SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for 389-ds-base-libs-1.2.11.15-95.el6_9.x86_64.rpm :
Thu Apr 12 14:00:00 2018 Mark Reynolds - 1.2.11.15-95
- Bump version to 1.2.11-15-95
- Resolves: Bug 1562152 - EMBARGOED CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch

Mon Feb 26 13:00:00 2018 Mark Reynolds - 1.2.11-15-94
- Release 1.2.11.15-94
- Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c (fix cherry-pick error)

Mon Feb 26 13:00:00 2018 Mark Reynolds - 1.2.11-15-93
- Release 1.2.11.15-93
- Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c
- Resolves: Bug 1543798 - EMBARGOED CVE-2018-1054 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c

Fri Feb 23 13:00:00 2018 Mark Reynolds - 1.2.11-15-92
- Release 1.2.11.15-92
- Resolves: Bug 1543798 - EMBARGOED CVE-2018-1054 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c

Mon Apr 3 14:00:00 2017 Mark Reynolds - 1.2.11.15-91
- Release 1.2.11.15-91
- Resolves: bug 1437777 - EMBARGOED CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages

Thu Mar 23 13:00:00 2017 Mark Reynolds - 1.2.11.15-90
- Release 1.2.11.15-90
- Resovles: #1435365 - Unable to dereference unqiemember attribute because it is dn [#UID] not dn syntax

Mon Feb 13 13:00:00 2017 Mark Reynolds - 1.2.11.15-89
- Release 1.2.11.15-89
- Resolves: #1421512 - ns-slapd crashes in ldif_sput due to the output buf size is less than the real size.

Mon Jan 30 13:00:00 2017 Noriko Hosoi - 1.2.11.15-88
- Release 1.2.11.15-88
- Resolves: #1413692 - custom schema is registered in small caps after schema reload (DS 47973)
- Resolves: #1408976 - dbscan-bin crashing due to a segmentation fault. (DS 49104)

Tue Jan 17 13:00:00 2017 Noriko Hosoi - 1.2.11.15-87
- Release 1.2.11.15-87
- Resolves: #1391701 - do not treat missing csn as fatal (DS 49020)
- Resolves: #1406835 - memberOf fixup task does not validate args (DS 49072)

Mon Jan 9 13:00:00 2017 Noriko Hosoi - 1.2.11.15-86
- Release 1.2.11.15-86
- Resolves: #1380435 - Backport request of ticket 48983 to RHEL6.9 (DS 49049)
- Resolves: #1400997 - ldif2db.pl script shows wrong usage for -n as instance, instead of database (DS 49070)
- Resolves: #1403754 - ns-slapd crashes during tickets/ticket48665_test.py (DS 48665)
- Resolves: #1410645 - The \"repl-monitor\" web page does not display \"year\" in date. (DS 48220)
- Resolves: #1399600 - ns-slapd segfaults during execution of tickets/ticket47966_test.py (DS 47966, DS 48987)
- Resolves: #1402012 - Importing big ldif file with duplicate DNs throwing \"unable to flush\" error
- Resolves: #1406835 - memberOf fixup task does not validate args (DS 49072)

Mon Nov 7 13:00:00 2016 Noriko Hosoi - 1.2.11.15-85
- Release 1.2.11.15-85
- Resolves: #1372420 - DES to AES backport issues (DS 47462)
- Resolves: #1391324 - ds9 backport 47411 - Replace substring search with plain search in referint plugin (DS 47411)

Thu Oct 27 14:00:00 2016 Noriko Hosoi - 1.2.11.15-84
- Release 1.2.11.15-84
- Resolves: #1352109 - Replication stops working only when fips mode is set to true (DS 48909)
- Resolves: #1372420 - DES to AES backport issues (DS 47462)
- Resolves: #1380435 - Backport request of ticket 48983 to RHEL6.9 (DS 48983)
- Resolves: #1382386 - Directory Server accepts a wrong userdn macro ACI (DS 449)
- Resolves: #1382519 - 1.2.11 only -- coverity fixes (DS 49004)
- Resolves: #1387022 - specific search with sizelimit=1 sometimes returns no entry (DS 47703)
- Resolves: #1387772 - trace args debug logging must be more restrictive (DS 49009)

Thu Oct 6 14:00:00 2016 Noriko Hosoi - 1.2.11.15-83
- Release 1.2.11.15-83
- Resolves: #1327065 - After updating server, component nss-3.21.0-0.3.el6_7.x86_64, some client applications cannot connect to server (DS 48798)
- Resolves: #1266920 - invalid message about write_changelog_and_ruv on consumers (DS 47801)
- Resolves: #1330758 - add a nsTLS1.0 on or off new configuration parameter to cn=encryption,cn=config in RHEL 6 389-ds-base (DS 48816)
- Resolves: #1369572 - cleanallruv changelog cleaning incorrectly impacts all backends (DS 48964)
- Resolves: #1371706 - Server Side Sorting crashes the server. (DS 48970)
- Resolves: #1371678 - Disabling CLEAR password storage scheme will crash server when setting a password (DS 48975)
- Resolves: #1370145 - cannot reindex retrochangelog (DS 47619)

Thu Oct 6 14:00:00 2016 Noriko Hosoi - 1.2.11.15-82
- Release 1.2.11.15-82
- Resolves: #1380435 - Backport request of ticket 48983 to RHEL6.9 (DS 48983)

Wed Oct 5 14:00:00 2016 Noriko Hosoi - 1.2.11.15-81
- Release 1.2.11.15-81
- Resolves: #1368209 - Crash in import_wait_for_space_in_fifo(). (DS 48960)

Thu Sep 29 14:00:00 2016 Noriko Hosoi - 1.2.11.15-80
- Release 1.2.11.15-80
- Resolves: #1316869 - ns-slapd general protection ip:7f570c56afd5 sp:7f56dc7edce0 error:0 in libc-2.12.so (DS 48944)

Wed Sep 21 14:00:00 2016 Noriko Hosoi - 1.2.11.15-79
- Release 1.2.11.15-79
- Resolves: #1358560 - CVE-2016-4992 389-ds-base: Information disclosure via repeated use of LDAP ADD operation
- Resolves: #1372420 - Backport AES storage scheme plugin (DS 47462, 48862, 48243, 48777)
- Resolves: #1321126 - Replication changelog can incorrectly skip over updates
- Resolves: #1373734 - EASY FIX : dereferencing a NULL sr_candidates pointer in ldbm_back_next_search_entry_ext resulted a segfault (DS 47858)

Thu Aug 25 14:00:00 2016 Noriko Hosoi - 1.2.11.15-78
- Release 1.2.11.15-78
- Resolves: #1321126 - Replication changelog can incorrectly skip over updates (DS 48954)
- Resolves: #1361422 - CVE-2016-5416 389-ds-base: ACI readable by anonymous user (DS 48354)
- Resolves: #1360975 - CVE-2016-5405 389-ds-base: Password verification vulnerable to timing attack

Wed Jul 27 14:00:00 2016 Noriko Hosoi - 1.2.11.15-77
- Release 1.2.11.15-77
- Resolves: #1157799 - replication delay when server is configured with multiple replication agreements. (DS 48636)
fixing a backport error

Wed Jul 20 14:00:00 2016 Noriko Hosoi - 1.2.11.15-76
- Release 1.2.11.15-76
- Resolves: #1321126 - Replication changelog can incorrectly skip over updates (DS 48766)
- Resolves: #1157799 - replication delay when server is configured with multiple replication agreements. (DS 48636)

Fri Jun 3 14:00:00 2016 Noriko Hosoi - 1.2.11.15-75
- Release 1.2.11.15-75
- Resolves: #1331599 - Paged results search returns the blank list of entries (DS 48808)
- Resolves: #1332710 - password history is not updated when an admin resets the password (DS 48813)
- Resolves: #1150817 - Running db2index with no options breaks replication (DS 48854)

Thu Mar 3 13:00:00 2016 Noriko Hosoi - 1.2.11.15-74
- Release 1.2.11.15-74
- Resolves: #1313258 - change severity of some messages related to \"keep alive\" entries (DS 48420)

Fri Feb 12 13:00:00 2016 Noriko Hosoi - 1.2.11.15-73
- Release 1.2.11.15-73
- Resolves: #1294770 - Supplier can skip a failing update, although it should retry (DS 47788)
- Resolves: #1298496 - slapd process crashes on entry modification (DS 47964)
- Resolves: #1307152 - keep alive entries can break replication (DS 48445)

Mon Jan 18 13:00:00 2016 Noriko Hosoi - 1.2.11.15-72
- Release 1.2.11.15-72
- Resolves: #1292649 - allow users to specify to relax the FQDN constraint (DS 48332)
- Resolves: #1294770 - Supplier can skip a failing update, although it should retry (DS 47788)
- Resolves: #1296694 - ns-slapd crash in ipa context - c_mutex lock memory corruption and self locks (DS 48406, DS 48338 reverted)
- Resolves: #1297385 - Interpret IPV6 addresses for ACIs, replication, and chaining (DS 196)

Thu Dec 10 13:00:00 2015 Noriko Hosoi - 1.2.11.15-71
- Release 1.2.11.15-71
- Resolves: #1284791 - 389-ds-base: ldclt -e randomauthid Segmentation fault. (DS 48289)
- Resolves: #1290243 - SimplePagedResults -- in the search error case, simple paged results slot was not released (DS 48375)

Tue Dec 8 13:00:00 2015 Noriko Hosoi - 1.2.11.15-70
- Release 1.2.11.15-70
- Resolves: #1259959 - perl module conditional test is not conditional when checking SELinux policies - fixing a regression (DS 48305)
- Resolves: #1282457 - The \'eq\' index does not get updated properly when deleting and re-adding attributes in the same ldapmodify operation (DS 48370)

Wed Nov 18 13:00:00 2015 Noriko Hosoi - 1.2.11.15-69
- Release 1.2.11.15-69
- Resolves: #1247792 - SimplePagedResults -- abandon could happen between the abandon check and sending results -- Fixing a regression introduced in 1.2.11.15-68 (DS 48338)

Fri Nov 6 13:00:00 2015 Noriko Hosoi - 1.2.11.15-68
- Release 1.2.11.15-68
- Resolves: #1278585 - deadlock in mep delete post op (DS 47976)
- Resolves: #1247792 - SimplePagedResults -- abandon could happen between the abandon check and sending results (DS 48338)

Tue Nov 3 13:00:00 2015 Noriko Hosoi - 1.2.11.15-67
- Release 1.2.11.15-67
- Resolves: #1234431 - Man pages and help for remove-ds.pl doesn\'t display \"-a\" option (DS 48245)
- Resolves: #1236148 - Slow replication when deleting large quantities of multi-valued attributes (DS 48195)
- Resolves: #1236156 - Avoid using regex in ACL if possible (DS 48175)
- Resolves: #1236656 - Dynamic nsMatchingRule changes had no effect on the attrinfo thus following reindexing, as well. (DS 48212)
- Resolves: #1240451 - Individual abandoned simple paged results request has no chance to be cleaned up (DS 48192)
- Resolves: #1244970 - Crash during retro changelog trimming (DS 48206)
- Resolves: #1245237 - winsync lastlogon attribute not syncing between DS and AD. (DS 48232)
- Resolves: #1246165 - verify_db.pl doesn\'t verify DB specified by -a option (DS 48215)
- Resolves: #1247812 - logconv autobind handling regression caused by 47446 (DS 48231)
- Resolves: #1253406 - wrong password check if passwordInHistory is decreased. (DS 48228)
- Resolves: #1255290 - db2index creates index entry from deleted records (DS 48252)
- Resolves: #1259959 - perl module conditional test is not conditional when checking SELinux policies (DS 48305)
- Resolves: #1260622 - ns-slapd - LOGINFO:Unable to remove file (DS 48304)
- Resolves: #1265851 - Double free while adding entries (1.2.11 only) (DS 48287)
- Resolves: #1273552 - Deadlock between two MODs on the same entry between entry cache and backend lock (DS 47978)

