[Pkg-openldap-devel] Bug#798964: slapd: since security upgrade writing ber in accesslog is broken

Benoit Mortier benoit.mortier at opensides.be
Mon Sep 14 14:37:11 UTC 2015


Package: slapd
Version: 2.4.31-2+deb7u1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

   * What led up to the situation?

upgraded slapd to the security release on wheezy

see log appended

Sep 14 16:28:25 agenor slapd[11359]: conn=1000 fd=25 ACCEPT from 
IP=172.20.51.10:51214 (IP=172.20.50.25:389)
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" method=128
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" mech=SIMPLE ssf=0
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=0 RESULT tag=97 err=0 
text=
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=1 SRCH 
base="cn=accesslog" scope=2 deref=0 
filter="(&(objectClass=auditWriteObject)(reqResult=0))"
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=1 SRCH attr=reqDN 
reqType reqMod reqNewRDN reqDeleteOldRDN reqNewSuperior entryCSN
Sep 14 16:28:25 agenor slapd[11359]: send_search_entry: conn 1000  ber 
write failed.
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 fd=25 closed (connection 
lost on write)
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 fd=25 ACCEPT from 
IP=172.20.51.15:50934 (IP=172.20.50.25:389)
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" method=128
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" mech=SIMPLE ssf=0
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=0 RESULT tag=97 err=0 
text=
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=1 SRCH 
base="cn=accesslog" scope=2 deref=0 
filter="(&(objectClass=auditWriteObject)(reqResult=0))"
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=1 SRCH attr=reqDN 
reqType reqMod reqNewRDN reqDeleteOldRDN reqNewSuperior entryCSN
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 fd=26 ACCEPT from 
IP=172.20.51.10:51215 (IP=172.20.50.25:389)
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" method=128
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" mech=SIMPLE ssf=0
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=0 RESULT tag=97 err=0 
text=
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=1 SRCH 
base="cn=accesslog" scope=2 deref=0 
filter="(&(objectClass=auditWriteObject)(reqResult=0))"
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=1 SRCH attr=reqDN 
reqType reqMod reqNewRDN reqDeleteOldRDN reqNewSuperior entryCSN
Sep 14 16:29:25 agenor slapd[11359]: send_search_entry: conn 1002  ber 
write failed.
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 fd=26 closed (connection 
lost on write)

Cheers

-- System Information:
Debian Release: 8.2
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
-- 
Benoit Mortier
CEO 
OpenSides "logiciels libres pour entreprises" : http://www.opensides.eu/
Promouvoir et défendre le Logiciel Libre http://www.april.org/
Main developper in FusionDirectory : http://www.fusiondirectory.org/
Official French representative for OPSI : http://opsi.org/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20150914/e124b096/attachment-0001.sig>


More information about the Pkg-openldap-devel mailing list