Changelog for 389-ds-1.3.4.15-2.2.x86_64.rpm :

* Wed Oct 24 2018 ajAATTajaissle.de- Update to 1.3.4.15 Detailed Changelog since 1.3.4.14
* Ticket 48909 - Replication stops working in FIPS mode
* Ticket 48975 - Disabling CLEAR password storage scheme will crash server when setting a password
* Ticket 48970 - Serverside sorting crashes the server
* Ticket 48882 - server can hang in connection list processing
* Ticket 48972 - remove old pwp code that adds/removes ACIs
* Ticket 48964 - cleanAllRUV changelog purging incorrectly processes all backends
* Ticket 48960 - Crash in import_wait_for_space_in_fifo().
* Ticket 48954 - replication fails because anchorcsn cannot be found- Update to 1.3.4.14 Detailed Changelog since 1.3.4.9
* CVE-2016-4992 389-ds-base: Information disclosure via repeated use of LDAP ADD operation, etc.
* Ticket 47538 - Fix repl-monitor color and lag times
* Ticket 47538 - repl-monitor.pl legend not properly sorted
* Ticket 47538 - repl-monitor.pl not displaying correct color code for lag time
* Ticket 47819 - RFE - improve tombstone purging performance
* Ticket 47888 - DES to AES password conversion fails if a backend is empty
* Ticket 47888 - Add CI test
* Ticket 48078 - CI test - paged_results - TET part
* Ticket 48109 - substring index with nssubstrbegin: 1 is not being used with filters like (attr=x
*)
* Ticket 48492 - heap corruption at schema replication.
* Ticket 48497 - uncomment pytest from CI test
* Ticket 48636 - Fix config validation check
* Ticket 48636 - Improve replication convergence
* Ticket 48752 - Page result search should return empty cookie if there is no returned entry
* Ticket 48752 - Add CI test
* Ticket 48755 - moving an entry could make the online init fail
* Ticket 48766 - Replication changelog can incorrectly skip over updates
* Ticket 48767 - flow control in replication also blocks receiving results
* Ticket 48795 - Make various improvements to create_test.py
* Ticket 48798 - Enable DS to offer weaker DH params in NSS
* Ticket 48799 - objectclass values could be dropped on the consumer
* Ticket 48799 - Test cases for objectClass values being dropped.
* Ticket 48808 - Add test case
* Ticket 48808 - Paged results search returns the blank list of entries
* Ticket 48813 - password history is not updated when an admin resets the password
* Ticket 48848 - modrdn deleteoldrdn can fail to find old attribute value, perhaps due to case folding
* Ticket 48854 - Running db2index with no options breaks replication
* Ticket 48862 - At startup DES to AES password conversion causes timeout in start script
* Ticket 48889 - ldclt - fix man page and usage info
* Ticket 48898 - Crash during shutdown if nunc-stans is enabled
* Ticket 48900 - Add connection perf stats to logconv.pl
* Ticket 48922 - Fix crash when deleting backend while import is running
* Ticket 48924 - Fixup tombstone task needs to set proper flag when updating tombstones
* Ticket 48930 - Paged result search can hang the server
* Ticket 48935 - Update dirsrv.systemd file- Update to 1.3.4.9 Detailed Changelog since 1.3.4.8
* Ticket 48759 - no plugin calls in tombstone purging
* Ticket 48757 - License tag does not match actual license of code
* Ticket 48746 - Crash when indexing an attribute with a matching rule
* ticket 48497 - extended search without MR indexed attribute prevents later indexing with that MR
* Ticket 48368 - Resolve the py.test conflicts with the create_test.py issue
* Ticket 48420 - change severity of some messages related to “keep alive” entries
* Ticket 48748 - Fix memory_leaks test suite teardown failure
* Ticket 48270 - fail to index an attribute with a specific matching rule- Update to 1.3.4.8 Detailed Changelog since 1.3.4.5:
* Ticket 47788 - Supplier can skip a failing update, although it should retry
* Ticket 48289 - 389-ds-base: ldclt-bin killed by SIGSEGV
* Ticket 48305 - perl module conditional test is not conditional when checking SELinux policies
* Ticket 48312 - Crash when doing modrdn on managed entry
* Ticket 48332 - allow users to specify to relax the FQDN constraint
* Ticket 48341 - deadlock on connection mutex
* Ticket 48362 - With exhausted range, part of DNA shared configuration is deleted after server restart
* Ticket 48369 - RFE - Add config setting to always send the password expiring time
* Ticket 48370 - The ‘eq’ index does not get updated properly when deleting and re-adding attributes in the same modify operation
* Ticket 48375 - SimplePagedResults – in the search error case, simple paged results slot was not released.