Thu Oct 15 14:00:00 2015 Noriko Hosoi - 1.2.11.15-66
- Release 1.2.11.15-66
- Resolves: #1270002 - cleanallruv should completely clean changelog (DS 48208)
- Resolves: #1267405 - many attrlist_replace errors in connection with cleanallruv (DS 48283)

Tue Oct 6 14:00:00 2015 Noriko Hosoi - 1.2.11.15-65
- Release 1.2.11.15-65
- Resolves: #1259383 - Fractional replication evaluates several times the same CSN (DS 48266)

Fri Oct 2 14:00:00 2015 Noriko Hosoi - 1.2.11.15-64
- Release 1.2.11.15-64
- Resolves: #1247792 - ns-slapd crashing frequently cause is unknown (DS 48192)
- Resolves: #1267296 - pagedresults - when timed out, search results could have been already freed. (DS 48299)

Thu Oct 1 14:00:00 2015 Noriko Hosoi - 1.2.11.15-63
- Release 1.2.11.15-63
- Resolves: #1247792 - ns-slapd crashing frequently cause is unknown (DS 48192)
- Resolves: #1259383 - Fractional replication evaluates several times the same CSN (DS 48266 48284)

Fri Sep 4 14:00:00 2015 Noriko Hosoi - 1.2.11.15-62
- Release 1.2.11.15-62
- Resolves: #1259546 - regression - COS cache doesn\'t properly mark vattr cache as invalid when there are multiple suffixes (DS 47981)

Fri Aug 28 14:00:00 2015 Noriko Hosoi - 1.2.11.15-61
- Release 1.2.11.15-61
- Resolves: #1251288 - Replication not working for \"delete: attr\"

Tue Jun 9 14:00:00 2015 Noriko Hosoi - 1.2.11.15-60
- Release 1.2.11.15-60
- Resolves: #1228402 - Individual abandoned simple paged results request has no chance to be cleaned up (DS 48192)

Fri Jun 5 14:00:00 2015 Noriko Hosoi - 1.2.11.15-59
- Release 1.2.11.15-59
- Resolves: #1211006 - start/stop/restart-dirsrv utilities should ignore admin-serv directory (DS 48148)
- Resolves: #1203338 - ns-slapd double free or corruption crash (DS 48149)
- Resolves: #1228402 - Individual abandoned simple paged results request has no chance to be cleaned up (DS 48192)

Tue Jun 2 14:00:00 2015 Noriko Hosoi - 1.2.11.15-58
- Release 1.2.11.15-58
- Resolves: #1223068 - Regression introduced by the simple paged results fixes. (DS 48146)
- Resolves: #1203338 - ns-slapd double free or corruption crash (DS 48149)

Tue May 26 14:00:00 2015 Noriko Hosoi - 1.2.11.15-57
- Release 1.2.11.15-57
- Resolves: #1223068 - ldapdelete fails with -r option to delete a sub suffix (DS 48146)
- Resolves: #1219990 - bind on db chained to AD returns err=32 (DS 48183)
- Resolves: #1219208 - cleanAllRUV task limit not being enforced correctly (DS 48158)

Tue May 12 14:00:00 2015 Noriko Hosoi - 1.2.11.15-56
- Release 1.2.11.15-56
- Resolves: #1219218 - fix coverity issues (DS 48151)

Tue May 12 14:00:00 2015 Noriko Hosoi - 1.2.11.15-55
- Release 1.2.11.15-55
- Resolves: #1118285 - Lowering the log level of \"Configured SSL version range\" message (1.2.11 only) (DS 48180)
- Resolves: #1211006 - start/stop/restart-dirsrv utilities should ignore admin-serv directory (DS 48148)
- Resolves: #1219208 - Remove cleanAllRUV task limit of 4 (DS 48158)
- Resolves: #1219218 - Improve CleanAllRUV logging (DS 48151)

Tue May 5 14:00:00 2015 Noriko Hosoi - 1.2.11.15-54
- Release 1.2.11.15-54
- Resolves: #1207983 - disable writing unhashed#user#password to changelog (DS 561)
- Resolves: #1207024 - IPA Replicate creation fails with error \"Update failed! Status: [10 Total update abortedLDAP error: Referral]\" (DS 47942)
- Resolves: #1211077 - nsslapd-ndn-cache-enabled returns 1 or 0 instead of \"on\" or \"off\" (DS 408)
- Resolves: #1211006 - start/stop/restart-dirsrv utilities should ignore admin-serv directory (DS 48148)
- Resolves: #1210996 - Disable SSL v3, by default [389-ds-base-1.2.11 only] (DS 47928)
- Resolves: #1214074 - Need a way to abort a cleanallruv abort task (DS 48154)
- Resolves: #1212657 - Password is not correctly passed to perl command line tools if it contains shell special characters. (DS 48143)
- Resolves: #1218341 - ns-slapd crash related to paged results (DS 48146)

Fri Mar 20 13:00:00 2015 Noriko Hosoi - 1.2.11.15-53
- Release 1.2.11.15-53
- Resolves: #1202502 - memory leak in new_passwdPolicy (1.2.11 only) (DS 48135)
- Resolves: #1202062 - Non tombstone entry which dn starting with \"nsuniqueid=...,\" cannot be deleted (DS 48133)

Thu Feb 19 13:00:00 2015 Noriko Hosoi - 1.2.11.15-52
- Release 1.2.11.15-52
- Resolves: #1193235 - Fix coverity issues and compiler warnings - 2014/12/16, 2014/11/24, 2015/2/18 (DS 47965)

Wed Feb 18 13:00:00 2015 Noriko Hosoi - 1.2.11.15-51
- Release 1.2.11.15-51
- Resolves: #1193235 - Fix coverity issues and compiler warnings - 2014/12/16, 2014/11/24, 2015/2/18 (DS 47965)
- Resolves: #1171308 - Don\'t add unhashed password mod if we don\'t have an unhashed value (DS 47752)
- Resolves: #1167976 - memberof skip nested groups breaks the plugin (DS 47963)
- Resolves: #1185025 - ldclt needs to support SSL Version range (DS 47996)
- Resolves: #1183820 - Windows Sync accidentally cleared raw_entry (DS 47989)
- Resolves: #1155569 - nsslapd-db-locks modify not taking into account. (DS 47934)
- Resolves: #1145072 - Bad manipulation of passwordhistory (DS 47905)
- Resolves: #1144092 - During schema reload sometimes the search returns no results (DS 47973)
- Resolves: #1145374 - WinSync - manual replica refresh removes AD-only member values from DS and AD in groups (DS 47884)
- Resolves: #1193243 - ldbm_usn_init: Valgrind reports Invalid read / SIGSEGV (DS 47659)
- Resolves: #1150368 - provide enabled ciphers as search result (DS 47880)
- Resolves: #1153739 - Add SSL/TLS version info to the access log (DS 47945)
- Resolves: #1118285 - Disable SSL v3, by default [389-ds-base-1.2.11 only] (DS 47928)
- Resolves: #1193241 - logconv.pl -- support parsing/showing/reporting different protocol versions (DS 47949)
- Resolves: #1179763 - COS cache doesn\'t properly mark vattr cache as invalid when there are multiple suffixes (DS 47981)
- Resolves: #1175868 - Incorrect assumption in ndn cache (DS 547)
- Resolves: #1159124 - perl scripts not returning expected error code (DS 47962)
- Resolves: #1115960 - Nested COS definitions can be incorrectly processed (DS 47980)
- Resolves: #1175868 - Backport of Normalized DN Cache (DS 408)
- Resolves: #1174892 - During delete operation do not refresh cache entry if it is a tombstone (DS 47750)
- Resolves: #1174892 - Need to refresh cache entry after called betxn postop plugins (DS 47750)
- Resolves: #1193235 - Fix coverity issues (2014/12/16) (DS 47965)
- Resolves: #1193235 - Fix coverity issues (2014/11/24) (DS 47965)
- Resolves: #1169974 - Account lockout attributes incorrectly updated after failed SASL Bind (DS 47970)
- Resolves: #1169975 - Fix coverity issue (DS 47969)
- Resolves: #1169975 - COS memory leak when rebuilding the cache (DS 47969)
- Resolves: #1170706 - cos_cache_build_definition_list does not stop during server shutdown (DS 47967)
- Resolves: #1167976 - skip nested groups breaks memberof fixup task (DS 47963)
- Resolves: #1167976 - RFE - memberOf - add option to skip nested group lookups during delete operations (DS 47963)
- Resolves: #1171357 - Bind DN tracking unable to write to internalModifiersName without special permissions (DS 47950)
- Resolves: #1162704 - Memory leak in password admin if the admin entry does not exist (DS 47958)
- Resolves: #1162704 - PasswordAdminDN attribute is not properly returned to client (DS 47952)
- Resolves: #1145379 - Fix backport issue to 1.2.11 (DS 47900)
- Resolves: #1145379 - Server fails to start if password admin is set (DS 47900)
- Resolves: #1145379 - Adding an entry with an invalid password as rootDN is incorrectly rejected (DS 47900)
- Resolves: #1141735 - ldclt: assertion failure with -e \"add,counteach\" -e \"object=,rdn=uid:test[A=INCRNNOLOOP(0;24 (DS 47907)

Tue Jan 20 13:00:00 2015 Noriko Hosoi - 1.2.11.15-50
- Release 1.2.11.15-50
- Resolves: #1130990 - Problem with single value attribute MMR replication (DS 47915, DS 569)

Fri Jan 9 13:00:00 2015 Noriko Hosoi - 1.2.11.15-49
- Release 1.2.11.15-49
- Resolves: #1168150 - CVE-2014-8105: information disclosure through \'cn=changelog\' subtree
- Resolves: #1130990 - Problem with single value attribute MMR replication (DS 47915)
- Resolves: #1136882 - default nsslapd-sasl-max-buffer-size should be 2MB (DS 47457)
- Resolves: #1161909 - ACI\'s are replaced by \"ACI_ALL\" after editing goup of ACI\'s including invalid one (DS 47953)

Fri Oct 24 14:00:00 2014 Noriko Hosoi - 1.2.11.15-48
- Release 1.2.11.15-48
- Resolves: #1154766 - ns-slapd segfault in libslapd.so.0.0.0 (#47889)

Mon Sep 29 14:00:00 2014 Noriko Hosoi - 1.2.11.15-47
- Release 1.2.11.15-47
- Resolves: #1138745 - Memory leak during Reliab15 execution (#47750)

Fri Sep 12 14:00:00 2014 Nathan Kinder - 1.2.11.15-46
- Release 1.2.11.15-46
- Resolves: #1138745 - Memory leak during Reliab15 execution

Thu Sep 11 14:00:00 2014 Noriko Hosoi - 1.2.11.15-45
- Release 1.2.11.15-45
- Resolves: #1112702 - Broken dereference control with the FreeIPA 4.0 ACIs (#47885)

Tue Sep 9 14:00:00 2014 Noriko Hosoi - 1.2.11.15-44
- Release 1.2.11.15-44
- Resolves: #1079098 - Simultaneous adding a user and binding as the user could fail in the password policy check (DS 47748) - Simple bind hangs after enabling password policy

Fri Sep 5 14:00:00 2014 Noriko Hosoi - 1.2.11.15-43
- Release 1.2.11.15-43
- Resolves: #1112702 - Broken dereference control with the FreeIPA 4.0 ACIs (#47885)

Thu Aug 21 14:00:00 2014 Noriko Hosoi - 1.2.11.15-42
- Release 1.2.11.15-42
- Resolves: #1129660 - Adding users to user group throws Internal server error.

