[389-users] Review 389-ds install/upgrade procedures and requisites on http://directory.fedoraproject.org/docs/389ds/download.html

Ted Strother tstrothe at umich.edu
Mon Mar 9 23:40:33 UTC 2015 

Hi Robert,

Based on the changelog on our satellite server here are all the fixes
beyond the base 1.2.11.15

Change Log
* Tue Jan 20 2015 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-50
- Release 1.2.11.15-50
- Resolves: #1179099 - Problem with single value attribute MMR replication
(DS 47915, DS 569)

* Fri Jan 09 2015 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-49
- Release 1.2.11.15-49
- Resolves: #1180629 - CVE-2014-8105: information disclosure through
'cn=changelog' subtree
- Resolves: #1179099 - Problem with single value attribute MMR replication
(DS 47915)
- Resolves: #1179595 - default nsslapd-sasl-max-buffer-size should be 2MB
(DS 47457)
- Resolves: #1179100 - ACI's are replaced by "ACI_ALL" after editing goup
of ACI's including invalid one (DS 47953)

* Mon Oct 27 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-48
- Release 1.2.11.15-48
- Resolves: Bug #1157395 - ns-slapd segfault in libslapd.so.0.0.0 (DS 47889)

* Mon Sep 29 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-47
- Release 1.2.11.15-47
- Resolves: #1147479 - Memory leak during Reliab15 execution (6.6.z -
#47750)

* Fri Sep 12 2014 Nathan Kinder <nkinder at redhat.com> - 1.2.11.15-46
- Release 1.2.11.15-46
- Resolves: #1138745 - Memory leak during Reliab15 execution

* Thu Sep 11 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-45
- Release 1.2.11.15-45
- Resolves: #1112702 - Broken dereference control with the FreeIPA 4.0 ACIs
(#47885)

* Tue Sep 09 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-44
- Release 1.2.11.15-44
- Resolves: #1079098 - Simultaneous adding a user and binding as the user
could fail in the password policy check (DS 47748) - Simple bind hangs
after enabling password policy

* Fri Sep 05 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-43
- Release 1.2.11.15-43
- Resolves: #1112702 - Broken dereference control with the FreeIPA 4.0 ACIs
(#47885)

* Thu Aug 21 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-42
- Release 1.2.11.15-42
- Resolves: #1129660 - Adding users to user group throws Internal server
error.

* Wed Aug 20 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-41
- Release 1.2.11.15-41
- Resolves: #1130252 - dirsrv not running with old openldap (DS 47875)

* Mon Aug 18 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-40
- Release 1.2.11.15-40
- Resolves: #1130252 - dirsrv not running with old openldap (DS 47875)
- Resolves: #1103287 - logconv.pl memory continually grows (DS 47446)
- Resolves: #1121596 - Deleting attribute present in
nsslapd-allowed-to-delete-attrs returns Operations error (DS 443)
- Resolves: #1109381 - winsync doesn't sync DN valued attributes if DS DN
value doesn't exist (DS 415)
- Resolves: #1128759 - Performance degradation with scope ONE after some
load (DS 47874)
- Resolves: #1127612 - Filter AND with only one clause should be optimized
(DS 47872)
- Resolves: #1014111 - repl-monitor fails to convert "*" to default values
(DS 47862)

* Tue Aug 05 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-39
- Release 1.2.11.15-39
- Resolves: #1123863
EMBARGOED CVE-2014-3562 - unauthenticated information disclosure (Bug
1123477)
- Resolves: #1123863
High contention on computed attribute lock (DS 616)
- Resolves: #1062763
single valued attribute replicated ADD does not work (DS 47692)
- Resolves: #1121596
Deleting attribute present in nsslapd-allowed-to-delete-attrs returns
Operations error (DS 443)
- Resolves: #1014111
Repl-monitor.pl ignores the provided connection parameters (DS 47862)
- Resolves: #1115281
New defects found in 389-ds-base-1.2.11 (DS 47863)
- Resolves: #1112729
paged results control is not working in some cases when we have a
subsuffix. (DS 47824)

* Tue Jul 01 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-38
- Release 1.2.11.15-38
- Resolves: bug 1080185 - revert - Creating a glue fails if one above level
is a conflict or missing (DS 47750;Patch233)