* Ticket 48388 - db2ldif -r segfaults from time to time
* Ticket 48406 - Avoid self deadlock by PR_Lock(conn->c_mutex)
* Ticket 48412 - worker threads do not detect abnormally closed connections
* Ticket 48445 - keep alive entries can break replication
* Ticket 48448 - dirsrv start-stop fail in certain shell environments.
* Ticket 48492 - heap corruption at schema replication.
* Ticket 48536 - Crash in slapi_get_object_extension- Dropped upstream-included patches:
* 0001-Ticket-48375-SimplePagedResults-in-the-search-error-.patch
* 0002-Ticket-48406-Avoid-self-deadlock-by-PR_Lock-conn-c_m.patch
* 0003-Ticket-48924-Fixup-tombstone-task-needs-to-set-prope.patch
* 0004-Subject-PATCH-1-2-Bug-1347760-CVE-2016-4992-389-ds-b.patch
* 0005-Bug-1347760-CVE-2016-4992-389-ds-base-Information-di.patch
* 0006-Bug-1347760-CVE-2016-4992-389-ds-base-Information-di.patch
* 0014-Ticket-48412-worker-threads-do-not-detect-abnormally.patch
* Tue Dec 05 2017 hguoAATTsuse.com- Cherry pick upstream CVE fixes:
* 0001-Ticket-48375-SimplePagedResults-in-the-search-error-.patch
* 0002-Ticket-48406-Avoid-self-deadlock-by-PR_Lock-conn-c_m.patch
* 0003-Ticket-48924-Fixup-tombstone-task-needs-to-set-prope.patch
* 0004-Subject-PATCH-1-2-Bug-1347760-CVE-2016-4992-389-ds-b.patch
* 0005-Bug-1347760-CVE-2016-4992-389-ds-base-Information-di.patch
* 0006-Bug-1347760-CVE-2016-4992-389-ds-base-Information-di.patch
* 0007-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch
* 0008-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch
* 0009-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch
* 0010-Ticket-bz1358565-clear-and-unsalted-password-types-a.patch
* 0011-Ticket-48986-47808-triggers-overflow-in-uiduniq.c.patch
* 0012-Ticket-49336-SECURITY-1.3.5.x-Locked-account-provide.patch
* 0013-Fix-for-cve-2017-2668-Remote-crash-via-crafted-LDAP-.patch
* 0014-Ticket-48412-worker-threads-do-not-detect-abnormally.patch For bsc#1051997, bsc#1007004, bsc#1020670, bsc#1069074, bsc#1069067, bsc#997256 that correspond to CVE-2017-7551, CVE-2016-5405, CVE-2017-2668, CVE-2017-2668, CVE-2016-4992.
* Fri Nov 20 2015 ajAATTajaissle.de- Update to new upstream release 1.3.4.5
* Various bugs are fixed
* Mon Sep 14 2015 hguoAATTsuse.com- Upgrade from 1.3.3.13 to 1.3.4.4 with accumulated bugfixes.
* Wed Sep 09 2015 ajAATTajaissle.de- Update to new upstream release 1.3.3.13- Removed 389-ds-1.3.3.11-CVE-2015-3230.patch (included upstream)
* Wed Jun 17 2015 ajAATTajaissle.de- Update to new upstream release 1.3.3.11- Added 389-ds-1.3.3.11-CVE-2015-3230.patch: nsSSL3Ciphers preference not enforced on server side [boo#934934] [CVE-2015-3230]
* Wed Apr 29 2015 ajAATTajaissle.de- Update to new upstream release 1.3.3.10
* One important security bug was fixed: Bug 1216203 - CVE-2015-1854 389ds-base: access control bypass with modrdn
* Wed Apr 15 2015 jengelhAATTinai.de- Simplify filelist
* Mon Apr 13 2015 ajAATTajaissle.de- Move bin/ and sbin/ to /usr/lib/389-ds/bin resp. sbin/- Removed conflict with atheme
* Sat Mar 28 2015 ajAATTajaissle.de- Update to new upstream release 1.3.3.9
* Several bugs are fixed including 2 security bugs Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all] Ticket 47431 - Duplicate values for the attribute nsslapd-pluginarg are not handled correctly Ticket 47451 - dynamic plugins - fix crash caused by invalid plugin config Ticket 47728 - compilation failed with \' incomplete struct/union/enum\' if not set USE_POSIX_RWLOCKS Ticket 47742 - 64bit problem on big endian: auth method not supported Ticket 47801 - RHDS keeps on logging write_changelog_and_ruv: failed to update RUV for unknown Ticket 47828 - DNA scope: allow to exlude some subtrees Ticket 47836 - Do not return \'0\' as empty fallback value of nsds5replicalastupdatestart and nsds5replicalastupdatestart Ticket 47901 - After total init, nsds5replicaLastInitStatus can report an erroneous error status (like \'Referral\') Ticket 47936 - Create a global lock to serialize write operations over several backends Ticket 47957 - Make ReplicaWaitForAsyncResults configurable Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD Ticket 48003 - add template scripts Ticket 48003 - build \"suite\" framework Ticket 48005 - ns-slapd crash in shutdown phase Ticket 48021 - nsDS5ReplicaBindDNGroup checkinterval not working properly Ticket 48027 - revise the rootdn plugin configuration validation Ticket 48030 - spec file should run \"systemctl stop\" against each running instance instead of dirsrv.target Ticket 48048 - Fix coverity issues - 2015/2/24 Ticket 48048 - Fix coverity issues - 2015/3/1 Ticket 48109 - substring index with nssubstrbegin: 1 is not being used with filters like (attr=x
*)
* Wed Dec 24 2014 ajAATTajaissle.de- Conflicts with atheme -- /usr/sbin/dbverify
* Tue Dec 09 2014 ajAATTajaissle.de- Update to new upstream release 1.3.3.5
* Several bugs are fixed.