Wed Aug 20 14:00:00 2014 Noriko Hosoi - 1.2.11.15-41
- Release 1.2.11.15-41
- Resolves: #1130252 - dirsrv not running with old openldap (DS 47875)

Mon Aug 18 14:00:00 2014 Noriko Hosoi - 1.2.11.15-40
- Release 1.2.11.15-40
- Resolves: #1130252 - dirsrv not running with old openldap (DS 47875)
- Resolves: #1103287 - logconv.pl memory continually grows (DS 47446)
- Resolves: #1121596 - Deleting attribute present in nsslapd-allowed-to-delete-attrs returns Operations error (DS 443)
- Resolves: #1109381 - winsync doesn\'t sync DN valued attributes if DS DN value doesn\'t exist (DS 415)
- Resolves: #1128759 - Performance degradation with scope ONE after some load (DS 47874)
- Resolves: #1127612 - Filter AND with only one clause should be optimized (DS 47872)
- Resolves: #1014111 - repl-monitor fails to convert \"
*\" to default values (DS 47862)

Tue Aug 5 14:00:00 2014 Noriko Hosoi - 1.2.11.15-39
- Release 1.2.11.15-39
- Resolves: #1123863
EMBARGOED CVE-2014-3562 - unauthenticated information disclosure (Bug 1123477)
- Resolves: #1123863
High contention on computed attribute lock (DS 616)
- Resolves: #1062763
single valued attribute replicated ADD does not work (DS 47692)
- Resolves: #1121596
Deleting attribute present in nsslapd-allowed-to-delete-attrs returns Operations error (DS 443)
- Resolves: #1014111
Repl-monitor.pl ignores the provided connection parameters (DS 47862)
- Resolves: #1115281
New defects found in 389-ds-base-1.2.11 (DS 47863)
- Resolves: #1112729
paged results control is not working in some cases when we have a subsuffix. (DS 47824)

Tue Jul 1 14:00:00 2014 Noriko Hosoi - 1.2.11.15-38
- Release 1.2.11.15-38
- Resolves: bug 1080185 - revert - Creating a glue fails if one above level is a conflict or missing (DS 47750;Patch233)

Tue Jul 1 14:00:00 2014 Noriko Hosoi - 1.2.11.15-37
- Release 1.2.11.15-37
- Resolves: bug 1113606 - server restart wipes out index config if there is a default index (DS 47831)
- Resolves: bug 1112702 - Broken dereference control with the FreeIPA 4.0 ACIs (DS 47821)
- Resolves: bug 1080185 - Creating a glue fails if one above level is a conflict or missing (DS 47750)

Mon Jun 23 14:00:00 2014 Noriko Hosoi - 1.2.11.15-36
- Release 1.2.11.15-36
- Resolves: bug 1088171 - revert - 7-bit check plugin does not work for userpassword attribute (DS 47423)

Fri Jun 20 14:00:00 2014 Noriko Hosoi - 1.2.11.15-35
- Release 1.2.11.15-35
- Resolves: Bug 1111404 - 1.2.11 branch: coverity errors (DS 47820)

Mon Jun 16 14:00:00 2014 Noriko Hosoi - 1.2.11.15-34
- Release 1.2.11.15-34
- Resolves: bug 1109952 - memory leak in ldapsearch filter objectclass=
* (DS 47780)
- Resolves: bug 1109443 - Server hangs in cos_cache when adding a user entry (DS 47649)
- Resolves: bug 1109333 - 389 Server crashes if uniqueMember is invalid syntax and memberOf plugin is enabled. (DS 47793)
- Resolves: bug 1109335 - Parent numsubordinate count can be incorrectly updated if an error occurs (DS 47782)
- Resolves: bug 1109337 - Nested tombstones become orphaned after purge (DS 47767)
- Resolves: bug 1109352 - Tombstone purging can crash the server if the backend is stopped/disabled (DS 47766)
- Resolves: bug 1109356 - Coverity issue in 1.3.3 (DS 47740)
- Resolves: bug 1109358 - A tombstone entry is deleted by ldapdelete (DS 47731)
- Resolves: bug 1109361 - rsa_null_sha should not be enabled by default (DS 47637)
- Resolves: bug 1109363 - valgrind - value mem leaks, uninit mem usage (DS 47455)
- Resolves: bug 1109373 - provide default syntax plugin (DS 47369)
- Resolves: bug 1109377 - Environment variables are not passed when DS is started via service (DS 47693)
- Resolves: bug 1109379 - changelog iteration should ignore cleaned rids when getting the minCSN (DS 47627)
- Resolves: bug 1109381 - winsync doesn\'t sync DN valued attributes if DS DN value doesn\'t exist (DS 415)
- Resolves: bug 1109384 - logconv.pl man page missing -m,-M,-B,-D (DS 47447)
- Resolves: bug 1109387 - IDL-style can become mismatched during partial restoration
- Resolves: bug 1028344 - Slow ldapmodify operation time for large quantities of multi-valued attribute values (DS 346)
- Resolves: bug 985270 - [RFE] Add Password adminstrators to RHDS 9 as in http://directory.fedoraproject.org/wiki/Password_Administrator (DS 417, 458, 47522)
- Resolves: bug 1070720 - rsearch filter error on any search filter (DS 47722)
- Resolves: bug 1095847 - CoS cache re-scanning severely impacts performance (DS 47762)
- Resolves: bug 1103287 - logconv.pl memory continually grows (DS 47446)
- Resolves: bug 1106917 - managed entry plugin fails to update member pointer on modrdn operation (DS 47813)
- Resolves: bug 1048987 - memory leak in ldapsearch filter objectclass=
* (DS 47780)
- Resolves: bug 1077895 - Memory leak with proxy auth control (DS 47743)
- Resolves: bug 1079098 - Simultaneous adding a user and binding as the user could fail in the password policy check (DS 47748)
- Resolves: bug 1080185 - Creating a glue fails if one above level is a conflict or missing (DS 47750)
- Resolves: bug 1083272 - RHEL6.6 389-ds-base slapd segfault during ipa-replica-instal (DS 47448)
- Resolves: bug 1086454 - ACI warnings in error log (DS 47670)
- Resolves: bug 1086889 - empty modify returns LDAP_INVALID_DN_SYNTAX (DS 47772)
- Resolves: bug 1086901 - mem leak in do_bind when there is an error (DS 47773)
- Resolves: bug 1086903 - mem leak in do_search - rawbase not freed upon certain error (DS 47774)
- Resolves: bug 1086907 - Performing deletes during tombstone purging results in operation errors (DS 47771)
- Resolves: bug 1088171 - 7-bit check plugin does not work for userpassword attribute (DS 47423)
- Resolves: bug 1090176 - #481 breaks possibility to reassemble memberuid list (DS 47770)
- Resolves: bug 1092097 - A replicated MOD fails (Unwilling to perform) if it targets a tombstone (DS 47787)
- Resolves: bug 1094277 - IPA Server Slow Performance, high CPU usage of ns-slapd (DS 47426)
- Resolves: bug 1097002 - Problem with deletion while replicated (DS 47764)
- Resolves: bug 1098653 - db2bak.pl error with changelogdb (DS 47804)
- Resolves: bug 1103337 - find a way to remove replication plugin errors messages \"changelog iteration code returned a dummy entry with csn %s, skipping ...\" (DS 47809)
- Resolves: bug 1001037 - WinSync removes User must change password flag on the Window side (DS 47492)
- Resolves: bug 1004876 - idlistscanlimit per index/type/value (DS 47504)
- Resolves: bug 1008021 - Self entry access ACI not working properly (DS 47331)
- Resolves: bug 1009122 - replication stops with excessive clock skew (DS 47516)
- Resolves: bug 1012699 - DSUtil.pm needs to check $res variable (DS 422)
- Resolves: bug 1013133 - logconv.pl - RFE - track bind info (DS 356)
- Resolves: bug 1013134 - Improve memory management in logconv.pl (DS 419)
- Resolves: bug 1013135 - logconv.pl tool removes the access logs contents if \"-M\" is is not correctly used (DS 471)
- Resolves: bug 1013138 - logconv.pl should handle microsecond timing (DS 539)
- Resolves: bug 1013140 - logconv.pl -m not working for all stats (DS 47336)
- Resolves: bug 1013141 - logconv.pl missing stats for starttls, ldapi, and autobind (DS 611)
- Resolves: bug 1013142 - logconv.pl -m time calculation is wrong (DS 47341)
- Resolves: bug 1013152 - add etimes to per second/minute stats (DS 47348)
- Resolves: bug 1013160 - Indexed search are logged with \'notes=U\' in the access logs (DS 47354)
- Resolves: bug 1013161 - improve logconv.pl performance with large access logs (DS 47387)
- Resolves: bug 1013162 - logconv warning - Use of comma-less variable list is deprecated (DS 47461)
- Resolves: bug 1013163 - logconv.pl uses /var/tmp for BDB temp files (DS 47501)
- Resolves: bug 1013164 - Fix various issues with logconv.pl (DS 47520)
- Resolves: bug 1013165 - logconv: some stats do not work across server restarts (DS 47533)
- Resolves: bug 1014111 - [RFE - RHDS9] CLI report to monitor replication (DS 47538)
- Resolves: bug 1014351 - Coverity fixes - 12023, 12024, and 12025 (DS 47540)
- Resolves: bug 1016717 - memory leak in range searches (DS 47517)
- Resolves: bug 1022500 - Winsync plugin segfault during incremental backoff (DS 47581)
- Resolves: bug 1024337 - Overflow in nsslapd-disk-monitoring-threshold on i686 (DS 47638)
- Resolves: bug 1026956 - 1.2.11.29 crash when removing entries from cache (DS 47577)
- Resolves: bug 1027496 - Replication Failures related to skipped entries due to cleaned rids (DS 47585)
- Resolves: bug 1031222 - hard coded limit of 64 masters in agreement and changelog code (DS 47587)
- Resolves: bug 1032315 - attrcrypt fails to find unlocked key (DS 47596)
- Resolves: bug 1032317 - entries with empty objectclass attribute value can be hidden (DS 47591)
- Resolves: bug 1034265 - 7-bit check plugin not checking MODRDN operation (DS 47641)
- Resolves: bug 1044106 - logconv: failed logins: Use of uninitialized value in numeric comparison at logconv.pl line 949 (DS 47550)
- Resolves: bug 1044108 - logconv: -V does not produce unindexed search report (DS 47551)
- Resolves: bug 1049029 - Windows Sync group issues (DS 47642)
- Resolves: bug 1053232 - modify-delete userpassword (DS 47678)
- Resolves: bug 1053766 - ldapdelete returns non-leaf entry error while trying to remove a leaf entry (DS 47736)
- Resolves: bug 1057805 - Size returned by slapi_entry_size is not accurate (DS 47677)
- Resolves: bug 1060385 - Logconv.pl with an empty access log gives lots of errors (DS 47713)
- Resolves: bug 1062763 - single valued attribute replicated ADD does not work (DS 47692)
- Resolves: bug 1070583 - rhds91 389-ds-base-1.2.11.15-31.el6_5.x86_64 crash in db4 _ (DS 47729)
- Resolves: bug 1073530 - Enrolling a host into IdM/IPA always takes two attempts (IPA 3377, DS 47704)
- Resolves: bug 1074076 - e_uniqueid fails to set if an entry is a conflict entry (DS 47735)
- Resolves: bug 1074305 - Under heavy stress, failure of turning a tombstone into glue (DS 47737)

Mon May 19 14:00:00 2014 Noriko Hosoi - 1.2.11.15-33
- Release 1.2.11.15-33
- Resolves: bug 1044218 - fix memleak caused by 47347 (DS 47623)
- Resolves: bug 1071707 - rhds91 389-ds-base-1.2.11.15-31.el6_5 crash on paged searches followed by simple srch (DS 47707)

Tue Mar 11 13:00:00 2014 Noriko Hosoi - 1.2.11.15-32
- Release 1.2.11.15-32
- Resolves: bug 1074848 - EMBARGOED CVE-2014-0132 389-ds-base: 389-ds: flaw in parsing authzid can lead to privilege escalation [rhel-6.6] (Ticket 47739 - directory server is insecurely misinterpreting authzid on a SASL/GSSAPI bind)

Mon Dec 2 13:00:00 2013 Rich Megginson - 1.2.11.15-31
- Resolves: bug 1033405 - regression in ipa due to patch for ns-slapd stuck in DS_Sleep

