[Pkg-openldap-devel] slapd: dangerous access rule in default config
Ryan Tandy
ryan at nardis.ca
Mon Feb 16 01:36:25 UTC 2015
On Mon, Feb 16, 2015 at 10:01:33AM +1100, Brian May wrote:
>On 2 February 2015 at 06:48, Ryan Tandy <ryan at nardis.ca> wrote:
>
>> Proposed stable diff (modulo UNRELEASED) attached, with changes picked
>> from jessie. Comments? Next steps?
>>
>
>What needs to happen to move this forward?
Thanks for the poke. I had been meaning to ask the same question.
Yves-Alexis, I'm not sure whether you followed the other thread... to
recap, we currently have the following changes targeted at wheezy
pending in git:
Related to #761406:
- fixing the default ACL for new installs
http://anonscm.debian.org/cgit/pkg-openldap/openldap.git/commit/?h=wheezy&id=c7dd3bfca31de186b79d265f927c421ae5fb07d0
- adding the debconf note when upgrading existing installs
http://anonscm.debian.org/cgit/pkg-openldap/openldap.git/commit/?h=wheezy&id=1078641894903d24ff95d5ac1a4f0263fae87ffe
- translations of the debconf note
http://anonscm.debian.org/cgit/pkg-openldap/openldap.git/commit/?h=wheezy&id=675248eed7077b9d4ef44a80567ef42d425c6684
Unrelated, fixes for non-urgent CVEs:
- CVE-2013-4449 (#729367)
http://anonscm.debian.org/cgit/pkg-openldap/openldap.git/commit/?h=wheezy&id=b15cc88293cee5f822e80f3d594389ef91419838
- CVE-2015-1545 (#776988)
http://anonscm.debian.org/cgit/pkg-openldap/openldap.git/commit/?h=wheezy&id=c26aed75a5dc8df30e8663769666c581141860fe
http://anonscm.debian.org/cgit/pkg-openldap/openldap.git/commit/?h=wheezy&id=6b47ddaf305496a661663a2706c882faa5a4bacf
We could handle some or all of these through wheezy-security, or all
through s-p-u; please let us know which you would prefer.
Beyond that, if there's anything else I can do to help get this
unblocked, please say so.
Thanks!
Ryan
More information about the Pkg-openldap-devel
mailing list