-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 30 Mar 2015 10:03:58 +0200 Source: openldap Binary: slapd slapd-smbk5pwd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg Architecture: source amd64 Version: 2.4.31-2 Distribution: wheezy-security Urgency: high Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org> Changed-By: Luca Bruno <lucab@debian.org> Description: ldap-utils - OpenLDAP utilities libldap-2.4-2 - OpenLDAP libraries libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries libldap2-dev - OpenLDAP development libraries slapd - OpenLDAP server (slapd) slapd-dbg - Debugging information for the OpenLDAP server (slapd) slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd. Closes: 729367 761406 776988 Changes: openldap (2.4.31-2) wheezy-security; urgency=high . * Team upload. . [ Ryan Tandy ] * debian/slapd.init.ldif: Disallow modifying one's own entry by default, except specific attributes. (CVE-2014-9713) (Closes: #761406) * debian/slapd.{config,templates}: On upgrade, if an access rule begins with "to * by self write", show a debconf note warning that it should be changed. * debian/slapd.README.debian: Add information about how to remove "to * by self write" from existing ACLs. * debian/po/*: Add translations of debconf warning. * debian/patches/ITS8027-deref-reject-empty-attr-list.patch: Import upstream patch to fix a crash when a search includes the Deref control with an empty attribute list. (ITS#8027) (CVE-2015-1545) (Closes: #776988) * debian/patches/ITS7723-fix-reference-counting.patch: Import upstream patch to fix a crash in the rwm overlay when a search is immediately followed by an unbind. (ITS#7723) (CVE-2013-4449) (Closes: #729367) Checksums-Sha1: 9902f63ca472c59f2d555e9bb0585a5ce8ee5029 2708 openldap_2.4.31-2.dsc 864e7b6ba54cc00ef5b834fd5b5739a7900dd6e3 4720612 openldap_2.4.31.orig.tar.gz 1ac7bc70a573680a9adfbbe01fdb5afdaf52f8fc 168099 openldap_2.4.31-2.diff.gz d3047baad3b8bf1f793f80e389bd8645fa772e17 1769812 slapd_2.4.31-2_amd64.deb f4be89ee37704de647c8e301d838ef6ac636e253 78818 slapd-smbk5pwd_2.4.31-2_amd64.deb d8a5fc72d98b8776cac2171b1289ebc199f37aec 340800 ldap-utils_2.4.31-2_amd64.deb 47eb041c111803ee66f56500cb4ff1eb7b69b985 242712 libldap-2.4-2_2.4.31-2_amd64.deb a4eaa6e7c3ede4532a9f6b361de24cc415978af4 474562 libldap-2.4-2-dbg_2.4.31-2_amd64.deb e57cc5d19ff9ee73f439af6598575737a5e8f65f 563556 libldap2-dev_2.4.31-2_amd64.deb 522d7d30d522090d2eedbfc45a975c8dd30fba0d 5522190 slapd-dbg_2.4.31-2_amd64.deb Checksums-Sha256: 0690c59995d8dc3c105ce4baa7f57e0140a86f5fab899c1b7c0b8d934d4a8c85 2708 openldap_2.4.31-2.dsc dff60c1044021217ab97a7bdda5a7016015f042db0fbfd566d52abb266d19239 4720612 openldap_2.4.31.orig.tar.gz 8c373d066e8eedd2190b0cca883b29e27883a41b2d9da9cdde1970a53b283a5e 168099 openldap_2.4.31-2.diff.gz c3d1b5f737e92e8189176a93234a5f54c3e2b3726a91c2abfeaa6e2d5f5a9627 1769812 slapd_2.4.31-2_amd64.deb e24189be83741f7c4f00ac1e1580cbc40754df6e0ff9f12b4bbe4f1e54f13a3a 78818 slapd-smbk5pwd_2.4.31-2_amd64.deb 93fe6de7a0e584d46f02c61e544a70d4b41c2e2845d89ef523e16468779854c8 340800 ldap-utils_2.4.31-2_amd64.deb 2371d5f91defe83589f018d58b251785598f55eb9ca7049ffcd49b16a3425b73 242712 libldap-2.4-2_2.4.31-2_amd64.deb 6685d3339470379904402f61c2a8af06b776809dc51e5cb952857d38c175aa70 474562 libldap-2.4-2-dbg_2.4.31-2_amd64.deb 8763c1c86b9cd0599581970d7b38e0a49262c7063392da30c02827aec27bd7fe 563556 libldap2-dev_2.4.31-2_amd64.deb 0be8e27341d8453580203a2d4a5553a9972c68bbcf9baf86bbde88e7307dc67d 5522190 slapd-dbg_2.4.31-2_amd64.deb Files: feb6c408246cb66012d98560b9f751ad 2708 net optional openldap_2.4.31-2.dsc a8631b2202d8099143edb57e36b33dea 4720612 net optional openldap_2.4.31.orig.tar.gz e53283709fbf76177e1e8d8f615a0edc 168099 net optional openldap_2.4.31-2.diff.gz b800ab265241a8f6994a8422cf4b665a 1769812 net optional slapd_2.4.31-2_amd64.deb 3df4d86033eb493ee7d1625f294e202d 78818 net extra slapd-smbk5pwd_2.4.31-2_amd64.deb 8a1304eabd47b629cbc7aa5ffec68654 340800 net optional ldap-utils_2.4.31-2_amd64.deb f0b95baa0dce9563c39271714430faaf 242712 libs standard libldap-2.4-2_2.4.31-2_amd64.deb bb91c1a098c1d11bc09ac5a2cb87ff61 474562 debug extra libldap-2.4-2-dbg_2.4.31-2_amd64.deb 76738a9b54f5e4451909af772b7e3420 563556 libdevel extra libldap2-dev_2.4.31-2_amd64.deb ce404a2da186b4ba83897e00ef3bc513 5522190 debug extra slapd-dbg_2.4.31-2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIbBAEBAgAGBQJVGSZtAAoJEKmDSiJSB45OsdMP+MqgPcwt/jYbnVMlRt7GKMbY DZs6f5KT3H9ELeW7G070EJfD5wy4RdL4erzZYwqSVJiNpA/qxTPM27f2NiIcSxtn pTpk68Jr/1mUdSoDwYAzGHZ4XmYr+k5Bux17adBH3EAhhja9Rjh3MJyv4+2aZl4G 1YpsVBsSdpb2TkirNHx7DnqhbAOqrVQD1tXU907RnMpLgU2w/QWETL9+ciatuPJr TwZq3qUi3fdu/98/0fE11udB5hUcXZYBK/yeiCFVzvaecuLp5sUFn3cSjlYPtug9 7c3tmwyiQa5bHkaGtlQdQ9aFN3y1eBG31I/EstC78Ebe+8xA2/mb03jNxeoqtDOb WFE+4UZLafC6Aa9epqRdp6SiVrK7FXszvAKm9TlfjDlaqRgIh4CNt6RVpxxMIzLg AKbmAYQ3r/g0xzbKz3nymA+Z6/Yw0nbK72/4EUQ+YQRQmxh3HujSrH8o0JovvBrq 6xRFI/Hc5xehtdHK8T+0zIvEa02OrS64W3sqS0Y4LqNEkVJTBr5AD9iCjMoadOdB yJd8940rQuW9OorWO6X4DEPzbNyoCPUmOJTE5sKa53bxhw33sRGTcWcMnk9T1EHx sY2+ZVpbiwhZJdJeTz7hRd8qcmuGs2jV7iajbKOf1HkVfp/8v/j7vcyApHKAwC1x m38iSTevtGc0ijpBmag= =TkVF -----END PGP SIGNATURE-----