Mon Nov 4 13:00:00 2013 Rich Megginson - 1.2.11.15-30
- Resolves: bug 1024977 CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches

Tue Oct 15 14:00:00 2013 Rich Megginson - 1.2.11.15-29
- Bump version to 1.2.11.15-29
- Resolves: bug 1008013: DS91: ns-slapd stuck in DS_Sleep

Tue Oct 8 14:00:00 2013 Noriko Hosoi - 1.2.11.15-28
- Bump version to 1.2.11.15-28
- Resolves: Bug 1016038 - Users from AD sub OU does not sync to IPA (ticket 47488)

Mon Sep 30 14:00:00 2013 Noriko Hosoi - 1.2.11.15-27
- Bump version to 1.2.11.15-27
- Resolves: Bug 1013735 - CLEANALLRUV doesnt run across all replicas (ticket 47509)

Fri Sep 27 14:00:00 2013 Noriko Hosoi - 1.2.11.15-26
- Bump version to 1.2.11.15-26
- Resolves: Bug 947583 - ldapdelete returns non-leaf entry error while trying to remove a leaf entry (ticket 47534)

Thu Sep 26 14:00:00 2013 Noriko Hosoi - 1.2.11.15-25
- Bump version to 1.2.11.15-25
- Resolves: Bug 1006846 - 2Master replication with SASL/GSSAPI auth broken (ticket 47523)
- Resolves: Bug 1007452 - Under specific values of nsDS5ReplicaName, replication may get broken or updates (ticket 47489)

Tue Sep 17 14:00:00 2013 Noriko Hosoi - 1.2.11.15-24
- Bump version to 1.2.11.15-24
- Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold; Changed CONFIG_INT to CONFIG_LONG for nsslapd-disk-monioring-threshold (ticket 47427)

Wed Aug 28 14:00:00 2013 Noriko Hosoi - 1.2.11.15-23
- Bump version to 1.2.11.15-23
- Resolves: Bug 1000632 - CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN
- Resolves: Bug 1002260 - server fails to start after upgrade(schema error) (ticket 47318)

Wed Aug 7 14:00:00 2013 Noriko Hosoi - 1.2.11.15-22
- Bump version to 1.2.11.15-22
- Resolves: Bug 923909 - 389-ds-base cannot handle Kerberos tickets with PAC (ticket 632)
- Resolves: Bug 928159 - CVE-2013-1897 389-ds: unintended information exposure when rootdse is enabled
- Resolves: Bug 947583 - ldapdelete returns non-leaf entry error while trying to remove a leaf entry (ticket 47367)
- Resolves: Bug 951616 - error syncing group if group member user is not synced (ticket 47327)
- Resolves: Bug 953052 - DESC should not be empty as per RFC 2252 (ldapv3) (ticket 47376)
- Resolves: Bug 957305 - DS instance crashes under a high load (ticket 47349)
- Resolves: Bug 957864 - Simple paged results should support async search (ticket 47347)
- Resolves: Bug 958522 - loading an entry from the database should use str2entry_fast (ticket 531)
- Resolves: Bug 962885 - RHEL 6.2 to 6.4 ipa upgrade selinuxusermap data not replicating (ticket 47362)
- Resolves: Bug 963234 - When integrating with Red Hat IDM/DS, an LDAP protocol error is thrown (ticket 47361)
- Resolves: Bug 966781 - new ldap connections can block ldaps and ldapi connections (ticket 47359)
- Resolves: Bug 968383 - Wrong error code return when using EXTERNAL SASL and untrusted certificate (ticket 580)
- Resolves: Bug 968503 - flush_ber error sending back start_tls response will deadlock (ticket 47375)
- Resolves: Bug 969210 - make listen backlog size configurable (ticket 47377)
- Resolves: Bug 970995 - RHDS not shutting down when disk monitoring threshold is reached to half. (ticket 47385)
- Resolves: Bug 971033 - connections attribute in cn=snmp,cn=monitor is counted twice (ticket 47383)
- Resolves: Bug 971966 - 389 DS Replication failures due to Fractional updates (ticket 47386)
- Resolves: Bug 972976 - ldbm errors when adding/modifying/deleting entries (ticket 47392)
- Resolves: Bug 973583 - ns-slapd instance crashed with signal 11 SIGSEGV (ticket 47391)
- Resolves: Bug 974361 - Account policy plugin fails to lock user when policy is created for individual users to lock based to createtimestamp. (ticket 47397)
- Resolves: Bug 974719 - rhds90 crash on tombstone modrdn (ticket 47396)
- Resolves: Bug 974875 - Attributes fail to be encrypted/decrypted properly when replicated (ticket 47393)
- Resolves: Bug 975243 - DS9 still observes altStateAttrName as createTimestamp when attribute is removed from the account policy (ticket 47395)
- Resolves: Bug 975250 - Changelog deadlock replication failures with DNA (ticket 47410)
- Resolves: Bug 976546 - Attribute names are incorrect in search results (ticket 47402)
- Resolves: Bug 979169 - allow setting db deadlock rejection policy (ticket 47409)
- Resolves: Bug 979435 - Replication problem with add-delete requests on single-value (ticket 47424)
- Resolves: Bug 979515 - CVE-2013-2219 Directory Server: ACLs inoperative in some search scenarios
- Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold (ticket 47427)
- Resolves: Bug 983091 - Memory leak in 389-ds-base 1.2.11.15 (ticket 47428)
- Resolves: Bug 986131 - Very large entryusn values after enabling the USN plugin and the lastusn value is negative. (ticket 47435)
- Resolves: Bug 986424 - fix recent compiler warnings (ticket 47378)
- Resolves: Bug 986857 - Disk Monitoring not checking filesystem with logs (ticket 47441)
- Resolves: Bug 987703 - memleaks in set_krb5_creds (ticket 47421)
- Resolves: Bug 988562 - deadlock after adding and deleting entries (ticket 47449)
- Resolves: Bug 989692 - Sorting with attributes in ldapsearch gives incorrect result (ticket 543)

Wed Aug 7 14:00:00 2013 Noriko Hosoi - 1.2.11.15-21
This patch is found broken and duplicated. Getting rid of it in 1.2.11.15-22.
commit 2b3a50d55707ffa281c922ec188850576b757934
Author: Mark Reynolds
Date: Tue Jul 23 10:28:45 2013 -0400
Add patch 0049 for Tickets-47427-47441

Fri Jul 26 14:00:00 2013 Mark Reynolds - 1.2.11.15-20
- Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-threshold(part 5 limits not displayed correctly). (ticket 47427)

Thu Jul 25 14:00:00 2013 Mark Reynolds - 1.2.11.15-19
- Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-threshold(part 4). (ticket 47427)

Thu Jul 25 14:00:00 2013 Mark Reynolds - 1.2.11.15-19
- Bump version to 1.2.11.15-19
- Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-threshold(part 3). (ticket 47427)

Tue Jul 23 14:00:00 2013 Mark Reynolds - 1.2.11.15-19
- Bump version to 1.2.11.15-19
- Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold(part 2). (ticket 47427)
- Resolves: Bug 986857 - Disk Monitoring not checking filesystem with logs (ticket 47741)

Mon Jul 15 14:00:00 2013 Mark Reynolds - 1.2.11.15-18
- Bump version to 1.2.11.15-18
- Resolves: Bug 970995 - DS not shutting down when disk monitoring threshold is reached to half. (Ticket 47385)
- Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold. (ticket 47427)

Wed Apr 10 14:00:00 2013 Noriko Hosoi - 1.2.11.15-14
- Resolves: Bug 921937 - ns-slapd crashes sporadically with segmentation fault in libslapd.so (ticket 627)
- Resolves: Bug 923503 - cleanAllRUV task fails to cleanup config upon completion (ticket 623)

Thu Mar 28 13:00:00 2013 Noriko Hosoi - 1.2.11.15-13
bump version to 1.2.11.15-13
- Resolves: Bug 923503 - cleanAllRUV task fails to cleanup config upon completion (ticket 623)
- Resolves: Bug 923502 - Coverity issue 13091
- Resolves: Bug 923407 - Deadlock in DNA plug-in (ticket 634)
- Resolves: Bug 921937 - ns-slapd crashes sporadically with segmentation fault in libslapd.so (ticket 627)
- Resolves: Bug 923504 - crash in aci evaluation (ticket 628)
- Resolves: Bug 928159 - unintended information exposure when anonymous access is set to rootdse (ticket 47308)

Fri Feb 22 13:00:00 2013 Noriko Hosoi - 1.2.11.15-12
- Resolves: Bug 910581 - dse.ldif is 0 length after server kill or machine kill
- Resolves: Bug 908861 - Error messages encountered when using POSIX winsync
- Resolves: Bug 907985 - DNA: use event queue for config update only at the start up
- Resolves: Bug 830334 - Invalid chaining config triggers a disk full error and shutdown
- Resolves: Bug 906583 - DS returns error 20 when replacing values of a multi-valued attribute (only when replication is enabled)
- Resolves: Bug 906005 - Valgrind reports memleak in modify_update_last_modified_attr
- Resolves: Bug 905825 - PamConfig schema not updated during upgrade
- Resolves: Bug 913215 - ns-slapd segfaults while trying to delete a tombstone entry
- Resolves: Bug 913229 - unauthenticated denial of service vulnerability in handling of LDAPv3 control data

Mon Jan 21 13:00:00 2013 Noriko Hosoi - 1.2.11.15-11
- Resolves: Bug 896256 - updating package touches configuration files

Tue Jan 8 13:00:00 2013 Noriko Hosoi - 1.2.11.15-10
- Resolves: Bug 889083 - For modifiersName/internalModifiersName feature, internalModifiersname is not working for DNA plugin

Fri Jan 4 13:00:00 2013 Noriko Hosoi - 1.2.11.15-9
- Resolves: Bug 891930 - DNA plugin no longer reports additional info when range is depleted

Tue Dec 18 13:00:00 2012 Rich Megginson - 1.2.11.15-8
- Resolves: Bug 887855 - RootDN Access Control plugin is missing after upgrade from RHEL63 to RHEL64

Fri Dec 7 13:00:00 2012 Noriko Hosoi - 1.2.11.15-7
- Resolves: Bug 830355 - [RFE] improve cleanruv functionality
- Resolves: Bug 876650 - Coverity revealed defects
- Ticket #20 - [RFE] Allow automember to work on entries that have already been added (Bug 768084)
- Resolves: Bug 834074 - [RFE] Disable replication agreements
- Resolves: Bug 878111 - ns-slapd segfaults if it cannot rename the logs

Thu Nov 29 13:00:00 2012 Rich Megginson - 1.2.11.15-6
- Resolves: Bug 880305 - spec file missing dependencies for x86_64 6ComputeNode
- use perl-Socket6 on RHEL6

Tue Nov 27 13:00:00 2012 Rich Megginson - 1.2.11.15-5
- Resolves: Bug 880305 - spec file missing dependencies for x86_64 6ComputeNode

Fri Nov 16 13:00:00 2012 Noriko Hosoi - 1.2.11.15-4
- Resolves: Bug 868841 - Newly created users with organizationalPerson objectClass fails to sync from AD to DS with missing attribute error
- Resolves: Bug 868853 - Winsync: DS error logs report wrong version of Windows AD when winsync is configured.
- Resolves: Bug 875862 - crash in DNA if no dnamagicregen is specified
- Resolves: Bug 876694 - RedHat Directory Server crashes (segfaults) when moving ldap entry
- Resolves: Bug 876727 - Search with a complex filter including range search is slow
- Ticket #495 - internalModifiersname not updated by DNA plugin (Bug 834053)

Mon Nov 5 13:00:00 2012 Rich Megginson - 1.2.11.15-3
- Resolves: Bug 870158 - slapd entered to infinite loop during new index addition
- Resolves: Bug 870162 - Cannot abandon simple paged result search
- c970af0 Coverity defects
- 1ac087a Fixing compiler warnings in the posix-winsync plugin
- 2f960e4 Coverity defects
- Ticket #491 - multimaster_extop_cleanruv returns wrong error codes

