-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 3.0 (quilt) Source: openldap Binary: slapd, slapd-smbk5pwd, ldap-utils, libldap-2.4-2, libldap-2.4-2-dbg, libldap2-dev, slapd-dbg Architecture: any Version: 2.4.42+dfsg-2 Maintainer: Debian OpenLDAP Maintainers <[email protected]> Uploaders: Roland Bauerschmidt <[email protected]>, Steve Langasek <[email protected]>, Torsten Landschoff <[email protected]>, Matthijs Möhlmann <[email protected]>, Timo Aaltonen <[email protected]>, Ryan Tandy <[email protected]> Homepage: http://www.openldap.org/ Standards-Version: 3.9.6 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-openldap/openldap.git Vcs-Git: git://anonscm.debian.org/pkg-openldap/openldap.git Build-Depends: debhelper (>= 9.20141010), dh-autoreconf, dpkg-dev (>= 1.17.14), groff-base, heimdal-multidev <!stage1>, libdb5.3-dev <!stage1>, libgnutls28-dev, libltdl-dev <!stage1>, libperl-dev (>= 5.8.0) <!stage1>, libsasl2-dev, libslp-dev <!stage1>, libwrap0-dev <!stage1>, nettle-dev <!stage1>, perl:any, po-debconf, time <!stage1>, unixodbc-dev <!stage1> Build-Conflicts: autoconf2.13, bind-dev, libbind-dev, libicu-dev Package-List: ldap-utils deb net optional arch=any libldap-2.4-2 deb libs standard arch=any libldap-2.4-2-dbg deb debug extra arch=any libldap2-dev deb libdevel extra arch=any slapd deb net optional arch=any profile=!stage1 slapd-dbg deb debug extra arch=any profile=!stage1 slapd-smbk5pwd deb net extra arch=any profile=!stage1 Checksums-Sha1: 56c6132344ecdf83ae38a917087424697f59e587 4813173 openldap_2.4.42+dfsg.orig.tar.gz 6f8e74cbaf22ee918719c52a8fd0c4cf73a831b4 152620 openldap_2.4.42+dfsg-2.debian.tar.xz Checksums-Sha256: 5f56e4e3584f7a4b4c8437a2c985b2f519836946be77ef1aa43a5d20c02ea97b 4813173 openldap_2.4.42+dfsg.orig.tar.gz 6a9bb42aeb745dd2b18765ab067401d450bbf97f8822356fa175397cb9257199 152620 openldap_2.4.42+dfsg-2.debian.tar.xz Files: e1e8907dcd6e33dc3250773432b142fc 4813173 openldap_2.4.42+dfsg.orig.tar.gz b144cbc20d844d1696a8be03da49c4f5 152620 openldap_2.4.42+dfsg-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJV8pJJAAoJEKmDSiJSB45OvZQP/R3tI2BfajbEDtX6HUi02IO2 q/g859DVEq2aBoVGVPtG9RK//veNygxakuwuIL57P9fksKQTPs/Zh1dBQOCKOU+Y GKjl6Fsj8mlw/DwzF3pHCRl87jKAXPTzggaAlSeg2bCVv1JnT5Xeiyi7VNlHnlD6 gfsmQb8Wn+E8tMNrKqugU1HVV7PlwFBnLMG++JPq1T6OegfayoS+o9IqkckN86Vg wbCDpi4zxpym6HAHo9rhum1fHYZI+aQko8qfZeH1cCvwCL+GBTLqgrhOZYh2FaDQ dki5u4XGEISQ9/KPeD8UA+bmQ+iA05uIqJgleZSsJvHHkdNbtrhdFe0zmV4dSVWM oVMXToNm7ccGdpU82yyDUm5c0N2N+iF9zOvMCtVvJsS8qCaFKK55FS9BW6ieZa/1 CWc5STJ1jpS44bh4CWjCihvbB3vYPQPcaDLQnBJY/8e0M8iHKwwwhLdfTh7PA0so ieI7LrEWHBtsRnM7lNdDyN3F2Dy2xJhdhfKwVLYvhOwt3O1lN9G626M/UxLRPJYQ RzKJ3mMhSzBNvhOOepc3oe0RX9qk0WkmxS5xEHeuZKrGA8L8h7Bx7vTrKQmFxjb0 x22QO4+ykHb0WUCISW3YAYrDwMUiiUffJC8yijy1Jd/6hmMswSUlOgsL8d9C9gm1 00uNk3x11BBUgzzYzr8/ =AL0J -----END PGP SIGNATURE----- Changes: openldap (2.4.42+dfsg-2) unstable; urgency=medium [ Ryan Tandy ] * Change explicit Pre-Depends: multiarch-support to ${misc:Pre-Depends}, as recommended by lintian. * Omit slapd, slapd-dbg, and slapd-smbk5pwd from the stage1 build profile. This allows the dependency loop with heimdal to be broken for bootstrapping, and the dependency on libperl-dev to be avoided for cross-building. Thanks Daniel Schepler and Helmut Grohne. (Closes: #724518) * Apply wrap-and-sort to the Build-Depends field. * Drop libncurses5-dev from Build-Depends, no longer needed since the ud tool was removed in OpenLDAP 2.1.4. * Drop libltdl3-dev as an alternate Build-Depends, since that package was removed after lenny. * Annotate Build-Depends on perl with :any to allow running the system perl interpreter during cross builds. * Ensure CC is set correctly for cross builds. Thanks Helmut Grohne. * Build-Depend on dpkg-dev (>= 1.17.14) and debhelper (>= 9.20141010) for restriction formula support. * Override the 'dev-pkg-without-shlib-symlink' lintian tag. The symlink is actually in the form libldap_r.so -> libldap_r-2.4.so.xyz and the tag is a false positive; see #687022. * Include the smbk5pwd man page in the slapd-smbk5pwd package. * Allow anonymous read access to the shadowLastChange attribute by default, allowing nss-ldap/nss-ldapd to handle password expiry correctly even when bound anonymously. This was the only restricted shadow attribute, the others were already world-readable. (Closes: #669235) * Drop the redundant default ACL for dn.base="" from the database entry. It's already covered by the fallback case below. * Copy more comments from the slapd.conf template to slapd.init.ldif. Also comment the shadowLastChange access rule. * Import upstream patch to remove an unnecessary assert(0) that could be triggered remotely by an unauthenticated user by sending a malformed BER element. (ITS#8240) [ Peter Marschall ] * Add a manual page slapo-smbk5pwd.5 and update smbk5pwd's Makefile to install the new manual page. (Closes: #794998) -- Ryan Tandy <[email protected]> Thu, 10 Sep 2015 20:13:17 -0700