* Tue Jul 01 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-37
- Release 1.2.11.15-37
- Resolves: bug 1113606 - server restart wipes out index config if there is
a default index (DS 47831)
- Resolves: bug 1112702 - Broken dereference control with the FreeIPA 4.0
ACIs (DS 47821)
- Resolves: bug 1080185 - Creating a glue fails if one above level is a
conflict or missing (DS 47750)

* Mon Jun 23 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-36
- Release 1.2.11.15-36
- Resolves: bug 1088171 - revert - 7-bit check plugin does not work for
userpassword attribute (DS 47423)

* Fri Jun 20 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-35
- Release 1.2.11.15-35
- Resolves: Bug 1111404 - 1.2.11 branch: coverity errors (DS 47820)

* Mon Jun 16 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-34
- Release 1.2.11.15-34
- Resolves: bug 1109952 - memory leak in ldapsearch filter objectclass=*
(DS 47780)
- Resolves: bug 1109443 - Server hangs in cos_cache when adding a user
entry (DS 47649)
- Resolves: bug 1109333 - 389 Server crashes if uniqueMember is invalid
syntax and memberOf plugin is enabled. (DS 47793)
- Resolves: bug 1109335 - Parent numsubordinate count can be incorrectly
updated if an error occurs (DS 47782)
- Resolves: bug 1109337 - Nested tombstones become orphaned after purge (DS
47767)
- Resolves: bug 1109352 - Tombstone purging can crash the server if the
backend is stopped/disabled (DS 47766)
- Resolves: bug 1109356 - Coverity issue in 1.3.3 (DS 47740)
- Resolves: bug 1109358 - A tombstone entry is deleted by ldapdelete (DS
47731)
- Resolves: bug 1109361 - rsa_null_sha should not be enabled by default (DS
47637)
- Resolves: bug 1109363 - valgrind - value mem leaks, uninit mem usage (DS
47455)
- Resolves: bug 1109373 - provide default syntax plugin (DS 47369)
- Resolves: bug 1109377 - Environment variables are not passed when DS is
started via service (DS 47693)
- Resolves: bug 1109379 - changelog iteration should ignore cleaned rids
when getting the minCSN (DS 47627)
- Resolves: bug 1109381 - winsync doesn't sync DN valued attributes if DS
DN value doesn't exist (DS 415)
- Resolves: bug 1109384 - logconv.pl man page missing -m,-M,-B,-D (DS 47447)
- Resolves: bug 1109387 - IDL-style can become mismatched during partial
restoration
- Resolves: bug 1028344 - Slow ldapmodify operation time for large
quantities of multi-valued attribute values (DS 346)
- Resolves: bug 985270 - [RFE] Add Password adminstrators to RHDS 9 as in
http://directory.fedoraproject.org/wiki/Password_Administrator (DS 417,
458, 47522)
- Resolves: bug 1070720 - rsearch filter error on any search filter (DS
47722)
- Resolves: bug 1095847 - CoS cache re-scanning severely impacts
performance (DS 47762)
- Resolves: bug 1103287 - logconv.pl memory continually grows (DS 47446)
- Resolves: bug 1106917 - managed entry plugin fails to update member
pointer on modrdn operation (DS 47813)
- Resolves: bug 1048987 - memory leak in ldapsearch filter objectclass=*
(DS 47780)
- Resolves: bug 1077895 - Memory leak with proxy auth control (DS 47743)
- Resolves: bug 1079098 - Simultaneous adding a user and binding as the
user could fail in the password policy check (DS 47748)
- Resolves: bug 1080185 - Creating a glue fails if one above level is a
conflict or missing (DS 47750)
- Resolves: bug 1083272 - RHEL6.6 389-ds-base slapd segfault during
ipa-replica-instal (DS 47448)
- Resolves: bug 1086454 - ACI warnings in error log (DS 47670)
- Resolves: bug 1086889 - empty modify returns LDAP_INVALID_DN_SYNTAX (DS
47772)
- Resolves: bug 1086901 - mem leak in do_bind when there is an error (DS
47773)
- Resolves: bug 1086903 - mem leak in do_search - rawbase not freed upon
certain error (DS 47774)
- Resolves: bug 1086907 - Performing deletes during tombstone purging
results in operation errors (DS 47771)
- Resolves: bug 1088171 - 7-bit check plugin does not work for userpassword
attribute (DS 47423)
- Resolves: bug 1090176 - #481 breaks possibility to reassemble memberuid
list (DS 47770)
- Resolves: bug 1092097 - A replicated MOD fails (Unwilling to perform) if