Tue Oct 9 14:00:00 2012 Noriko Hosoi - 1.2.11.15-2
- Resolves: Bug 834063 [RFE] enable attribute that tracks when a password was last set on an entry in the LDAP store; Ticket #478 passwordTrackUpdateTime stops working with subtree password policies
- Resolves: Bug 847868 [RFE] support posix schema for user and group sync; Ticket #481 expand nested posix groups
- Resolves: Bug 860772 Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in acl
- Resolves: Bug 863576 Dirsrv deadlock locking up IPA
- Resolves: Bug 864594 anonymous limits are being applied to directory manager

Tue Sep 25 14:00:00 2012 Rich Megginson - 1.2.11.15-1
- Resolves: Bug 856657 dirsrv init script returns 0 even when few or all instances fail to start
- Resolves: Bug 858580 389 prevents from adding a posixaccount with userpassword after schema reload

Fri Sep 14 14:00:00 2012 Rich Megginson - 1.2.11.14-1
- Resolves: Bug 852202 Ipa master system initiated more than a dozen simultaneous replication sessions, shut itself down and wiped out its db
- Resolves: Bug 855438 CLEANALLRUV task gets stuck on winsync replication agreement

Tue Sep 4 14:00:00 2012 Rich Megginson - 1.2.11.13-1
- Resolves: Bug 847868 [RFE] support posix schema for user and group sync
- fix upgrade issue with plugin config schema
- posix winsync has default plugin precedence of 25

Fri Aug 31 14:00:00 2012 Rich Megginson - 1.2.11.12-1
- Resolves: Bug 800051 Rebase 389-ds-base to 1.2.11
- Resolves: Bug 742054 SASL/PLAIN binds do not work
- Resolves: Bug 742381 MOD operations with chained delete/add get back error 53 on backend config
- Resolves: Bug 746642 [RFE] define pam_passthru service per subtree
- Resolves: Bug 757836 logconv.pl restarts count on conn=0 instead of conn=1
- Resolves: Bug 768084 [RFE] Allow automember to work on entries that have already been added
- Resolves: Bug 782975 krbExtraData is being null modified and replicated on each ssh login
- Resolves: Bug 803873 Sync with group attribute containing () fails
- Resolves: Bug 818762 winsync should not delete entry that appears to be out of scope
- Resolves: Bug 830001 unhashed#user#password visible after changing password [rhel-6.4]
- Resolves: Bug 830256 Audit log - clear text password in user changes
- Resolves: Bug 830331 ns-slapd exits/crashes if /var fills up
- Resolves: Bug 830334 Invalid chaining config triggers a disk full error and shutdown
- Resolves: Bug 830335 restore of replica ldif file on second master after deleting two records shows only 1 deletion
- Resolves: Bug 830336 db deadlock return should not log error
- Resolves: Bug 830337 usn + mmr = deletions are not replicated
- Resolves: Bug 830338 Change DS to purge ticket from krb cache in case of authentication error
- Resolves: Bug 830340 Make the CLEANALLRUV task one step
- Resolves: Bug 830343 managed entry sometimes doesn\'t delete the managed entry
- Resolves: Bug 830344 [RFE] Improve replication agreement status messages
- Resolves: Bug 830346 ADD operations not in audit log
- Resolves: Bug 830347 389 DS does not support multiple paging controls on a single connection
- Resolves: Bug 830348 Slow shutdown when you have 100+ replication agreements
- Resolves: Bug 830349 cannot use & in a sasl map search filter
- Resolves: Bug 830353 valgrind reported memleaks and mem errors
- Resolves: Bug 830355 [RFE] improve cleanruv functionality
- Resolves: Bug 830356 coverity 12625-12629 - leaks, dead code, unchecked return
- Resolves: Bug 832560 [abrt] 389-ds-base-1.2.10.6-1.fc16: slapi_attr_value_cmp: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)
- Resolves: Bug 833202 transaction retries need to be cache aware
- Resolves: Bug 833218 ldapmodify returns Operations error
- Resolves: Bug 833222 memberOf attribute and plugin behaviour between sub-suffixes
- Resolves: Bug 834046 [RFE] Add nsTLS1 attribute to schema and objectclass nsEncryptionConfig
- Resolves: Bug 834047 Fine Grained Password policy: if passwordHistory is on, deleting the password fails.
- Resolves: Bug 834049 [RFE] Add schema for DNA plugin
- Resolves: Bug 834052 [RFE] limiting Directory Manager (nsslapd-rootdn) bind access by source host (e.g. 127.0.0.1)
- Resolves: Bug 834053 [RFE] Plugins - ability to control behavior of modifyTimestamp/modifiersName
- Resolves: Bug 834054 Should only update modifyTimestamp/modifiersName on MODIFY ops
- Resolves: Bug 834056 Automembership plugin fails in a MMR setup, if data and config area mixed in the plugin configuration
- Resolves: Bug 834057 ldap-agent crashes on start with signal SIGSEGV
- Resolves: Bug 834058 [RFE] logconv.pl : use of getopts to parse commandline options
- Resolves: Bug 834060 passwordMaxFailure should lockout password one sooner - and should be configurable to avoid regressions
- Resolves: Bug 834061 [RFE] RHDS: Implement SO_KEEPALIVE in network calls.
- Resolves: Bug 834063 [RFE] enable attribute that tracks when a password was last set on an entry in the LDAP store
- Resolves: Bug 834064 dnaNextValue gets incremented even if the user addition fails
- Resolves: Bug 834065 Adding Replication agreement should complain if required nsds5ReplicaCredentials not supplied
- Resolves: Bug 834074 [RFE] Disable replication agreements
- Resolves: Bug 834075 logconv.pl reporting unindexed search with different search base than shown in access logs
- Resolves: Bug 835238 Account Usability Control Not Working
- Resolves: Bug 836386 slapi_ldap_bind() doesn\'t check bind results
- Resolves: Bug 838706 referint modrdn not working if case is different
- Resolves: Bug 840153 Impossible to rename entry (modrdn) with Attribute Uniqueness plugin enabled
- Resolves: Bug 841600 Referential integrity plug-in does not work when update interval is not zero
- Resolves: Bug 842437 dna memleak reported by valgrind
- Resolves: Bug 842438 Report during startup if nsslapd-cachememsize is too small
- Resolves: Bug 842440 memberof performance enhancement
- Resolves: Bug 842441 \"Server is unwilling to perform\" when running ldapmodify on nsds5ReplicaStripAttrs
- Resolves: Bug 847868 [RFE] support posix schema for user and group sync
- Resolves: Bug 850683 nsds5ReplicaEnabled can be set with any invalid values.
- Resolves: Bug 852087 [RFE] add attribute nsslapd-readonly so we can reference it in acis
- Resolves: Bug 852088 server to server ssl client auth broken with latest openldap
- Resolves: Bug 852839 variable dn should not be used in ldbm_back_delete

Thu Jun 28 14:00:00 2012 Noriko Hosoi - 1.2.10.2-20
- Resolves: Bug 835238 - Account Usability Control Not Working

Wed Jun 20 14:00:00 2012 Noriko Hosoi - 1.2.10.2-19
- Resolves: Bug 834096 - slapi_attr_value_cmp: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)

Tue Jun 12 14:00:00 2012 Noriko Hosoi - 1.2.10.2-18
- Resolves: Bug 830001 - unhashed#user#password visible after changing password
-- patch 0020 disallows users\' direct modify on unhashed#user#password

Mon Jun 11 14:00:00 2012 Noriko Hosoi - 1.2.10.2-17
- Resolves: Bug 830001 - unhashed#user#password visible after changing password
-- patch 0019 fixes deref issue.

Fri Jun 8 14:00:00 2012 Noriko Hosoi - 1.2.10.2-16
- Resolves: Bug 830001 - unhashed#user#password visible after changing password
- Resolves: Bug 830256 - Audit log - clear text password in user changes

Tue May 22 14:00:00 2012 Rich Megginson - 1.2.10.2-15
- Resolves: Bug 824014 - DS Shuts down intermittently

Fri May 18 14:00:00 2012 Rich Megginson - 1.2.10.2-14
- Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress
-- patch 0015 fixes a small memleak in previous patch

Thu May 17 14:00:00 2012 Rich Megginson - 1.2.10.2-13
- Resolves: Bug 822700 - Bad DNs in ACIs can segfault ns-slapd

Mon May 14 14:00:00 2012 Noriko Hosoi - 1.2.10.2-12
- Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress
- Resolves: Bug 821542 - letters in object\'s cn get converted to lowercase when renaming object

Thu May 10 14:00:00 2012 Noriko Hosoi - 1.2.10.2-11
- Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress
- 1.2.10.2-10 was built from the private branch

Wed May 9 14:00:00 2012 Noriko Hosoi - 1.2.10.2-10
- Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress

Thu May 3 14:00:00 2012 Rich Megginson - 1.2.10.2-9
- Resolves: Bug 815991 - crash in ldap_initialize with multiple threads
- previous fix was still crashing in ldclt

Mon Apr 30 14:00:00 2012 Rich Megginson - 1.2.10.2-8
- Resolves: Bug 815991 - crash in ldap_initialize with multiple threads

Tue Apr 24 14:00:00 2012 Rich Megginson - 1.2.10.2-7
- Resolves: Bug 813964 - IPA dirsvr seg-fault during system longevity test

Tue Apr 10 14:00:00 2012 Rich Megginson - 1.2.10.2-6
- Resolves: Bug 811291 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)
- typo in previous patch

Tue Apr 10 14:00:00 2012 Rich Megginson - 1.2.10.2-5
- Resolves: Bug 811291 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)

Wed Mar 21 13:00:00 2012 Rich Megginson - 1.2.10.2-4
- Resolves: Bug 803930 - ipa not starting after upgade because of missing data
- get rid of posttrans - move update code to post

Tue Mar 13 13:00:00 2012 Rich Megginson - 1.2.10.2-3
- Resolves: Bug 800215 - Certain CMP operations hang or cause ns-slapd to crash

Tue Mar 6 13:00:00 2012 Rich Megginson - 1.2.10.2-2
- Resolves: Bug 800215 - Certain CMP operations hang or cause ns-slapd to crash
- Resolves: Bug 800217 - fix valgrind reported issues

Thu Feb 23 13:00:00 2012 Rich Megginson - 1.2.10.2-1
- Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10
- Resolves: Bug 796770 - crash when replicating orphaned tombstone entry

Tue Feb 14 13:00:00 2012 Rich Megginson - 1.2.10.1-1
- Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10
- Resolves: Bug 790491 - 389 DS Segfaults during replica install in FreeIPA

Mon Feb 13 13:00:00 2012 Rich Megginson - 1.2.10.0-1
- Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10

Mon Feb 6 13:00:00 2012 Rich Megginson - 1.2.10-0.11.rc2
- Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10

Mon Dec 19 13:00:00 2011 Rich Megginson - 1.2.9.16-1
- Bug 759301 - Incorrect entryUSN index under high load in replicated environment
- Bug 743979 - Add slapi_rwlock API and use POSIX rwlocks
- WARNING - patches 0030 and 0031 remove and add back the file configure
- this is necessary because the merge commit to \"rebase\" RHEL-6 to 1.2.9.6
- seriously messed up configure - so in order to add the patch for 743979
- which also touched configure, the file had to be removed and added back
- also note that the commit for the RHEL-6 branch to remove configure does
- not work - the way patch works, it has to match every line exactly in
- order to remove the file, and because the merge commit messed things
- up, it doesn\'t work
- So, DO NOT TOUCH 0030-remove-configure-to-get-rid-of-merge-conflict.patch
- BECAUSE IT IS HAND CRAFTED and not generated by git format-patch
- if you must regenerate this file,
- git format-patch ...args... to generate a file in patch format
- remove all of the patch matches (all the lines beginning with -)
- get the 1.2.9.6 version of configure from the source tarball
- wc -l configure to get the number of lines in the file
- sed \'s/^/-/\' configure >> thefile.patch
- edit thefile.patch to have the right number of lines and have the
- patch commands in the correct place
- PROFIT!!!

