Bug 44834 - Update OpenLDAP to 2.4.45
Update OpenLDAP to 2.4.45
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 4.2
Other Linux
: P5 normal (vote)
: UCS 4.3
Assigned To: Arvid Requate
Felix Botner
http://www.openldap.org/software/rele...
: interim-1
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-21 13:39 CEST by Arvid Requate
Modified: 2018-03-14 14:38 CET (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2017-06-21 13:39:17 CEST
OpenLDAP has fixed some issues, some of which might be relevant to us:

OpenLDAP 2.4.44 Release (2016/02/05)
	Fixed slapd-mdb cleanup after failed transaction (ITS#8360)
        http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8360

OpenLDAP 2.4.41 Release (2015/06/21)
	Fixed libldap ldif-wrap off by one error (ITS#8003)
        Fixed slapd-mdb to correctly update search candidates (ITS#8036,
              regression of ITS#7904)
	Fixed slapd-mdb heap corruption (ITS#7965)
Comment 1 Arvid Requate univentionstaff 2017-12-20 16:33:55 CET
Imported and built for UCS 4.3, because 2.4.45 provides support for OpenSSL 1.1.0.

Debian Stretch only ships 2.4.44. They don't require compatibility with OpenSSL because they link OpenLDAP against GNUTLS. Doing the same in UCS doesn't seem to have enough advantages. E.g. adjusting the TLS protocol order (tls ciphers) in slapd.conf from OpenSSL to GNUTLS in a way that is 100% compatible is not trivial. So we keep building against OpenSSL and rather import the newer 2.4.45 version of OpenLDAP instead.
Comment 2 Felix Botner univentionstaff 2017-12-21 16:14:10 CET
OK - patches
OK - installation
OK - update
Comment 3 Stefan Gohmann univentionstaff 2018-03-14 14:38:53 CET
UCS 4.3 has been released:
 https://docs.software-univention.de/release-notes-4.3-0-en.html
 https://docs.software-univention.de/release-notes-4.3-0-de.html

If this error occurs again, please use "Clone This Bug".