it targets a tombstone (DS 47787)
- Resolves: bug 1094277 - IPA Server Slow Performance, high CPU usage of
ns-slapd (DS 47426)
- Resolves: bug 1097002 - Problem with deletion while replicated (DS 47764)
- Resolves: bug 1098653 - db2bak.pl error with changelogdb (DS 47804)
- Resolves: bug 1103337 - find a way to remove replication plugin errors
messages "changelog iteration code returned a dummy entry with csn %s,
skipping ..." (DS 47809)
- Resolves: bug 1001037 - WinSync removes User must change password flag on
the Window side (DS 47492)
- Resolves: bug 1004876 - idlistscanlimit per index/type/value (DS 47504)
- Resolves: bug 1008021 - Self entry access ACI not working properly (DS
47331)
- Resolves: bug 1009122 - replication stops with excessive clock skew (DS
47516)
- Resolves: bug 1012699 - DSUtil.pm needs to check $res variable (DS 422)
- Resolves: bug 1013133 - logconv.pl - RFE - track bind info (DS 356)
- Resolves: bug 1013134 - Improve memory management in logconv.pl (DS 419)
- Resolves: bug 1013135 - logconv.pl tool removes the access logs contents
if "-M" is is not correctly used (DS 471)
- Resolves: bug 1013138 - logconv.pl should handle microsecond timing (DS
539)
- Resolves: bug 1013140 - logconv.pl -m not working for all stats (DS 47336)
- Resolves: bug 1013141 - logconv.pl missing stats for starttls, ldapi, and
autobind (DS 611)
- Resolves: bug 1013142 - logconv.pl -m time calculation is wrong (DS 47341)
- Resolves: bug 1013152 - add etimes to per second/minute stats (DS 47348)
- Resolves: bug 1013160 - Indexed search are logged with 'notes=U' in the
access logs (DS 47354)
- Resolves: bug 1013161 - improve logconv.pl performance with large access
logs (DS 47387)
- Resolves: bug 1013162 - logconv warning - Use of comma-less variable list
is deprecated (DS 47461)
- Resolves: bug 1013163 - logconv.pl uses /var/tmp for BDB temp files (DS
47501)
- Resolves: bug 1013164 - Fix various issues with logconv.pl (DS 47520)
- Resolves: bug 1013165 - logconv: some stats do not work across server
restarts (DS 47533)
- Resolves: bug 1014111 - [RFE - RHDS9] CLI report to monitor replication
(DS 47538)
- Resolves: bug 1014351 - Coverity fixes - 12023, 12024, and 12025 (DS
47540)
- Resolves: bug 1016717 - memory leak in range searches (DS 47517)
- Resolves: bug 1022500 - Winsync plugin segfault during incremental
backoff (DS 47581)
- Resolves: bug 1024337 - Overflow in nsslapd-disk-monitoring-threshold on
i686 (DS 47638)
- Resolves: bug 1026956 - 1.2.11.29 crash when removing entries from cache
(DS 47577)
- Resolves: bug 1027496 - Replication Failures related to skipped entries
due to cleaned rids (DS 47585)
- Resolves: bug 1031222 - hard coded limit of 64 masters in agreement and
changelog code (DS 47587)
- Resolves: bug 1032315 - attrcrypt fails to find unlocked key (DS 47596)
- Resolves: bug 1032317 - entries with empty objectclass attribute value
can be hidden (DS 47591)
- Resolves: bug 1034265 - 7-bit check plugin not checking MODRDN operation
(DS 47641)
- Resolves: bug 1044106 - logconv: failed logins: Use of uninitialized
value in numeric comparison at logconv.pl line 949 (DS 47550)
- Resolves: bug 1044108 - logconv: -V does not produce unindexed search
report (DS 47551)
- Resolves: bug 1049029 - Windows Sync group issues (DS 47642)
- Resolves: bug 1053232 - modify-delete userpassword (DS 47678)
- Resolves: bug 1053766 - ldapdelete returns non-leaf entry error while
trying to remove a leaf entry (DS 47736)
- Resolves: bug 1057805 - Size returned by slapi_entry_size is not accurate
(DS 47677)
- Resolves: bug 1060385 - Logconv.pl with an empty access log gives lots of
errors (DS 47713)
- Resolves: bug 1062763 - single valued attribute replicated ADD does not
work (DS 47692)
- Resolves: bug 1070583 - rhds91 389-ds-base-1.2.11.15-31.el6_5.x86_64
crash in db4 _ (DS 47729)
- Resolves: bug 1073530 - Enrolling a host into IdM/IPA always takes two
attempts (IPA 3377, DS 47704)
- Resolves: bug 1074076 - e_uniqueid fails to set if an entry is a conflict
entry (DS 47735)
- Resolves: bug 1074305 - Under heavy stress, failure of turning a
tombstone into glue (DS 47737)