* Tue Sep 09 2014 ajAATTajaissle.de- Update to new upstream release 1.3.3.0
* First cut of 389-ds-base-1.3.3.x
* Fri Aug 29 2014 ajAATTajaissle.de- Update to new upstream release 1.3.2.23
* Various bugs were fixed- Highlights since 1.3.2.16:
* Important bugs including memory leaks and crash bugs were fixed (1.3.2.17)
* Various bugs were fixed (1.3.2.18)
* Various bugs were fixed (1.3.2.19)
* A security bug was fixed (1.3.2.22)
* Thu Mar 27 2014 ajAATTajaissle.de- Update to new upstream release 1.3.2.16
* Directory server is insecurely misinterpreting authzid on a SASL/GSSAPI bind
* Create a normalized dn cache
* Replication retry time attributes cannot be added
* Empty control list causes LDAP protocol error is thrown (dup 47361)
* Failed to compile the DS 389 1.3.2.3 version against Berkeley DB 4.2 version
* Windows Sync group issues
* Size returned by slapi_entry_size is not accurate
* Single valued attribute replicated ADD does not work
* Environment variables are not passed when DS is started via service
* Propagate plugin precedence to all registered function types
* Unresolved external symbol references break loading of the ACL plugin
* Package issue in 389-ds-base- Fix unresolveable \'Requires:\'
* perl(Mozilla:LDAP) -> perl(Mozilla::LDAP::API), perl(Mozilla::LDAP::Conn), perl(Mozilla::LDAP::Entry), perl(Mozilla::LDAP::LDIF), perl(Mozilla::LDAP::Utils)
* cyrus-sasl-md5 -> cyrus-sasl-digestmd5- Macros for dirsrv-snmp in pre/post/preun/postun
* Mon Feb 17 2014 ajAATTajaissle.de- Update to new upstream release 1.3.2.11
* Enhancement: ACL supports new keyword SELFDN as in \" = #SELFDN\" to allow users to create entries assigned to themselves. Also handling subtype in ACL is improved.
* A dozen of bugs are fixed including a crash bug and a deadlock.- Spec cleanup
* enable init scripts for openSUSE < 1220 (e.g. SLES)
* dirsrv.target.wants goes into unitdir
* Added a 389-ds-rpmlintrc- Added 389-ds-base-1.3.2.11_init_fhs.patch
* Make init scripts LSB conform
* Fri Dec 27 2013 jengelhAATTinai.de- Update to new upstream release 1.3.2.10
* Suffixes used in the memberof and referential integrity plug-ins are now configurable.
* The hard-coded limit of 64 masters was removed.
* Enhancements: plug-in library path validation, replication logging, changelog trimming interval, and referential integrity.
* Fri Aug 02 2013 jengelhAATTinai.de- Update to new upstream release 1.3.1.5
* Plug-in transaction support
* Normalized DN cache
* Configurable allowed SASL mechanisms
* SASL mapping improvements
* Configurable SASL buffer
* Replication retry settings
* Instance script improvements
* Access log analyzer improvements
* Performance improvements
* Mon Mar 11 2013 jengelhAATTinai.de- Update to new upstream release 1.3.0.3
* No NEWS file available; SCM changelog entries at http://port389.org/wiki/Releases/1.3.0.2#New_features_.2F_Fixed_bugs_in_1.3.0
* Wed Sep 26 2012 jengelhAATTinai.de- Update to new upstream release 1.2.11.15
* This is a bugfix release to CLEANALLRUV, userpassword, schema reloading and others.
* Mon Sep 17 2012 jengelhAATTinai.de- Initial package (version 1.2.11.12) for build.opensuse.org