-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 17 Apr 2015 18:39:40 -0700 Source: openldap Binary: slapd slapd-smbk5pwd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg Architecture: source Version: 2.4.23-7.3+deb6u1 Distribution: squeeze-lts Urgency: high Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org> Changed-By: Ryan Tandy <ryan@nardis.ca> Description: ldap-utils - OpenLDAP utilities libldap-2.4-2 - OpenLDAP libraries libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries libldap2-dev - OpenLDAP development libraries slapd - OpenLDAP server (slapd) slapd-dbg - Debugging information for the OpenLDAP server (slapd) slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd. Closes: 663644 729367 761406 776988 Changes: openldap (2.4.23-7.3+deb6u1) squeeze-lts; urgency=high . * debian/slapd.init.ldif: Disallow modifying one's own entry by default, except specific attributes. (CVE-2014-9713) (Closes: #761406) * debian/slapd.{config,templates}: On upgrade, if an access rule begins with "to * by self write", show a debconf note warning that it should be changed. * debian/slapd.README.debian: Add information about how to remove "to * by self write" from existing ACLs. * debian/po/*: Add translations of debconf warning. * debian/patches/ITS7723-fix-reference-counting.patch: Import upstream patch to fix a crash in the rwm overlay when a search is immediately followed by an unbind. (ITS#7723) (CVE-2013-4449) (Closes: #729367) * debian/patches/ITS8027-deref-reject-empty-attr-list.patch: Import upstream patch to fix a crash when a search includes the Deref control with an empty attribute list. (ITS#8027) (CVE-2015-1545) (Closes: #776988) * debian/patches/ITS7143-fix-attr_dup2-when-attrsOnly.patch: Import upstream patch to fix a crash when doing an attrsOnly search of a database configured with both the rwm and translucent overlays. (ITS#7143) (CVE-2012-1164) (Closes: #663644) Checksums-Sha1: 1c6613375b3790e37e03e45ebf31e4bc7264366e 2815 openldap_2.4.23-7.3+deb6u1.dsc bfc98011bbd0c141a57475e3834c38bc4f93cffe 158490 openldap_2.4.23-7.3+deb6u1.diff.gz Checksums-Sha256: 33675c439af8d610864a245cb5f1e64503d31702db306c711fd5da99e0151739 2815 openldap_2.4.23-7.3+deb6u1.dsc bb22b677fea356751bf0db75facd99e27ee33fd365b81694a333d2bfceba2ee2 158490 openldap_2.4.23-7.3+deb6u1.diff.gz Files: 162d12730ed2e79a03ad36ba527dfce5 2815 net optional openldap_2.4.23-7.3+deb6u1.dsc dd93ab71922f8b61ebf20088cf9b8147 158490 net optional openldap_2.4.23-7.3+deb6u1.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUBVTJiLwkauFYGmqocAQrn6w/9HD9K0wcQmVR2F1o2bSfhHtmwexVczipm WjswT0jPdAxLiZ/QZNJNbqun8Bh6EaHYDJ+6Gs/+Pusok1Ci/pCaFrAHeQq10F7G 8ty1GltHkcz381HcVE9E47hjFvJtGxvDoFcRqOLOgYfFoO2oRsM0x707KKiEljDr lIhq6YYdwxnYuh5Rl7j45s4HSA0mDMfOBT9u0APozHsYugxJr8P8BCe5B5/CBj8/ l4HKxYPuKHW0AFT8g6eIXttlg6Ar/XztQ+XEsRS8meh5Qses4baokHZlXMvGIBwM EX3sad5d8gZPPn/YQ5P8qUXJkowujrPVWdKNiEk1DaMlMt3uw+gYz8z/VnRGMaw6 BdZoTgTRjE/FfFC8HLJudCC/700rWMUmDIxozF4ySaK33Ocnws1Q0CeVhhEK2SbH QvuMjQLkPldaT5wMr0S7UlyE48Jm3RlofFD+SL91HxcCR/3xoj4/ughnREaioHe1 66dhHR99saDEmaGnEs5MUVgM+/achHAZNyiShKOVU7Mcfp5N5PS9EPATwFvLlQTl uijmtRKO2GoF6+5kCi9PMeVjkQcSx8ZuDZRahx/z/2O5m44i/ay6KHSeJB61iyFw nVjtGCpHZZq25nj/gzDRjQRtFCm3tH8NyuUMYEC+OpD0RBKbC7xGzOL0pOxvqbQx VmwZzpVJPuo= =cvbE -----END PGP SIGNATURE-----