* Mon May 19 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-33
- Release 1.2.11.15-33
- Resolves: bug 1044218 - fix memleak caused by 47347 (DS 47623)
- Resolves: bug 1071707 - rhds91 389-ds-base-1.2.11.15-31.el6_5 crash on
paged searches followed by simple srch (DS 47707)

* Tue Mar 11 2014 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-32
- Release 1.2.11.15-32
- Resolves: bug 1074848 - EMBARGOED CVE-2014-0132 389-ds-base: 389-ds: flaw
in parsing authzid can lead to privilege escalation [rhel-6.6] (Ticket
47739 - directory server is insecurely misinterpreting authzid on a
SASL/GSSAPI bind)

* Mon Dec 02 2013 Rich Megginson <rmeggins at redhat.com> - 1.2.11.15-31
- Resolves: bug 1033405 - regression in ipa due to patch for ns-slapd stuck
in DS_Sleep

* Mon Nov 04 2013 Rich Megginson <rmeggins at redhat.com> - 1.2.11.15-30
- Resolves: bug 1024977 CVE-2013-4485 389-ds-base: DoS due to improper
handling of ger attr searches

* Tue Oct 15 2013 Rich Megginson <rmeggins at redhat.com> - 1.2.11.15-29
- Bump version to 1.2.11.15-29
- Resolves: bug 1008013: DS91: ns-slapd stuck in DS_Sleep

* Tue Oct 08 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-28
- Bump version to 1.2.11.15-28
- Resolves: Bug 1016038 - Users from AD sub OU does not sync to IPA (ticket
47488)

* Mon Sep 30 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-27
- Bump version to 1.2.11.15-27
- Resolves: Bug 1013735 - CLEANALLRUV doesnt run across all replicas
(ticket 47509)

* Fri Sep 27 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-26
- Bump version to 1.2.11.15-26
- Resolves: Bug 947583 - ldapdelete returns non-leaf entry error while
trying to remove a leaf entry (ticket 47534)

* Thu Sep 26 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-25
- Bump version to 1.2.11.15-25
- Resolves: Bug 1006846 - 2Master replication with SASL/GSSAPI auth broken
(ticket 47523)
- Resolves: Bug 1007452 - Under specific values of nsDS5ReplicaName,
replication may get broken or updates (ticket 47489)

* Tue Sep 17 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-24
- Bump version to 1.2.11.15-24
- Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold;
Changed CONFIG_INT to CONFIG_LONG for nsslapd-disk-monioring-threshold
(ticket 47427)

* Wed Aug 28 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-23
- Bump version to 1.2.11.15-23
- Resolves: Bug 1000632 - CVE-2013-4283 389-ds-base: ns-slapd crash due to
bogus DN
- Resolves: Bug 1002260 - server fails to start after upgrade(schema error)
(ticket 47318)