Mon Nov 28 13:00:00 2011 Rich Megginson - 1.2.9.15-1
- Bug 752577 - crash when simple paged fails to send entry to client
- Bug 757897 - rhds81 modrn operation and 100% cpu use in replication
- Bug 757898 - Fix Coverity (11104) Resource leak: ids_sasl_user_to_entry (slapd/saslbind.c)

Tue Nov 8 13:00:00 2011 Rich Megginson - 1.2.9.14-1
- Bug 752155 - Use restorecon after creating init script lock file

Thu Oct 6 14:00:00 2011 Rich Megginson - 1.2.9.13-1
- Bug 742381 - part3 - MOD operations with chained delete/add get
- back error 53 on backend config

Mon Oct 3 14:00:00 2011 Rich Megginson - 1.2.9.12-2
- add the actual patch commands for the new patch files

Mon Oct 3 14:00:00 2011 Rich Megginson - 1.2.9.12-1
- Bug 742661 - allow resource limits to be set for paged searches
- independently of limits for other searches/operations
- Bug 742381 - part2 - MOD operations with chained delete/add get
- back error 53 on backend config
- Bug 742382 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
- Bug 742381 - MOD operations with chained delete/add get back
- error 53 on backend config
- Bug 739959 - Allow separate fractional attrs for incremental and total protocols

Fri Sep 16 14:00:00 2011 Rich Megginson - 1.2.9.11-1
- Bug 739196 - Consolidate DS and DS replication bits in one package in RHEL 6.2
- There were two patches in ds-replication for RHEL 6.2 that were added post
- rebase - the two patches for 722292 - these are now in the 389-ds-base package
- and have been cherry-picked to the RHEL-6 internal branch

Wed Sep 7 14:00:00 2011 Nathan Kinder - 1.2.9.10-1
- Bug 736137 - renaming a managed entry does not update mepmanagedby

Thu Sep 1 14:00:00 2011 Rich Megginson - 1.2.9.9-1
- Bug 735217 - simple paged search + ip/dns based ACI hangs server

Wed Aug 31 14:00:00 2011 Rich Megginson - 1.2.9.8-1
- Bug 733443 - large targetattr list with syntax errors cause server to crash or hang
- Bug 734267 - upgradednformat failed to add RDN value - subtree and user account lockout policies implemented?
- Bug 733434 - passwordisglobalpolicy attribute brakes TLS chaining
- Bug 733442 - Ignore an error 32 in this case since we\'re adding a new AutoMember definition
- Bug 733440 - RFE: add option to allow server to start with an expired certificate

Wed Aug 24 14:00:00 2011 Rich Megginson - 1.2.9.7-1
- not released internally

Wed Aug 10 14:00:00 2011 Rich Megginson - 1.2.9.6-1
- Bug 728510 - Run dirsync after sending updates to AD
- Bug 729717 - Fatal error messages when syncing deletes from AD
- Bug 729369 - upgrade DB to upgrade from entrydn to entryrdn format is not working.
- Bug 729378 - delete user subtree container in AD + modify password in DS == DS crash
- Bug 723937 - Slapi_Counter API broken on 32-bit F15
- fixed again - separate tests for atomic ops and atomic bool cas

Mon Aug 8 14:00:00 2011 Rich Megginson - 1.2.9.5-1
- Bug 727511 - ldclt SSL search requests are failing with \"illegal error number -1\" error
- Fix another coverity NULL deref in previous patch

Thu Aug 4 14:00:00 2011 Rich Megginson - 1.2.9.4-1
- Bug 727511 - ldclt SSL search requests are failing with \"illegal error number -1\" error
- Fix coverity NULL deref in previous patch

Wed Aug 3 14:00:00 2011 Rich Megginson - 1.2.9.3-1
- Bug 727511 - ldclt SSL search requests are failing with \"illegal error number -1\" error
- previous patch broke build on el5

Wed Aug 3 14:00:00 2011 Rich Megginson - 1.2.9.2-1
- Bug 727511 - ldclt SSL search requests are failing with \"illegal error number -1\" error

Tue Aug 2 14:00:00 2011 Rich Megginson - 1.2.9.1-2
- Bug 723937 - Slapi_Counter API broken on 32-bit F15
- fixed to use configure test for GCC provided 64-bit atomic functions

Wed Jul 27 14:00:00 2011 Rich Megginson - 1.2.9.1-1
- Bug 663752 - Cert renewal for attrcrypt and encchangelog
- this was \"re-fixed\" due to a deadlock condition with cl2ldif task cancel
- Bug 725953 - Winsync: DS entries fail to sync to AD, if the User\'s CN entry contains a comma
- Bug 725743 - Make memberOf use PRMonitor for it\'s operation lock
- Bug 725542 - Instance upgrade fails when upgrading 389-ds-base package
- Bug 723937 - Slapi_Counter API broken on 32-bit F15
- look for separate openldap ldif library
- Split automember regex rules into separate entries
- writing Inf file shows SchemaFile = ARRAY(0xhexnum)
- add support for ldif files with changetype: add
- Bug 703703 - setup-ds-admin.pl asks for legal agreement to a non-existant file
- Bug 713209 - Update sudo schema
- Bug 719069 - clean up compiler warnings in 389-ds-base 1.2.9

Wed Jul 27 14:00:00 2011 Nathan Kinder - 1.2.8.7-1
- Bug 726136 - memberOf plug-in can deadlock when used with other plug-ins
- Bug 725912 - Instance upgrade fails when upgrading 389-ds-base package

Mon Jul 11 14:00:00 2011 Rich Megginson - 1.2.8.6-1
- Bug 720452 - RDN with % can cause crashes or missing entries
- Bug 720051 - RSA Authentication Server timeouts when using simple paged results on RHDS 8.2.
- Bug 720458 - Directory Server 8.2 logs \"Netscape Portable Runtime error -5961 (TCP connection reset by peer.)\" to error log whereas Directory Server 8.1 did not
- Bug 720459 - Update sudo schema

Fri Jul 1 14:00:00 2011 Rich Megginson - 1.2.8.5-1
- Bug 718351 - Intensive updates on masters could break the consumer\'s cache
- Bug 714298 - unresponsive LDAP service when deleting vlv on replica

Tue Jun 21 14:00:00 2011 Rich Megginson - 1.2.8.4-3
- Bug 714298 - unresponsive LDAP service when deleting vlv on replica - memleak in previous patch

Mon Jun 20 14:00:00 2011 Rich Megginson - 1.2.8.4-2
- Bug 714298 - unresponsive LDAP service when deleting vlv on replica

Fri Jun 17 14:00:00 2011 Rich Megginson - 1.2.8.4-1
- Bug 706209 - LEGAL: RHEL6.1 License issue for 389-ds-base package
- Bug 713317 - Cert renewal for attrcrypt and encchangelog
- Bug 711266 - DS can not restart after create a new objectClass has entryusn attribute
- Bug 712167 - ns-slapd segfaults using suffix referrals
- Bug 709868 - only allow FIPS approved cipher suites in FIPS mode
- Bug 711516 - Support upgrade from Red Hat Directory Server
- Bug 711241 - memory leak found by reliab12
- Bug 711265 - Cannot disable SSLv3 and use TLS only
- Bug 711513 - slapd stops responding

Wed May 18 14:00:00 2011 Rich Megginson - 1.2.8.3-4
- Resolves: Bug 705172 - 389-ds should only be supported and supplied in channels for i386 and x86_64 Server distributions - RHEL 6.1 0day Advisory
- use ix86 macro instead of hardcoded i386 etc.

Wed May 18 14:00:00 2011 Rich Megginson - 1.2.8.3-3
- Resolves: Bug 705172 - 389-ds should only be supported and supplied in channels for i386 and x86_64 Server distributions - RHEL 6.1 0day Advisory
- cannot use wildcard in ExclusiveArch

Wed May 18 14:00:00 2011 Rich Megginson - 1.2.8.3-2
- Resolves: Bug 705172 - 389-ds should only be supported and supplied in channels for i386 and x86_64 Server distributions - RHEL 6.1 0day Advisory

Mon May 2 14:00:00 2011 Rich Megginson - 1.2.8.3-1
- Resolves: Bug 697663 - memory leak: entryusn value is leaked when an entry is deleted
- Resolves: Bug 699458 - windows sync can lose old multi-valued attribute values when a new value is added
- Resolves: Bug 700215 - ldclt core dumps
- Resolves: Bug 700665 - Linked attributes callbacks access free\'d pointers after close
- Resolves: Bug 701057 - userpasswd not replicating

Thu Apr 14 14:00:00 2011 Rich Megginson - 1.2.8.2-1
- 389-ds-base-1.2.8.2
- Bug 696407 - If an entry with a mixed case RDN is turned to be
- a tombstone, it fails to assemble DN from entryrdn

Fri Apr 8 14:00:00 2011 Rich Megginson - 1.2.8.1-1
- 389-ds-base-1.2.8.1
- Bug 693962 - Full replica push loses some entries with multi-valued RDNs

Tue Apr 5 14:00:00 2011 Rich Megginson - 1.2.8.0-2
- added srcver because the version from the source is now
- different than the source in the package

Tue Apr 5 14:00:00 2011 Rich Megginson - 1.2.8.0-1
- 389-ds-base-1.2.8.0
- Bug 693523 - Unable to change schema online
- Bug 693520 - matching rules do not inherit from superior attribute type
- Bug 693522 - nsMatchingRule does not work with multiple values
- Bug 693519 - cannot use localized matching rules
- Bug 693516 - Segfault on index update during full replication push on 1.2.7.5

Tue Mar 29 14:00:00 2011 Rich Megginson - 1.2.8-0.9.rc4
- Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
- bump version to 1.2.8.rc4 - bump ds console version to 1.2.5

Mon Mar 28 14:00:00 2011 Rich Megginson - 1.2.8-0.8.rc2
- Bug 690536 - Double free in dse_add()

Tue Mar 22 13:00:00 2011 Rich Megginson - 1.2.8-0.7.rc2
- 389-ds-base-1.2.8 release candidate 2 - git tag 389-ds-base-1.2.8.rc2
- Bug 689908 - (cov#10610) Fix Coverity NULL pointer dereferences
- Bug 689895 - ns-newpwpolicy.pl needs to use the new DN format
- Bug 689889 - RFE: allow fine grained password policy duration attributes
- in days, hours, minutes, as well
- Bug 688730 - Exported tombstone cannot be imported correctly
- Bug 684349 - slapd crashing when traffic replayed
- Bug 682897 - Allow maxlogsize to be set if logmaxdiskspace is -1
- introduce the concept of the srcprerel - with rc2, we did not rebase
- the source, we are still using the .rc1 source tarball, so we use
- srcprerel of .rc1 but package pre-release is .rc2

Wed Mar 2 13:00:00 2011 Rich Megginson - 1.2.8-0.6.rc1
- 389-ds-base-1.2.8 release candidate 1 - git tag 389-ds-base-1.2.8.rc1
- Resolves: Bug 680575 - Rebase 389-ds-base to pick the latest features and fixes
- Resolves: Bug 681720 - setup-ds-admin.pl - improve hostname validation
- Resolves: Bug 681611 - RFE: allow fine grained password policy duration attributes in
- days, hours, minutes, as well
- Resolves: Bug 681550 - setup-ds-admin.pl --debug does not log to file
- Resolves: Bug 681379 - ns-slapd segfaults if I have more than 100 DBs
- Resolves: Bug 680290 - setup-ds.pl should set SuiteSpotGroup automatically
- Resolves: Bug 681351 - crash in ldap-agent when using OpenLDAP
- Resolves: Bug 681332 - modifying attr value crashes the server, which is supposed to
- be indexed as substring type, but has octetstring syntax
- Resolves: Bug 680305 - ds-logpipe.py script is failing to validate \"-s\" and
- \"--serverpid\" options with \"-t\".

