Package "openldap"

Name: openldap


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Keeps Samba and Kerberos passwords in sync within slapd.

Latest version: 2.4.45+dfsg-1ubuntu1.6
Release: bionic (18.04)
Level: updates
Repository: universe


Other versions of "openldap" in Bionic

Repository Area Version
base main 2.4.45+dfsg-1ubuntu1
base universe 2.4.45+dfsg-1ubuntu1
security universe 2.4.45+dfsg-1ubuntu1.5
security main 2.4.45+dfsg-1ubuntu1.5
updates main 2.4.45+dfsg-1ubuntu1.6

Packages in group

Deleted packages are displayed in grey.


Version: 2.4.45+dfsg-1ubuntu1.6 2020-07-16 13:06:16 UTC

  openldap (2.4.45+dfsg-1ubuntu1.6) bionic; urgency=medium

  [ Andreas Hasenack ]
  * d/p/ITS-9171-Insert-callback-in-the-right-place.patch: Import upstream
    patch to fix slapd crashing in certain configurations when a client
    attempts a login to a locked account. (LP: #1866303)

  [ Sergio Durigan Junior ]
  * d/apparmor-profile: Update apparmor profile to grant access to
    the saslauthd socket, so that SASL authentication works. (LP: #1557157)

 -- Andreas Hasenack <email address hidden> Wed, 01 Jul 2020 16:38:55 -0300

Source diff to previous version
1866303 slapd crash with pwdAccountLockedTime and stacked overlays
1557157 apparmor profile denied for saslauthd: /run/saslauthd/mux

Version: 2.4.45+dfsg-1ubuntu1.5 2020-05-08 16:07:07 UTC

  openldap (2.4.45+dfsg-1ubuntu1.5) bionic-security; urgency=medium

  * SECURITY UPDATE: denial of service via nested search filters
    - debian/patches/CVE-2020-12243.patch: limit depth of nested filters in
    - CVE-2020-12243

 -- Marc Deslauriers <email address hidden> Fri, 01 May 2020 13:11:02 -0400

Source diff to previous version
CVE-2020-12243 In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).

Version: 2.4.45+dfsg-1ubuntu1.4 2019-08-27 21:07:03 UTC

  openldap (2.4.45+dfsg-1ubuntu1.4) bionic; urgency=medium

  * d/p/rwm-do-not-free-original-filter.patch: Fix slapd segfault (LP: #1838370)

 -- Lucas Kanashiro <email address hidden> Thu, 08 Aug 2019 15:08:36 -0300

Source diff to previous version
1838370 slapd segfault on filter parse error

Version: 2.4.45+dfsg-1ubuntu1.3 2019-07-30 21:07:22 UTC

  openldap (2.4.45+dfsg-1ubuntu1.3) bionic-security; urgency=medium

  * SECURITY UPDATE: rootDN proxyauthz not restricted to its own databases
    - debian/patches/CVE-2019-13057-1.patch: add restriction to
    - debian/patches/CVE-2019-13057-2.patch: add tests to
      tests/data/idassert.out, tests/data/slapd-idassert.conf,
      tests/data/test-idassert1.ldif, tests/scripts/test028-idassert.
    - debian/patches/CVE-2019-13057-3.patch: fix typo in
    - debian/patches/CVE-2019-13057-4.patch: fix typo in
    - CVE-2019-13057
  * SECURITY UPDATE: SASL SSF not initialized per connection
    - debian/patches/CVE-2019-13565.patch: zero out sasl_ssf in
      connection_init in servers/slapd/connection.c.
    - CVE-2019-13565

 -- Marc Deslauriers <email address hidden> Fri, 26 Jul 2019 13:27:16 -0400

Source diff to previous version
CVE-2019-13057 An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certa
CVE-2019-13565 An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers

Version: 2.4.45+dfsg-1ubuntu1.2 2019-04-29 12:07:15 UTC

  openldap (2.4.45+dfsg-1ubuntu1.2) bionic; urgency=medium

  * Fix sysv-generator unit file by customizing parameters (LP: #1821343)
    - d/slapd-remain-after-exit.conf: Override RemainAfterExit to allow
      correct systemctl status for slapd daemon.
    - d/slapd.install: place override file in correct location.

 -- Heitor Alves de Siqueira <email address hidden> Wed, 10 Apr 2019 09:53:11 -0300

1821343 slapd process failure is not detected by systemd

About   -   Send Feedback to @ubuntu_updates