* Wed Aug 07 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-22
- Bump version to 1.2.11.15-22
- Resolves: Bug 923909 - 389-ds-base cannot handle Kerberos tickets with
PAC (ticket 632)
- Resolves: Bug 928159 - CVE-2013-1897 389-ds: unintended information
exposure when rootdse is enabled
- Resolves: Bug 947583 - ldapdelete returns non-leaf entry error while
trying to remove a leaf entry (ticket 47367)
- Resolves: Bug 951616 - error syncing group if group member user is not
synced (ticket 47327)
- Resolves: Bug 953052 - DESC should not be empty as per RFC 2252 (ldapv3)
(ticket 47376)
- Resolves: Bug 957305 - DS instance crashes under a high load (ticket
47349)
- Resolves: Bug 957864 - Simple paged results should support async search
(ticket 47347)
- Resolves: Bug 958522 - loading an entry from the database should use
str2entry_fast (ticket 531)
- Resolves: Bug 962885 - RHEL 6.2 to 6.4 ipa upgrade selinuxusermap data
not replicating (ticket 47362)
- Resolves: Bug 963234 - When integrating with Red Hat IDM/DS, an LDAP
protocol error is thrown (ticket 47361)
- Resolves: Bug 966781 - new ldap connections can block ldaps and ldapi
connections (ticket 47359)
- Resolves: Bug 968383 - Wrong error code return when using EXTERNAL SASL
and untrusted certificate (ticket 580)
- Resolves: Bug 968503 - flush_ber error sending back start_tls response
will deadlock (ticket 47375)
- Resolves: Bug 969210 - make listen backlog size configurable (ticket
47377)
- Resolves: Bug 970995 - RHDS not shutting down when disk monitoring
threshold is reached to half. (ticket 47385)
- Resolves: Bug 971033 - connections attribute in cn=snmp,cn=monitor is
counted twice (ticket 47383)
- Resolves: Bug 971966 - 389 DS Replication failures due to Fractional
updates (ticket 47386)
- Resolves: Bug 972976 - ldbm errors when adding/modifying/deleting entries
(ticket 47392)
- Resolves: Bug 973583 - ns-slapd instance crashed with signal 11 SIGSEGV
(ticket 47391)
- Resolves: Bug 974361 - Account policy plugin fails to lock user when
policy is created for individual users to lock based to createtimestamp.
(ticket 47397)
- Resolves: Bug 974719 - rhds90 crash on tombstone modrdn (ticket 47396)
- Resolves: Bug 974875 - Attributes fail to be encrypted/decrypted properly
when replicated (ticket 47393)
- Resolves: Bug 975243 - DS9 still observes altStateAttrName as
createTimestamp when attribute is removed from the account policy (ticket
47395)
- Resolves: Bug 975250 - Changelog deadlock replication failures with DNA
(ticket 47410)
- Resolves: Bug 976546 - Attribute names are incorrect in search results
(ticket 47402)
- Resolves: Bug 979169 - allow setting db deadlock rejection policy (ticket
47409)
- Resolves: Bug 979435 - Replication problem with add-delete requests on
single-value (ticket 47424)
- Resolves: Bug 979515 - CVE-2013-2219 Directory Server: ACLs inoperative
in some search scenarios
- Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold
(ticket 47427)
- Resolves: Bug 983091 - Memory leak in 389-ds-base 1.2.11.15 (ticket 47428)
- Resolves: Bug 986131 - Very large entryusn values after enabling the USN
plugin and the lastusn value is negative. (ticket 47435)
- Resolves: Bug 986424 - fix recent compiler warnings (ticket 47378)
- Resolves: Bug 986857 - Disk Monitoring not checking filesystem with logs
(ticket 47441)
- Resolves: Bug 987703 - memleaks in set_krb5_creds (ticket 47421)
- Resolves: Bug 988562 - deadlock after adding and deleting entries (ticket
47449)
- Resolves: Bug 989692 - Sorting with attributes in ldapsearch gives
incorrect result (ticket 543)

* Wed Aug 07 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-21
This patch is found broken and duplicated. Getting rid of it in
1.2.11.15-22.
commit 2b3a50d55707ffa281c922ec188850576b757934
Author: Mark Reynolds <mreynolds at redhat.com>
Date: Tue Jul 23 10:28:45 2013 -0400
Add patch 0049 for Tickets-47427-47441

* Fri Jul 26 2013 Mark Reynolds <mreynolds at redhat.com> - 1.2.11.15-20
- Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-threshold(part
5 limits not displayed correctly). (ticket 47427)

