl(Mozilla::LDAP::LDIF), perl(Mozilla::LDAP::Utils)
* cyrus-sasl-md5 -> cyrus-sasl-digestmd5
- Macros for dirsrv-snmp in pre/post/preun/postun
Mon Feb 17 13:00:00 2014 ajAATTajaissle.de
- Update to new upstream release 1.3.2.11
* Enhancement: ACL supports new keyword SELFDN as in \"
=
#SELFDN\" to allow users to create entries assigned to
themselves. Also handling subtype in ACL is improved.
* A dozen of bugs are fixed including a crash bug and a deadlock.
- Spec cleanup
* enable init scripts for openSUSE < 1220 (e.g. SLES)
* dirsrv.target.wants goes into unitdir
* Added a 389-ds-rpmlintrc
- Added 389-ds-base-1.3.2.11_init_fhs.patch
* Make init scripts LSB conform
Fri Dec 27 13:00:00 2013 jengelhAATTinai.de
- Update to new upstream release 1.3.2.10
* Suffixes used in the memberof and referential integrity plug-ins
are now configurable.
* The hard-coded limit of 64 masters was removed.
* Enhancements: plug-in library path validation, replication
logging, changelog trimming interval, and referential integrity.
Fri Aug 2 14:00:00 2013 jengelhAATTinai.de
- Update to new upstream release 1.3.1.5
* Plug-in transaction support
* Normalized DN cache
* Configurable allowed SASL mechanisms
* SASL mapping improvements
* Configurable SASL buffer
* Replication retry settings
* Instance script improvements
* Access log analyzer improvements
* Performance improvements
Mon Mar 11 13:00:00 2013 jengelhAATTinai.de
- Update to new upstream release 1.3.0.3
* No NEWS file available; SCM changelog entries at
http://port389.org/wiki/Releases/1.3.0.2#New_features_.2F_Fixed_bugs_in_1.3.0
Wed Sep 26 14:00:00 2012 jengelhAATTinai.de
- Update to new upstream release 1.2.11.15
* This is a bugfix release to CLEANALLRUV, userpassword,
schema reloading and others.
Mon Sep 17 14:00:00 2012 jengelhAATTinai.de
- Initial package (version 1.2.11.12) for build.opensuse.org