Mon Feb 28 13:00:00 2011 Rich Megginson - 1.2.8-0.5.a3
- Bug 676598 - 389-ds-base multilib: file conflicts
- split off libs into a separate -libs package
- remove old crufty fedora-ds stuff

Thu Feb 24 13:00:00 2011 Rich Megginson - 1.2.8-0.4.a3
- do not create /var/run/dirsrv - setup will create it instead
- remove the fedora-ds initscript upgrade stuff - we do not support that anymore
- convert the remaining lua stuff to plain old shell script

Wed Feb 9 13:00:00 2011 Rich Megginson - 1.2.8-0.3.a3
- 1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3
- Bug 675320 - empty modify operation with repl on or lastmod off will crash server
- Bug 675265 - preventryusn gets added to entries on a failed delete
- Bug 677774 - added support for tmpfiles.d
- Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result search
es
- Bug 672468 - Don\'t use empty path elements in LD_LIBRARY_PATH
- Bug 671199 - Don\'t allow other to write to rundir
- Bug 678646 - Ignore tombstone operations in managed entry plug-in
- Bug 676053 - export task followed by import task causes cache assertion
- Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8
- Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used
- Bug 676689 - crash while adding a new user to be synced to windows
- Bug 604881 - admin server log files have incorrect permissions/ownerships
- Bug 668385 - DS pipe log script is executed as many times as the dirsrv serv
ice is restarted
- Bug 675853 - dirsrv crash segfault in need_new_pw()

Thu Feb 3 13:00:00 2011 Rich Megginson - 1.2.8-0.2.a2
- 1.2.8.a2 release - git tag 389-ds-base-1.2.8.a2
- Errata Patches in patch files
- Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result searches
- Bug 671199 - Don\'t allow other to write to rundir
- Bug 672468 - Don\'t use empty path elements in LD_LIBRARY_PATH
- bugs fixed in released code
- Bug 674430 - Improve error messages for attribute uniqueness
- Bug 616213 - insufficient stack size for HP-UX on PA-RISC
- Bug 615052 - intrinsics and 64-bit atomics code fails to compile
- on PA-RISC
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- Bug 668862 - init scripts return wrong error code
- Bug 670616 - Allow SSF to be set for local (ldapi) connections
- Bug 667935 - DS pipe log script\'s logregex.py plugin is not redirecting the
- log output to the text file
- Bug 668619 - slapd stops responding
- Bug 624547 - attrcrypt should query the given slot/token for
- supported ciphers
- Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any
- error message in logs

Fri Jan 21 13:00:00 2011 Nathan Kinder - 1.2.8-0.1.a1
- 1.2.8-0.1.a1 release
- many bug fixes

Fri Dec 17 13:00:00 2010 Rich Megginson - 1.2.7.5-1
- 1.2.7.5 release - git tag 389-ds-base-1.2.7.5
- Bug 663597 - Memory leaks in normalization code

Fri Dec 10 13:00:00 2010 Rich Megginson - 1.2.7.4-1
- 1.2.7.4 release - git tag 389-ds-base-1.2.7.4
- Bug 661792 - Valid managed entry config rejected

Wed Dec 8 13:00:00 2010 Rich Megginson - 1.2.7.3-1
- 1.2.7.3 release - git tag 389-ds-base-1.2.7.3
- Bug 658312 - Invalid free in Managed Entry plug-in
- Bug 641944 - Don\'t normalize non-DN RDN values

Fri Dec 3 13:00:00 2010 Rich Megginson - 1.2.7.2-1
- 1.2.7.2 release - git tag 389-ds-base-1.2.7.2
- Bug 659456 - Incorrect usage of ber_printf() in winsync code
- Bug 658309 - Process escaped characters in managed entry mappings
- Bug 197886 - Initialize return value for UUID generation code
- Bug 658312 - Allow mapped attribute types to be quoted
- Bug 197886 - Avoid overflow of UUID generator

Tue Nov 23 13:00:00 2010 Rich Megginson - 1.2.7.1-1
- 1.2.7.1 release - git tag 389-ds-base-1.2.7.1
- Bug 656515 - Allow Name and Optional UID syntax for grouping attributes
- Bug 656392 - Remove calls to ber_err_print()
- Bug 625950 - hash nsslapd-rootpw changes in audit log

Tue Nov 16 13:00:00 2010 Rich Megginson - 1.2.7-1
- the 1.2.7 release
- remove the ds-replication sub-package - there will be a new package for it
- remove the selinux policy - dirsrv policy will be provided by the base OS

Wed Nov 3 13:00:00 2010 Rich Megginson - 1.2.7-0.7.a5
- create ds-replication sub package

Tue Nov 2 13:00:00 2010 Kevin Wright - 1.2.7-0.6.a4
- bumped the version to get it to build in brew

Mon Nov 1 13:00:00 2010 Rich Megginson - 1.2.7-0.5.a4
- 1.2.7.a4 release - git tag 389-ds-base-1.2.7.a4
- Bug 647932 - multiple memberOf configuration adding memberOf where there is
no member
- Bug 491733 - dbtest crashes
- Bug 606545 - core schema should include numSubordinates
- Bug 638773 - permissions too loose on pid and lock files
- Bug 189985 - Improve attribute uniqueness error message
- Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operat
ions
- Bug 619633 - Make attribute uniqueness obey requiredObjectClass

Wed Oct 27 14:00:00 2010 Rich Megginson - 1.2.7-0.4.a3
- 1.2.7.a3 release - a2 was never released - this is a rebuild to pick up
- Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
- Adding the ancestorid fix code to ##upgradednformat.pl.

Fri Oct 22 14:00:00 2010 Rich Megginson - 1.2.7-0.3.a3
- 1.2.7.a3 release - a2 was never released
- Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
- Bug 629681 - Retro Changelog trimming does not behave as expected
- Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif
- are not upgraded in the server instance schema dir

Tue Oct 19 14:00:00 2010 Rich Megginson - 1.2.7-0.2.a2
- 1.2.7.a2 release - a1 was the OpenLDAP testday release
- git tag 389-ds-base-1.2.7.a2
- added openldap support on platforms that use openldap with moznss
- for crypto (F-14 and later)
- many bug fixes
- Account Policy Plugin (keep track of last login, disable old accounts)

Fri Oct 8 14:00:00 2010 Rich Megginson - 1.2.7-0.1.a1
- added openldap support

Wed Sep 29 14:00:00 2010 Rich Megginson - 1.2.6.1-3
- bump rel to rebuild again

Mon Sep 27 14:00:00 2010 Rich Megginson - 1.2.6.1-2
- bump rel to rebuild

Thu Sep 23 14:00:00 2010 Rich Megginson - 1.2.6.1-1
- This is the 1.2.6.1 release - git tag 389-ds-base-1.2.6.1
- Bug 634561 - Server crushes when using Windows Sync Agreement
- Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
- Bug 612264 - ACI issue with (targetattr=\'userPassword\')
- Bug 606920 - anonymous resource limit- nstimelimit - also applied to \"cn=directory manager\"
- Bug 631862 - crash - delete entries not in cache + referint

Thu Aug 26 14:00:00 2010 Rich Megginson - 1.2.6-1
- This is the final 1.2.6 release

Tue Aug 10 14:00:00 2010 Rich Megginson - 1.2.6-0.11.rc7
- 1.2.6 release candidate 7
- git tag 389-ds-base-1.2.6.rc7
- Bug 621928 - Unable to enable replica (rdn problem?) on 1.2.6 rc6

Mon Aug 2 14:00:00 2010 Rich Megginson - 1.2.6-0.10.rc6
- 1.2.6 release candidate 6
- git tag 389-ds-base-1.2.6.rc6
- Bug 617013 - repl-monitor.pl use cpu upto 90%
- Bug 616618 - 389 v1.2.5 accepts 2 identical entries with different DN formats
- Bug 547503 - replication broken again, with 389 MMR replication and TCP errors
- Bug 613833 - Allow dirsrv_t to bind to rpc ports
- Bug 612242 - membership change on DS does not show on AD
- Bug 617629 - Missing aliases in new schema files
- Bug 619595 - Upgrading sub suffix under non-normalized suffix disappears
- Bug 616608 - SIGBUS in RDN index reads on platforms with strict alignments
- Bug 617862 - Replication: Unable to delete tombstone errors
- Bug 594745 - Get rid of dirsrv_lib_t label

Wed Jul 14 14:00:00 2010 Rich Megginson - 1.2.6-0.9.rc3
- make selinux-devel explicit Require the base package in order
- to comply with Fedora Licensing Guidelines

Thu Jul 1 14:00:00 2010 Rich Megginson - 1.2.6-0.8.rc3
- 1.2.6 release candidate 3
- git tag 389-ds-base-1.2.6.rc3
- Bug 603942 - null deref in _ger_parse_control() for subjectdn
- 609256 - Selinux: pwdhash fails if called via Admin Server CGI
- 578296 - Attribute type entrydn needs to be added when subtree rename switch is on
- 605827 - In-place upgrade: upgrade dn format should not run in setup-ds-admin.pl
- Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
- Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
- 606920 - anonymous resource limit - nstimelimit - also applied to \"cn=directory manager\"

Wed Jun 16 14:00:00 2010 Rich Megginson - 1.2.6-0.7.rc2
- 1.2.6 release candidate 2

Mon Jun 14 14:00:00 2010 Nathan Kinder - 1.2.6-0.6.rc1
- install replication session plugin header with devel package

Wed Jun 9 14:00:00 2010 Rich Megginson - 1.2.6-0.5.rc1
- 1.2.6 release candidate 1

Tue Jun 1 14:00:00 2010 Marcela Maslanova - 1.2.6-0.4.a4.1
- Mass rebuild with perl-5.12.0

Wed May 26 14:00:00 2010 Rich Megginson - 1.2.6-0.4.a4
- 1.2.6.a4 release

Wed Apr 7 14:00:00 2010 Nathan Kinder - 1.2.6-0.4.a3
- 1.2.6.a3 release
- add managed entries plug-in
- many bug fixes
- moved selinux subpackage into base package

Fri Apr 2 14:00:00 2010 Caolán McNamara - 1.2.6-0.3.a2
- rebuild for icu 4.4

Tue Mar 2 13:00:00 2010 Rich Megginson - 1.2.6-0.2.a2
- 1.2.6.a2 release
- add support for matching rules
- many bug fixes

Thu Jan 14 13:00:00 2010 Nathan Kinder - 1.2.6-0.1.a1
- 1.2.6.a1 release
- Added SELinux policy and subpackages

Tue Jan 12 13:00:00 2010 Rich Megginson - 1.2.5-1
- 1.2.5 final release

Mon Jan 4 13:00:00 2010 Rich Megginson - 1.2.5-0.5.rc4
- 1.2.5.rc4 release

Thu Dec 17 13:00:00 2009 Rich Megginson - 1.2.5-0.4.rc3
- 1.2.5.rc3 release

Mon Dec 7 13:00:00 2009 Rich Megginson - 1.2.5-0.3.rc2
- 1.2.5.rc2 release

Wed Dec 2 13:00:00 2009 Rich Megginson - 1.2.5-0.2.rc1
- 1.2.5.rc1 release

Thu Nov 12 13:00:00 2009 Rich Megginson - 1.2.5-0.1.a1
- 1.2.5.a1 release

Thu Oct 29 13:00:00 2009 Rich Megginson - 1.2.4-1
- 1.2.4 release
- resolves bug 221905 - added support for Salted MD5 (SMD5) passwords - primarily for migration
- resolves bug 529258 - Make upgrade remove obsolete schema from 99user.ldif

Mon Sep 14 14:00:00 2009 Rich Megginson - 1.2.3-1
- 1.2.3 release
- added template-initconfig to %files
- %posttrans now runs update to update the server instances
- servers are shutdown, then restarted if running before install
- scriptlets mostly use lua now to pass data among scriptlet phases

Tue Sep 1 14:00:00 2009 Caolán McNamara - 1.2.2-2
- rebuild with new openssl to fix dependencies