* Thu Jul 25 2013 Mark Reynolds <mreynolds at redhat.com> - 1.2.11.15-19
- Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-threshold(part
4). (ticket 47427)

* Thu Jul 25 2013 Mark Reynolds <mreynolds at redhat.com> - 1.2.11.15-19
- Bump version to 1.2.11.15-19
- Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-threshold(part
3). (ticket 47427)

* Tue Jul 23 2013 Mark Reynolds <mreynolds at redhat.com> - 1.2.11.15-19
- Bump version to 1.2.11.15-19
- Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold(part
2). (ticket 47427)
- Resolves: Bug 986857 - Disk Monitoring not checking filesystem with logs
(ticket 47741)

* Mon Jul 15 2013 Mark Reynolds <mreynolds at redhat.com> - 1.2.11.15-18
- Bump version to 1.2.11.15-18
- Resolves: Bug 970995 - DS not shutting down when disk monitoring
threshold is reached to half. (Ticket 47385)
- Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold.
(ticket 47427)

* Wed Apr 10 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-14
- Resolves: Bug 921937 - ns-slapd crashes sporadically with segmentation
fault in libslapd.so (ticket 627)
- Resolves: Bug 923503 - cleanAllRUV task fails to cleanup config upon
completion (ticket 623)

* Thu Mar 28 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-13
bump version to 1.2.11.15-13
- Resolves: Bug 923503 - cleanAllRUV task fails to cleanup config upon
completion (ticket 623)
- Resolves: Bug 923502 - Coverity issue 13091
- Resolves: Bug 923407 - Deadlock in DNA plug-in (ticket 634)
- Resolves: Bug 921937 - ns-slapd crashes sporadically with segmentation
fault in libslapd.so (ticket 627)
- Resolves: Bug 923504 - crash in aci evaluation (ticket 628)
- Resolves: Bug 928159 - unintended information exposure when anonymous
access is set to rootdse (ticket 47308)

* Fri Feb 22 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-12
- Resolves: Bug 910581 - dse.ldif is 0 length after server kill or machine
kill
- Resolves: Bug 908861 - Error messages encountered when using POSIX winsync
- Resolves: Bug 907985 - DNA: use event queue for config update only at the
start up
- Resolves: Bug 830334 - Invalid chaining config triggers a disk full error
and shutdown
- Resolves: Bug 906583 - DS returns error 20 when replacing values of a
multi-valued attribute (only when replication is enabled)
- Resolves: Bug 906005 - Valgrind reports memleak in
modify_update_last_modified_attr
- Resolves: Bug 905825 - PamConfig schema not updated during upgrade
- Resolves: Bug 913215 - ns-slapd segfaults while trying to delete a
tombstone entry
- Resolves: Bug 913229 - unauthenticated denial of service vulnerability in
handling of LDAPv3 control data

* Mon Jan 21 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-11
- Resolves: Bug 896256 - updating package touches configuration files

* Tue Jan 08 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-10
- Resolves: Bug 889083 - For modifiersName/internalModifiersName feature,
internalModifiersname is not working for DNA plugin

* Fri Jan 04 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-9
- Resolves: Bug 891930 - DNA plugin no longer reports additional info when
range is depleted

* Tue Dec 18 2012 Rich Megginson <rmeggins at redhat.com> - 1.2.11.15-8
- Resolves: Bug 887855 - RootDN Access Control plugin is missing after
upgrade from RHEL63 to RHEL64

* Fri Dec 07 2012 Noriko Hosoi <nhosoi at redhat.com> - 1.2.11.15-7
- Resolves: Bug 830355 - [RFE] improve cleanruv functionality
- Resolves: Bug 876650 - Coverity revealed defects
- Ticket #20 - [RFE] Allow automember to work on entries that have already
been added (Bug 768084)
- Resolves: Bug 834074 - [RFE] Disable replication agreements
- Resolves: Bug 878111 - ns-slapd segfaults if it cannot rename the logs

* Thu Nov 29 2012 Rich Megginson <rmeggins at redhat.com> - 1.2.11.15-6
- Resolves: Bug 880305 - spec file missing dependencies for x86_64
6ComputeNode
- use perl-Socket6 on RHEL6

