-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 25 Jul 2019 08:32:00 -0700 Source: openldap Architecture: source Version: 2.4.48+dfsg-1 Distribution: sid Urgency: medium Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org> Changed-By: Ryan Tandy <ryan@nardis.ca> Closes: 880656 926657 932270 932997 932998 Changes: openldap (2.4.48+dfsg-1) unstable; urgency=medium . * New upstream release. - fixed slapd to restrict rootDN proxyauthz to its own databases (CVE-2019-13057) (ITS#9038) (Closes: #932997) - fixed slapd to enforce sasl_ssf ACL statement on every connection (CVE-2019-13565) (ITS#9052) (Closes: #932998) - added new openldap.h header with OpenLDAP specific libldap interfaces (ITS#8671) - updated lastbind overlay to support forwarding authTimestamp updates (ITS#7721) (Closes: #880656) * Update Standards-Version to 4.4.0. * Add a systemd drop-in to set RemainAfterExit=no on the slapd service, so that systemd marks the service as dead after it crashes or is killed. Thanks to Heitor Alves de Siqueira. (Closes: #926657, LP: #1821343) * Use more entropy for generating a random admin password, if none was set during initial configuration. Thanks to Judicael Courant. (Closes: #932270) * Replace debian/rules calls to dpkg-architecture and dpkg-parsechangelog with variables provided by dpkg-dev includes. * Declare R³: no. * Create a simple autopkgtest that tests installing slapd and connecting to it with an ldap tool. * Install the new openldap.h header in libldap2-dev. Checksums-Sha1: c54c0cdcb44a64f3fe8810bd8be7d4b21aaf6209 2879 openldap_2.4.48+dfsg-1.dsc 88c4972417c09062b46055eaa9a372ea5f3d22a6 4875429 openldap_2.4.48+dfsg.orig.tar.gz 1da12cf9c7d67898655910a10a085e95cbb0d18c 166116 openldap_2.4.48+dfsg-1.debian.tar.xz Checksums-Sha256: b227535c79454100aac32e526b0f4e2730f05087f0e9ffd4a78f35d81b012e66 2879 openldap_2.4.48+dfsg-1.dsc 8645601c28f094b01baed02a604479b175a45ba010e407212d214313bc6a80ba 4875429 openldap_2.4.48+dfsg.orig.tar.gz bdd3e8ac25748be6a8f248d787aff9ad591e0d3ea0b3e176a5cd54f11dc8e90e 166116 openldap_2.4.48+dfsg-1.debian.tar.xz Files: 7c5887ad6e9b4517b1be78ac7d1eabde 2879 net optional openldap_2.4.48+dfsg-1.dsc c97a336099ff37c4351933f026411134 4875429 net optional openldap_2.4.48+dfsg.orig.tar.gz 29a4bb238d5b438f1fe3ae487eb66d16 166116 net optional openldap_2.4.48+dfsg-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQJDBAEBCgAtFiEEPSfh0nqdQTd5kOFlIp/PEvXWa7YFAl056k4PHHJ5YW5AbmFy ZGlzLmNhAAoJECKfzxL11mu2E1sP/0F1lrL7eSRvLXQlAbtNG76cLyazun5VLEK6 iRO69XKZS8VHa7ne4i6Fira0OoAxjGznnvXBGtXm0+kJOtvvWig2pKJgXNmaT1A0 MBAWjULmZ9RS0LW10tydC2wMUeRb0aapjr6Z/D7pP8T6v6y5PqTxU2hoHziH5ysw XrIzbbFc64dpQUJ8lmqMfUOZ2ZV5nMmKgJe9EsgVvTDexyQm07KN9z5ZuVNLF9dw Uuo8zRohA6KyCiVOuY+OgQAslCMNyRo8Z/REPX9wb50XW7EnquZ1De+ce0UJA/rF u+5YRw/z08+2TD0s4vsieV0tH0XxcCTyvR1YEbUlaZdpvj9WedG03BD6ZfUb+2wt Z08kCVGzlqNWCggUfIkCB9CWq2ogua1zKZS4rNUqLIRGFh/PIf+6fx44ec/ajRWE xP6GO+A0oVBxlbHBdKUm+aomWBX4HAdaZ+WnGbAndNtGK4aFzIkL9KR5PJuF8t8x 9EYDeKqqsv4GXvf05Lt8ZZWXGquEvrf99b+q0n1ETYGwdMG/CrdE6gWMki4m7+zW E/py0yEYkQdJfRlaN0neDc0OwJWWCQDx+eFfXQC0XKLYeftigpsYRrFhnV0DwcB2 2JSR3E/AEYDbexR6djJd566kEV2EXgJqON8BgtReGwcZ9wvWH1OnxCYDAm6ELs9H 0hVw9UJs =bFlc -----END PGP SIGNATURE-----