[Pkg-openldap-devel] openldap_2.4.31+really2.4.40-3~bpo70+1_amd64.changes REJECTED
Luca Bruno
lucab at debian.org
Mon Jan 26 10:57:07 UTC 2015
On Tuesday 23 December 2014 12:35:34 Luca Bruno wrote:
> On Tuesday 16 December 2014 10:03:44 Luca Bruno wrote:
> > > changelog since stable missing in changes file.
> >
> > Totally my fault, I'll upload a new one properly built.
> >
> > > I also don't think bumping the version number in that way is a good
> > > idea.
> >
> > Can you please elaborate a bit more on this?
> > I had explained the weird versioning in a previous mail with the full
> > rationale [0], is this comment of yours also taking that into account?
> > (In brief, the +really is to avoid screwing up the DB upgrade in Jessie)
>
> Just to keep the openldap team updated on this, I recently (19/12) asked
> again the backport ftp-master for a check on this upload, and I've been
> asked to wait for further input.
>
> Relevant transcript:
> <Rhonda> If you are aware of that you are doing something out of the box,
> you shouldn't upload before you got a response to your initial mail.
> <Rhonda> kaeso: ^^. I'm sorry that we haven't responded yet, but please
> take private live and the season and the freeze into account and give us a
> bit of time to make up our minds about it.
I think that some time has passed for this to settle, so I plan to upload
tomorrow an openldap backport to NEW.
Changes file is attached here. What we are doing "out of the box" is the
versioning, which is a bit weird on purpose.
I'm quoting here below my initial email with all the reasoning, just to
refresh the topic.
I don't know if the non-linear progression in the changes file is a problem,
in that case we may try squashing the changelog.
"""
* it's NEW, but it has been requested by several users, either
via BTS (#685748) or on ML[0].
* it is the same version which is going to be shipped in Jessie. We think it
is a good way to have more people testing the upgrade path to the same
version in Jessie.
* it uses newer crypto libraries (gnutls28/nettle). This is because there are
some known issues with wheezy ones, see BTS #368297.
* it uses older libdb5.1. Unfortunately libdb5.3 has not been backported, and
I'm not confident in doing it at this point. I am not aware of any known
issue with it, though.
* it embeds liblmdb. This is a known issue also in jessie/sid (BTS #750023),
and the security team has been notified about this[1].
* it has a weird version: "2.4.31+really2.4.40-3~bpo70+1".
This had to be done in order to avoid screwing the pre/postinst db-upgrading
mechanisms in Jessie, which rely on package version to detect DB to be
upgraded. I know it is a bit hackish, I'm sorry for that.
* the full upgrade chain would be:
"2.4.31-1+nmu2" -> "2.4.31+really2.4.40-3~bpo70+1" -> "2.4.40-3"
While this is ugly as hell, it seems fine to me wrt. upgrading.
"""
Cheers, Luca
--
.''`. ** Debian GNU/Linux ** | Luca Bruno (kaeso)
: :' : The Universal O.S. | lucab (AT) debian.org
`. `'` | GPG Key ID: 0x4F3BBEBF
`- http://www.debian.org | Debian GNU/Linux Developer
-------------- next part --------------
Format: 1.8
Date: Tue, 25 Nov 2014 20:06:37 -0800
Source: openldap
Binary: slapd slapd-smbk5pwd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source amd64
Version: 2.4.31+really2.4.40-3~bpo70+1
Distribution: wheezy-backports
Urgency: high
Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>
Changed-By: Ryan Tandy <ryan at nardis.ca>
Description:
ldap-utils - OpenLDAP utilities
libldap-2.4-2 - OpenLDAP libraries
libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
libldap2-dev - OpenLDAP development libraries
slapd - OpenLDAP server (slapd)
slapd-dbg - Debugging information for the OpenLDAP server (slapd)
slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd.
Closes: 465024 594711 599235 637996 640384 661641 666515 701111 706123 723957 725824 729367 738641 741248 742841 742862 745231 745356 746727 750022 759596 760559 761406 761407 762111 762424 766824 766825 766848 767070 767634 767686 768085 768195 768409 768591 768605 769024 769717 769867 770715
Changes:
openldap (2.4.31+really2.4.40-3~bpo70+1) wheezy-backports; urgency=medium
.