* Tue Nov 27 2012 Rich Megginson <rmeggins at redhat.com> - 1.2.11.15-5
- Resolves: Bug 880305 - spec file missing dependencies for x86_64
6ComputeNode

* Fri Nov 16 2012 Noriko Hosoi <nhoso at redhat.com> - 1.2.11.15-4
- Resolves: Bug 868841 - Newly created users with organizationalPerson
objectClass fails to sync from AD to DS with missing attribute error
- Resolves: Bug 868853 - Winsync: DS error logs report wrong version of
Windows AD when winsync is configured.
- Resolves: Bug 875862 - crash in DNA if no dnamagicregen is specified
- Resolves: Bug 876694 - RedHat Directory Server crashes (segfaults) when
moving ldap entry
- Resolves: Bug 876727 - Search with a complex filter including range
search is slow
- Ticket #495 - internalModifiersname not updated by DNA plugin (Bug 834053)

* Mon Nov 05 2012 Rich Megginson <rmeggins at redhat.com> - 1.2.11.15-3
- Resolves: Bug 870158 - slapd entered to infinite loop during new index
addition
- Resolves: Bug 870162 - Cannot abandon simple paged result search
- c970af0 Coverity defects
- 1ac087a Fixing compiler warnings in the posix-winsync plugin
- 2f960e4 Coverity defects
- Ticket #491 - multimaster_extop_cleanruv returns wrong error codes

* Tue Oct 09 2012 Noriko Hosoi<nhosoi at redhat.com> - 1.2.11.15-2
- Resolves: Bug 834063 [RFE] enable attribute that tracks when a password
was last set on an entry in the LDAP store; Ticket #478
passwordTrackUpdateTime stops working with subtree password policies
- Resolves: Bug 847868 [RFE] support posix schema for user and group sync;
Ticket #481 expand nested posix groups
- Resolves: Bug 860772 Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated
in acl
- Resolves: Bug 863576 Dirsrv deadlock locking up IPA
- Resolves: Bug 864594 anonymous limits are being applied to directory
manager

* Tue Sep 25 2012 Rich Megginson <rmeggins at redhat.com> - 1.2.11.15-1
- Resolves: Bug 856657 dirsrv init script returns 0 even when few or all
instances fail to start
- Resolves: Bug 858580 389 prevents from adding a posixaccount with
userpassword after schema reload

On Mon, Mar 9, 2015 at 6:44 PM, Robert Viduya <robert at oit.gatech.edu> wrote:

>
> On Mar 9, 2015, at 5:30 PM, Noriko Hosoi <nhosoi at redhat.com> wrote:
>
> Hello,
>
> On 03/09/2015 02:18 PM, Robert Viduya wrote:
>
> I'm in the same boat.  We, as an enterprise, have standardized on RHEL6 as
> our OS, with RHEL7 only on the horizon.  Switching to either Fedora or
> CentOS isn't an option.  But the only "official" 389 release for RHEL6 is
> years old.
>
> I reported a bug about a year ago, 47739, that's been fixed since
> 1.2.11.26.  But only 1.2.11.15 is available for RHEL6.  So, yes, there's at
> least one fix that we need that isn't available to us.  But really, there's
> tons of bug fixes and features that have come out since then.  The longer
> we're held back, the harder it will be to get our user base to adapt to all
> the new features once we do upgrade.
>
> The fix for the ticket 47739 is included in 389-ds-base-1.2.11.15-32 and
> newer and released on October 13, 2014 for RHEL-6.6.
>
> Sorry about missing the announcement.  Could it be possible to upgrade
> your RHEL6 bits to the latest 389-ds-base-1.2.11.15-50.el6?
>
>
> Ok, so the EL6 dash releases have fixes for stuff that isn’t in the base
> 1.2.11.15 release.  Is that detailed somewhere?  Yes, I can upgrade to -50,
> but I and my managers would want to know what’s changed.
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>



-- 
Ted Strother
Systems Administrator Senior
Information Technology Services
University of Michigan-Dearborn
19000 Hubbard Drive, 238 FCN
Dearborn, MI 48126
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20150309/f147af84/attachment.html>

More information about the 389-users mailing list