Tue Aug 25 14:00:00 2009 Rich Megginson - 1.2.2-1
- backed out - added template-initconfig to %files - this change is for the next major release
- bump version to 1.2.2
- fix reopened 509472 db2index all does not reindex all the db backends correctly
- fix 518520 - pre hashed salted passwords do not work
- see https://bugzilla.redhat.com/show_bug.cgi?id=518519 for the list of
- bugs fixed in 1.2.2

Fri Aug 21 14:00:00 2009 Tomas Mraz - 1.2.1-5
- rebuilt with new openssl

Wed Aug 19 14:00:00 2009 Noriko Hosoi - 1.2.1-4
- added template-initconfig to %files

Wed Aug 12 14:00:00 2009 Rich Megginson - 1.2.1-3
- added BuildRequires pcre

Fri Jul 24 14:00:00 2009 Fedora Release Engineering - 1.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

Mon May 18 14:00:00 2009 Rich Megginson - 1.2.1-1
- change name to 389
- change version to 1.2.1
- added initial support for numeric string syntax
- added initial support for syntax validation
- added initial support for paged results including sorting

Tue Apr 28 14:00:00 2009 Rich Megginson - 1.2.0-4
- final release 1.2.0
- Resolves: bug 475338 - LOG: the intenal type of maxlogsize, maxdiskspace and minfreespace should be 64-bit integer
- Resolves: bug 496836 - SNMP ldap-agent on Solaris: Unable to open semaphore for server: 389
- CVS tag: FedoraDirSvr_1_2_0 FedoraDirSvr_1_2_0_20090428

Mon Apr 6 14:00:00 2009 Rich Megginson - 1.2.0-3
- re-enable ppc builds

Thu Apr 2 14:00:00 2009 Rich Megginson - 1.2.0-2
- exclude ppc builds - needs extensive porting work

Mon Mar 30 14:00:00 2009 Rich Megginson - 1.2.0-1
- new release 1.2.0
- Made devel package depend on mozldap-devel
- only create run dir if it does not exist
- CVS tag: FedoraDirSvr_1_2_0_RC1 FedoraDirSvr_1_2_0_RC1_20090330

Thu Oct 30 13:00:00 2008 Noriko Hosoi - 1.1.3-7
- added db4-utils to Requires for verify-db.pl

Mon Oct 13 14:00:00 2008 Noriko Hosoi - 1.1.3-6
- Enabled LDAPI autobind

Thu Oct 9 14:00:00 2008 Rich Megginson - 1.1.3-5
- updated update to patch bug463991-bdb47.patch

Thu Oct 9 14:00:00 2008 Rich Megginson - 1.1.3-4
- updated patch bug463991-bdb47.patch

Mon Sep 29 14:00:00 2008 Rich Megginson - 1.1.3-3
- added patch bug463991-bdb47.patch
- make ds work with bdb 4.7

Wed Sep 24 14:00:00 2008 Rich Megginson - 1.1.3-2
- rolled back bogus winsync memory leak fix

Tue Sep 23 14:00:00 2008 Rich Megginson - 1.1.3-1
- winsync api improvements for modify operations

Fri Jun 13 14:00:00 2008 Rich Megginson - 1.1.2-1
- This is the 1.1.2 release. The bugs fixed can be found here
- https://bugzilla.redhat.com/showdependencytree.cgi?id=452721
- Added winsync-plugin.h to the devel subpackage

Fri Jun 6 14:00:00 2008 Rich Megginson - 1.1.1-2
- bump rev to rebuild and pick up new version of ICU

Fri May 23 14:00:00 2008 Rich Megginson - 1.1.1-1
- 1.1.1 release candidate - several bug fixes

Wed Apr 16 14:00:00 2008 Rich Megginson - 1.1.0.1-4
- fix bugzilla 439829 - patch to allow working with NSS 3.11.99 and later

Tue Mar 18 13:00:00 2008 Tom \"spot\" Callaway - 1.1.0.1-3
- add patch to allow server to work with NSS 3.11.99 and later
- do NSS_Init after fork but before detaching from console

Tue Mar 18 13:00:00 2008 Tom \"spot\" Callaway - 1.1.0.1-3
- add Requires for versioned perl (libperl.so)

Wed Feb 27 13:00:00 2008 Rich Megginson - 1.1.0.1-2
- previous fix for 434403 used the wrong patch
- this is the right one

Wed Feb 27 13:00:00 2008 Rich Megginson - 1.1.0.1-1
- Resolves bug 434403 - GCC 4.3 build fails
- Rolled new source tarball which includes Nathan\'s fix for the struct ucred
- NOTE: Change version back to 1.1.1 for next release
- this release was pulled from CVS tag FedoraDirSvr110_gcc43

Tue Feb 19 13:00:00 2008 Fedora Release Engineering - 1.1.0-5
- Autorebuild for GCC 4.3

Thu Dec 20 13:00:00 2007 Rich Megginson - 1.1.0-4
- This is the GA release of Fedora DS 1.1
- Removed version numbers for BuildRequires and Requires
- Added full URL to source tarball

Fri Dec 7 13:00:00 2007 Release Engineering - 1.1.0-3
- Rebuild for deps

Wed Nov 7 13:00:00 2007 Rich Megginson - 1.1.0-2.0
- This is the beta2 release
- new file added to package - /etc/sysconfig/dirsrv - for setting
- daemon environment as is usual in other linux daemons

Thu Aug 16 14:00:00 2007 Rich Megginson - 1.1.0-1.2
- fix build breakage due to open()
- mock could not find BuildRequires: db4-devel >= 4.2.52
- mock works if >= version is removed - it correctly finds db4.6

Fri Aug 10 14:00:00 2007 Rich Megginson - 1.1.0-1.1
- Change pathnames to use the pkgname macro which is dirsrv
- get rid of cvsdate in source name

Fri Jul 20 14:00:00 2007 Rich Megginson - 1.1.0-0.3.20070720
- Added Requires for perldap, cyrus sasl plugins
- Removed template-migrate
* files
- Added perl module directory
- Removed install.inf - setup-ds.pl can now easily generate one

Mon Jun 18 14:00:00 2007 Nathan Kinder - 1.1.0-0.2.20070320
- added requires for mozldap-tools

Tue Mar 20 13:00:00 2007 Rich Megginson - 1.1.0-0.1.20070320
- update to latest sources
- added migrateTo11 to allow migrating instances from 1.0.x to 1.1
- ldapi support
- fixed pam passthru plugin ENTRY method

Fri Feb 23 13:00:00 2007 Rich Megginson - 1.1.0-0.1.20070223
- Renamed package to fedora-ds-base, but keep names of paths/files/services the same
- use the shortname macro (fedora-ds) for names of paths, files, and services instead
- of name, so that way we can continue to use e.g. /etc/fedora-ds instead of /etc/fedora-ds-base
- updated to latest sources

Tue Feb 13 13:00:00 2007 Rich Megginson - 1.1.0-0.1.20070213
- More cleanup suggested by Dennis Gilmore
- This is the fedora extras candidate based on cvs tag FedoraDirSvr110a1

Fri Feb 9 13:00:00 2007 Rich Megginson - 1.1.0-1.el4.20070209
- latest sources
- added init scripts
- use /etc as instconfigdir

Wed Feb 7 13:00:00 2007 Rich Megginson - 1.1.0-1.el4.20070207
- latest sources
- moved all executables to _bindir

Mon Jan 29 13:00:00 2007 Rich Megginson - 1.1.0-1.el4.20070129
- latest sources
- added /var/tmp/fedora-ds to dirs

Fri Jan 26 13:00:00 2007 Rich Megginson - 1.1.0-8.el4.20070125
- added logconv.pl
- added slapi-plugin.h to devel package
- added explicit dirs for /var/log/fedora-ds et. al.

Thu Jan 25 13:00:00 2007 Rich Megginson - 1.1.0-7.el4.20070125
- just move all .so files into the base package from the devel package

Thu Jan 25 13:00:00 2007 Rich Megginson - 1.1.0-6.el4.20070125
- Move the plugin
*.so files into the main package instead of the devel
- package because they are loaded directly by name via dlopen

Fri Jan 19 13:00:00 2007 Rich Megginson - 1.1.0-5.el4.20070125
- Move the script-templates directory to datadir/fedora-ds

Fri Jan 19 13:00:00 2007 Rich Megginson - 1.1.0-4.el4.20070119
- change mozldap to mozldap6

Fri Jan 19 13:00:00 2007 Rich Megginson - 1.1.0-3.el4.20070119
- remove . from cvsdate define

Fri Jan 19 13:00:00 2007 Rich Megginson - 1.1.0-2.el4.20070119
- Having a problem building in Brew - may be Release format

Fri Jan 19 13:00:00 2007 Rich Megginson - 1.1.0-1.el4.cvs20070119
- Changed version to 1.1.0 and added Release 1.el4.cvs20070119
- merged in changes from Fedora Extras candidate spec file

Mon Jan 15 13:00:00 2007 Rich Megginson - 1.1-0.1.cvs20070115
- Bump component versions (nspr, nss, svrcore, mozldap) to their latest
- remove unneeded patches

Tue Jan 9 13:00:00 2007 Dennis Gilmore - 1.1-0.1.cvs20070108
- update to a cvs snapshot
- fedorafy the spec
- create -devel subpackage
- apply a patch to use mozldap not mozldap6
- apply a patch to allow --prefix to work correctly

Mon Dec 4 13:00:00 2006 Rich Megginson - 1.0.99-16
- Fixed the problem where the server would crash upon shutdown in dblayer
- due to a race condition among the database housekeeping threads
- Fix a problem with normalized absolute paths for db directories

Tue Nov 28 13:00:00 2006 Rich Megginson - 1.0.99-15
- Touch all of the ldap/admin/src/scripts/
*.in files so that they
- will be newer than their corresponding script template files, so
- that make will rebuild them.

Mon Nov 27 13:00:00 2006 Rich Megginson - 1.0.99-14
- Chown new schema files when copying during instance creation

Tue Nov 21 13:00:00 2006 Rich Megginson - 1.0.99-13
- Configure will get ldapsdk_bindir from pkg-config, or $libdir/mozldap6

Tue Nov 21 13:00:00 2006 Rich Megginson - 1.0.99-12
- use eval to sed ./configure into ../configure

Tue Nov 21 13:00:00 2006 Rich Megginson - 1.0.99-11
- jump through hoops to be able to run ../configure

Tue Nov 21 13:00:00 2006 Rich Megginson - 1.0.99-10
- Need to make built dir in setup section

Tue Nov 21 13:00:00 2006 Rich Megginson - 1.0.99-9
- The template scripts needed to use AATTlibdirAATT instead of hardcoding
- /usr/lib
- Use make DESTDIR=$RPM_BUILD_ROOT install instead of % makeinstall
- do the actual build in a \"built\" subdirectory, until we remove
- the old script templates

Thu Nov 16 13:00:00 2006 Rich Megginson - 1.0.99-8
- Make replication plugin link with libdb

Wed Nov 15 13:00:00 2006 Rich Megginson - 1.0.99-7
- Have make define LIBDIR, BINDIR, etc. for C code to use
- especially for create_instance.h

Tue Nov 14 13:00:00 2006 Rich Megginson - 1.0.99-6
- Forgot to checkin new config.h.in for AC_CONFIG_HEADERS

Tue Nov 14 13:00:00 2006 Rich Megginson - 1.0.99-5
- Add perldap as a Requires; update sources

Thu Nov 9 13:00:00 2006 Rich Megginson - 1.0.99-4
- Fix ds_newinst.pl
- Remove obsolete #defines

Thu Nov 9 13:00:00 2006 Rich Megginson - 1.0.99-3
- Update sources; rebuild to populate brew yum repo with dirsec-nss

Tue Nov 7 13:00:00 2006 Rich Megginson - 1.0.99-2
- Update sources

Thu Nov 2 13:00:00 2006 Rich Megginson - 1.0.99-1
- initial revision


 
ICM