* Backport to wheezy.
- Use a +really version lower than 2.4.39-1 to ensure a database upgrade
is still performed when upgrading to jessie later.
- Build against db5.1 instead of db5.3, and revert the database upgrade
version check as well (reloading isn't necessary when upgrading from
wheezy to wheezy-backports). This reverts commit a6fb397d.
.
openldap (2.4.40-3) unstable; urgency=medium
.
* Remove trailing spaces from slapd.templates.
* Update Vietnamese debconf translation.
Thanks to Trần Ngọc Quân.
* Update Danish debconf translation.
Thanks to Joe Hansen. (Closes: #766848)
* Update Japanese debconf translation.
Thanks to Kenshi Muto. (Closes: #766824)
* Update Russian debconf translation.
Thanks to Yuri Kozlov. (Closes: #766825)
* Update Basque translation.
Thanks to Iñaki Larrañaga Murgoitio. (Closes: #767070)
* Update French debconf translation.
Thanks to Christian Perrier. (Closes: #767634)
* Update German debconf translation.
Thanks to Helge Kreutzmann. (Closes: #767686)
* Update Portuguese debconf translation.
Thanks to Ricardo Silva. (Closes: #768085)
* Update Italian debconf translation.
Thanks to Luca Monducci. (Closes: #768195)
* Update Turkish debconf translation.
Thanks to Atila KOÇ. (Closes: #768409)
* Update Czech debconf translation.
Thanks to Miroslav Kure. (Closes: #768591)
* Update Catalan debconf translation.
Thanks to Innocent De Marchi. (Closes: #768605)
* Update Dutch debconf translation.
Thanks to Frans Spiesschaert. (Closes: #769024)
* Update Brazilian Portuguese debconf translation.
Thanks to Adriano Rafael Gomes. (Closes: #769717)
* Update Galician debconf translation.
Thanks to Jorge Barreiro.
* Update Swedish debconf translation.
Thanks to Martin Bagge / brother. (Closes: #769867)
* Update Spanish debconf translation.
Thanks to Camaleón. (Closes: #770715)
* Fix doubled spaces in po files, caused by trailing spaces in the templates
file.
* Run debconf-updatepo to refresh PO files.
.
openldap (2.4.40-2) unstable; urgency=medium
.
* Fix typo (chmod/chgrp) in previous changelog, spotted by Ferenc Wagner.
* debian/patches/contrib-modules-use-dpkg-buildflags: Also use CPPFLAGS from
dpkg-buildflags. Spotted by Lintian.
* debian/slapd.init.ldif: Don't bother explicitly granting rights to the
rootdn, since it already has unlimited privileges. Thanks Ferenc Wagner.
* Recommend MDB for new installations, per upstream's recommendation.
* Don't re-create the default DB_CONFIG if there wasn't one in the backup,
for example if the active backend doesn't use it. Thanks Ferenc Wagner.
* On upgrade, if an access rule begins with "to * by self write", show a
debconf note warning that it should be changed. (Closes: #761406)
* Build and install the lastbind contrib module. (Closes: #701111)
* Build and install the passwd/sha2 contrib module. (Closes: #746727)
.
openldap (2.4.40-1) unstable; urgency=low
.
[ Ryan Tandy ]
* New upstream release.
- fixed ldap_get_dn(3) ldap_ava definition (ITS#7860) (Closes: #465024)
- fixed slapcat with external schema (ITS#7895) (Closes: #599235)
- fixed double free with invalid ciphersuite (ITS#7500) (Closes: #640384)
- fixed modrdn crash on naming attr with no matching rule (ITS#7850)
(Closes: #666515)
- fixed slapacl causing unclean database (ITS#7827) (Closes: #741248)
* slapd.scripts-common:
- Anchor grep patterns to avoid matching commented lines in ldif files
under cn=config. (Closes: #723957)
- Don't silently ignore nonexistent directories that should be dumped.
