[Pkg-openldap-devel] [openldap] 01/02: Merge tag '2.4.40+dfsg-1+deb8u3' into wheezy-backports

Ryan Tandy rtandy-guest at moszumanska.debian.org
Mon Jun 12 03:49:42 UTC 2017 

This is an automated email from the git hooks/post-receive script.

rtandy-guest pushed a commit to branch wheezy-backports
in repository openldap.

commit f965f271478567ed11545617dd3a828051077b18
Merge: 13f03a8 e25c4f7
Author: Ryan Tandy <ryan at nardis.ca>
Date:   Sat Jun 10 14:28:04 2017 -0700

    Merge tag '2.4.40+dfsg-1+deb8u3' into wheezy-backports

 debian/changelog                                   | 16 +++++++++++
 debian/dh_installscripts-common                    |  0
 debian/ldiftopasswd                                |  0
 debian/libldap-2.4-2.postinst                      |  0
 debian/libldap2-dev.dirs                           |  0
 .../ITS-8655-paged-results-double-free.patch       | 28 ++++++++++++++++++
 .../ITS8003-fix-off-by-one-in-LDIF-length.patch    | 33 ++++++++++++++++++++++
 debian/patches/series                              |  2 ++
 debian/schema/compare-schema                       |  0
 debian/slapd.preinst                               |  0
 debian/slapd.prerm                                 |  0
 debian/tests/check_upgradepath                     |  0
 debian/tests/create_account                        |  0
 debian/tests/find_unused_functions                 |  0
 debian/tests/hammer_slapd                          |  0
 15 files changed, 79 insertions(+)

diff --cc debian/changelog
index 99248f6,7584c82..0cbefb5
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,12 -1,19 +1,28 @@@
+ openldap (2.4.40+dfsg-1+deb8u3) jessie-security; urgency=high
+ 
+   * debian/patches/ITS-8655-paged-results-double-free.patch: Fix a double free 
+     in the MDB backend on a search including the Paged Results control with a 
+     page size of 0. (ITS#8655) (CVE-2017-9287) (Closes: #863563)
+ 
+  -- Ryan Tandy <ryan at nardis.ca>  Sun, 28 May 2017 16:08:03 -0700
+ 
+ openldap (2.4.40+dfsg-1+deb8u2) jessie; urgency=medium
+ 
+   * debian/patches/ITS8003-fix-off-by-one-in-LDIF-length.patch: Import
+     upstream patch to fix a crash when adding a large attribute value with the
+     auditlog overlay enabled. (Closes: #806909)
+ 
+  -- Ryan Tandy <ryan at nardis.ca>  Sat, 12 Dec 2015 16:11:38 -0800
+ 
 +openldap (2.4.31+really2.4.40+dfsg-1+deb8u1~bpo70+1) wheezy-backports; urgency=medium
 +
 +  * Backport to wheezy.
 +    - Use a +really version lower than 2.4.39-1 to ensure a database upgrade 
 +      is still performed when upgrading to jessie later.
 +    - Build against db5.1 instead of db5.3.
 +
 + -- Ryan Tandy <ryan at nardis.ca>  Sun, 13 Sep 2015 14:35:48 -0700
 +
  openldap (2.4.40+dfsg-1+deb8u1) jessie-security; urgency=high
  
    * Non-maintainer upload by the Security Team.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openldap/openldap.git

More information about the Pkg-openldap-devel mailing list