Univention Bugzilla – Bug 44834
Update OpenLDAP to 2.4.45
Last modified: 2018-03-14 14:38:53 CET
OpenLDAP has fixed some issues, some of which might be relevant to us: OpenLDAP 2.4.44 Release (2016/02/05) Fixed slapd-mdb cleanup after failed transaction (ITS#8360) http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8360 OpenLDAP 2.4.41 Release (2015/06/21) Fixed libldap ldif-wrap off by one error (ITS#8003) Fixed slapd-mdb to correctly update search candidates (ITS#8036, regression of ITS#7904) Fixed slapd-mdb heap corruption (ITS#7965)
Imported and built for UCS 4.3, because 2.4.45 provides support for OpenSSL 1.1.0. Debian Stretch only ships 2.4.44. They don't require compatibility with OpenSSL because they link OpenLDAP against GNUTLS. Doing the same in UCS doesn't seem to have enough advantages. E.g. adjusting the TLS protocol order (tls ciphers) in slapd.conf from OpenSSL to GNUTLS in a way that is 100% compatible is not trivial. So we keep building against OpenSSL and rather import the newer 2.4.45 version of OpenLDAP instead.
OK - patches OK - installation OK - update
UCS 4.3 has been released: https://docs.software-univention.de/release-notes-4.3-0-en.html https://docs.software-univention.de/release-notes-4.3-0-de.html If this error occurs again, please use "Clone This Bug".