- Invoke find, chown, and chgrp with -H in case /var/lib/ldap is a
symlink. (Closes: #742862)
- When upgrading a database, ignore extra nested directories as they might
contain other databases. Patch from Kenny Millington. (LP: #1003854)
- Fix dumping and reloading when multiple databases hold the same suffix,
thanks Peder Stray. (Closes: #759596, LP: #1362481)
- Remove trailing dot from slapd/domain. (Closes: #637996)
* debian/rules:
- Enable parallel building.
- Copy libldap-2.4-2.shlibs into place manually, as a workaround for
#676168. (Closes: #742841)
* debian/slapd.README.Debian: Add a note about database format upgrades and
the consequences of missing one. (Closes: #594711)
* Build with GnuTLS 3 (Closes: #745231, #760559).
* Drop debian/patches/fix-ftbfs-binutils-gold, no longer needed.
* Drop debconf-utils from Build-Depends, no longer used (replaced by
po-debconf). Thanks Johannes Schauer.
* Acknowledge NMU fixing #729367, thanks to Michael Gilbert.
* Offer the MDB backend as a choice during initial configuration. (Closes:
#750022)
* debian/slapd.init.ldif:
- Disallow modifying one's own entry by default, except specific
attributes. (Closes: #761406)
- Index some more common search attributes by default. (Closes: #762111)
* Introduce a symbols file for libldap-2.4-2.
* debian/schema/pmi.schema: Add a copyright clarification. There does not
appear to be any copyrighted text in this file, only ASN.1 assignments and
LDAP schema definitions. Fixes a Lintian error on the original.
* debian/schema/duaconf.schema: Strip Internet-Draft text from
duaconf.schema.
* Drop debian/patches/CVE-2013-4449.patch, applied upstream.
* Update debian/patches/no-AM_INIT_AUTOMAKE with upstream changes.
* debian/schema/ppolicy.schema: Update with ordering rules added in
draft-behera-ldap-password-policy-11.
* Suggest GSSAPI SASL modules. (Closes: #762424)
* debian/patches/ITS6035-olcauthzregex-needs-restart.patch: Document in
slapd-config.5 the fact that changes to olcAuthzRegexp only take effect
after the server is restarted. (Closes: #761407)
* Add myself to Uploaders.
.
[ Jelmer Vernooij ]
* Depend on heimdal-multidev rather than heimdal-dev. (Closes: #745356,
#706123)
.
[ Updated debconf translations ]
* Turkish, thanks to Atila KOÇ <akoc at artielektronik.com.tr>.
(Closes: #661641)
.
openldap (2.4.39-1.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix CVE-2013-4449: reference counting logic issue (closes: #729367).
.
openldap (2.4.39-1) unstable; urgency=low
.
[ Peter Marschall ]
* debian/patches/wrong-database-location: fix database location in
doc/man/man5/slapd-mdb.5
* debian/configure.options: add info on --enable-mdb
.
[ Russ Allbery ]
* Remove myself from Uploaders.
.
[ Steve Langasek ]
* Remove Stephen Frost from Uploaders, per discussion with him. Thanks for
your contributions, Stephen!
* Adjust dh_autoreconf usage to update all config.sub/config.guess
instances in the source, so that we can be forwards-compatible with new
ports. Thanks to Colin Watson <cjwatson at ubuntu.com> for the patch.
Closes: #725824.
* Add Timo to Uploaders.
* Update Vcs-* fields to point at the new git repo; thanks to Timo for
driving this migration!
* Rebuild against db5.3, with a corresponding dump/restore of the database
on upgrade. Closes: #738641.
.
[ Timo Aaltonen ]
* contrib-modules-use-dpkg-buildflags, autogroup-makefile,
smbk5pwd-makefile:
- Updated for current upstream.
* Refresh patches to apply cleanly.
* rules: Use dpkg-parsechangelog to determine the upstream version for
get-orig-source.
* source: Add lintian overrides for non-transatable internal
templates.
