Bug 1147983

Summary: Rebase openldap to 2.4.40
Product: Red Hat Enterprise Linux 6 Reporter: Jan Synacek <jsynacek>
Component: openldapAssignee: Jan Synacek <jsynacek>
Status: CLOSED ERRATA QA Contact: Patrik Kis <pkis>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 6.7CC: ebenes, jsynacek, pkis, qe-baseos-security, rh, salmy
Target Milestone: rcKeywords: Rebase
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
The openldap packages have been upgraded to upstream version 2.4.40, which provides a number of bug fixes and enhancements over the previous version. (BZ#1147983)
 Story Points: ---
Clone Of: 1147982 Environment:
Last Closed: 2015-07-22 06:18:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1147982    
Bug Blocks: 1159820    

Description Jan Synacek 2014-09-30 13:13:16 UTC 
+++ This bug was initially created as a clone of Bug #1147982 +++

Description of problem:

OpenLDAP 2.4.40 Release (2014/09/20)
	Fixed libldap DNS SRV priority handling (ITS#7027)
	Fixed libldap don't leak libldap err codes (ITS#7676)
	Fixed libldap CR/LF handling (ITS#4635)
	Fixed libldap ldif-wrap length (ITS#7871)
	Fixed libldap GnuTLS ciphersuite parsing (ITS#7500)
	Fixed libldap GnuTLS with newer versions (ITS#7430,ITS#6359)
	Fixed libldif to correctly handle 4096 character lines (ITS#7859)
	Fixed librewrite reference counting (ITS#7723)
	Fixed slapacl with back-mdb reader transactions (ITS#7920)
	Fixed slapd syncrepl to send cookie on fallback (ITS#7849)
	Fixed slapd syncrepl SEGV when abandoning a connection (ITS#7928)
	Fixed slapd slapcat with external schema (ITS#7895)
	Fixed slapd schema RDN normalization (ITS#7935)
	Fixed slapd with repeated language tags (ITS#7941)
	Fixed slapd modrdn crash on naming attr with no matching rule (ITS#7850)
	Fixed slapd memory leak in control handling (ITS#7942)
	Fixed slapd-ldap removed dead code (ITS#7922)
	Fixed slapd-mdb to work concurrently with slapadd (ITS#7798)
	Fixed slapd-mdb with paged results (ITS#7705, ITS#7800)
	Fixed slapd-mdb slapcat with nonexistent indices (ITS#7870)
	Fixed slapd-mdb long lived reader transactions (ITS#7904)
	Fixed slapd-mdb memory leak on matchedDN (ITS#7872)
	Fixed slapd-mdb sorting of attribute values (ITS#7902)
	Fixed slapd-mdb to flag attribute values as sorted (ITS#7903)
	Fixed slapd-mdb index config handling (ITS#7912)
	Fixed slapd-mdb entry release handling (ITS#7915)
	Fixed slapd-mdb with aliases and referrals (ITS#7927)
	Fixed slapd-mdb alias dereferencing (ITS#7702)
	Fixed slapd-sock socket flushing (ITS#7937)
	Fixed slapo-accesslog attribute normalization (ITS#7934)
	Fixed slapo-accesslog internal search logging (ITS#7929)
	Fixed slapo-auditlog connection destroy logic (ITS#7906,ITS#7923)
	Fixed slapo-chain interaction with slapo-rwm (ITS#7930)
	Fixed slapo-constraint connection destroy logic (ITS#7906,ITS#7923)
	Fixed slapo-dds connection destroy logic (ITS#7906,ITS#7923)
	Fixed slapo-dyngroup connection destroy logic (ITS#7906,ITS#7923)
	Fixed slapo-memberof attr count (ITS#7893)
	Fixed slapo-memberof frontendDB handling (ITS#7249)
	Fixed slapo-memberof internal search logging (ITS#7929)
	Fixed slapo-pcache config processing (ITS#7919)
	Fixed slapo-pcache connection destroy logic (ITS#7906,ITS#7923)
	Added slapo-ppolicy ORDERING rules (ITS#7838)
	Fixed slapo-ppolicy timestamp resolution to use microseconds (ITS#7161)
	Fixed slapo-ppolicy connection destroy logic (ITS#7906,ITS#7923)
	Fixed slapo-refint to check for pauses in cn=config (ITS#7873)
	Fixed slapo-refint internal search logging (ITS#7929)
	Fixed slapo-refint connection destroy logic (ITS#7906,ITS#7923)
	Fixed slapo-seqmod connection destroy logic (ITS#7906,ITS#7923)
	Fixed slapo-slapover connection destroy logic (ITS#7906,ITS#7923)
	Fixed slapo-sock db_init (ITS#7868)
	Fixed slapo-sssvlv fix olcSssVlvMaxPerConn (ITS#7908)
	Fixed slapo-translucent double free (ITS#7587)
	Fixed slapo-translucent to work with manageDSAit (ITS#7864)
	Fixed slapo-translucent to use local backend with local entries (ITS#7915)
	Fixed slapo-unique connection destroy logic (ITS#7906,ITS#7923)
	Fixed slapcacl with invalid suffix (ITS#7827)
	Build Environment
		Remove support for gcrypt (ITS#7877)
		BDB 6.0.20 and later is not supported (ITS#7890)
		Fixed ODBC link check (ITS#7891)
		Fixed slapd.ldif frontend config (ITS#7933)
	Contrib
		Added pbkdf2 module (ITS#7742)
		Fixed autogroup double free (ITS#7831)
		Fixed autogroup modification callback responses (ITS#6970)
		Fixed ldapc++ memory leak in Async connection (ITS#7806)
		Fixed nssov install path (ITS#7858)
		Fixed passwd rpath (ITS#7885)
		Fixed apr1 do_phk_hash argument order (ITS#7869)
		Fixed slapd-sha2 buffer overrun (ITS#7851)
	Documentation
		Fixed slapd.ldif man page reference (ITS#7803)
		Fixed slapd.conf(5) man page to reference exattrs (ITS#7847)
		Fixed guide to work with mkrelease (ITS#7887)
		Fixed ldap_get_dn(3) ldap_ava definition (ITS#7860)
Comment 2 Jan Synacek 2014-11-18 07:53:02 UTC 
It is very important that openldap is rebased to the latest version. Apart from one minor feature, openldap 2.4.40 is a bugfix release.
Comment 13 errata-xmlrpc 2015-07-22 06:18:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1292.html