Checksums-Sha1:
7f05817f6490b2c113cf9e08f0b37009278d7b0d 1953 openldap_2.4.31+really2.4.40-3~bpo70+1.dsc
587baa8257d51f3908975b931f87c8c3e6a17e06 4799804 openldap_2.4.31+really2.4.40.orig.tar.gz
f1c008f69a00eb44dd5506d24343901d2bf40a7d 179866 openldap_2.4.31+really2.4.40-3~bpo70+1.diff.gz
c2f4b68c369fd246c7fc4573ee70182e99cca1a5 1826760 slapd_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
c8c29120f3ea7ab9e91c02cb096fedd9819019a4 84910 slapd-smbk5pwd_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
77ab11bc21bc49cd219e6c0feaf8fc8b9ad01d28 347532 ldap-utils_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
9aaef5a0ceb6cead165992726ae10d9f1017d1f9 249904 libldap-2.4-2_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
4747516843cc616a3b2fad22359dafd03fe51b8b 481528 libldap-2.4-2-dbg_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
58a9b37727a3409e25dbc5aa918f1d1efb800b16 569588 libldap2-dev_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
11349415792193fbce231f5f485ff86ae0cb2317 5637638 slapd-dbg_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
Checksums-Sha256:
a43f52ae81ac62626839fcc271649c9eda9c8f15c2dab0459848ba457db97d15 1953 openldap_2.4.31+really2.4.40-3~bpo70+1.dsc
6d3e7ba688382bebca3410125d3f801a7fd2a5da6352b58b0663ef20bc3adbb3 4799804 openldap_2.4.31+really2.4.40.orig.tar.gz
ca3469949e9cb4ce429fb7917211e6f8e23b56098de0f70cd6b9526214d67d6f 179866 openldap_2.4.31+really2.4.40-3~bpo70+1.diff.gz
a148cfa8ff18fd95b2ab8cf301af6bd26a38b1d38d49765fed15dcde80a1d5c8 1826760 slapd_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
b92e16b91a4d8e26cc7eda5c4d5ffba5a47b3e18e40a8613a4b1f04783bcd686 84910 slapd-smbk5pwd_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
a01a7dd67db87c6a95b03a057b2b9bc56f22d5987f6f73de7e765f6ad2e60429 347532 ldap-utils_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
24696b5f5da5a3d5123c3c1fc53e643655be86eed7012dc51dff323a7dfe7b37 249904 libldap-2.4-2_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
cb5366f77dc8edfd92e6ff9578aa0d5d4ec193b4c4d2e18b623939efaa86bc36 481528 libldap-2.4-2-dbg_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
e67c43d211e33ec1ac774348914b2585c656ec435092d62160bb7597c98c9ed6 569588 libldap2-dev_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
0d1a2b4c26cee7b7b387ed465f4feaef8c5b68c9f1e5a1b03eb316b09c178ee1 5637638 slapd-dbg_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
Files:
e8c9f047183cb6c68f1ed056ebf7e0de 1953 net optional openldap_2.4.31+really2.4.40-3~bpo70+1.dsc
03a8658e62131c0cdbf85dd604e498db 4799804 net optional openldap_2.4.31+really2.4.40.orig.tar.gz
ecd6e6a3e0e427600fa7994257b0f39f 179866 net optional openldap_2.4.31+really2.4.40-3~bpo70+1.diff.gz
bb2706f664dc2870770ac894c620ba96 1826760 net optional slapd_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
71835b2c2412b9a0d3faac440c4790c8 84910 net extra slapd-smbk5pwd_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
271ee7bb235e82bc3ab4b4f6278e9ca6 347532 net optional ldap-utils_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
b6909058ccb8b249977cc475430c0379 249904 libs standard libldap-2.4-2_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
baaa5fe634e7a548b32543fa5fa9e189 481528 debug extra libldap-2.4-2-dbg_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
fc7744cd806bec62719ebb9b92ace7cc 569588 libdevel extra libldap2-dev_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
eafea644c84d5597567c85749263f7dd 5637638 debug extra slapd-dbg_2.4.31+really2.4.40-3~bpo70+1_amd64.deb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20150126/37635c7c/attachment-0001.sig>
More information about the Pkg-openldap-devel
mailing list