Fedora 14 Update: openldap-2.4.23-3.fc14

updates at fedoraproject.org updates at fedoraproject.org
Mon Nov 22 22:11:04 UTC 2010 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-17892
2010-11-18 23:25:59
--------------------------------------------------------------------------------

Name        : openldap
Product     : Fedora 14
Version     : 2.4.23
Release     : 3.fc14
URL         : http://www.openldap.org/
Summary     : LDAP support libraries
Description :
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools. LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet. The openldap package contains configuration files,
libraries, and documentation for OpenLDAP.

--------------------------------------------------------------------------------
Update Information:

various TLS bugfixes and one new feature

- reject non-file keyfiles in TLS_CACERTDIR (#652315)
- TLS_CACERTDIR precedence over TLS_CACERT (#652304)
- accept only files in hash.0 format in TLS_CACERTDIR (#650288)
- improve SSL/TLS trace messages (#652818)
- add support for multiple prefixed Mozilla NSS database files in TLS_CACERTDIR
Rebase to the same version which have in Rawhide. This is only minor change, there are no new features, only bugfixes. The last critical change (replacing crypto backend OpenSSL with MozNSS) is already in F14 and was well tested during TestDay (https://fedoraproject.org/wiki/Test_Day:2010-10-14_OpenLDAP/NSS). This update should be safe enough.

Three other bugs are fixed as well.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 18 2010 Jan Vcelak <jvcelak at redhat.com> 2.4.23-3
- add support for multiple prefixed Mozilla NSS database files in TLS_CACERTDIR
- reject non-file keyfiles in TLS_CACERTDIR (#652315)
- TLS_CACERTDIR precedence over TLS_CACERT (#652304)
- accept only files in hash.0 format in TLS_CACERTDIR (#650288)
- improve SSL/TLS trace messages (#652818)
* Mon Nov  1 2010 Jan Vcelak <jvcelak at redhat.com> 2.4.23-2
- fix possible infinite loop when checking permissions of TLS files (#641946)
- removed outdated autofs.schema (#643045)
- removed outdated README.upgrade
- removed relics of migrationtools
* Fri Aug 27 2010 Jan Vcelak <jvcelak at redhat.com> 2.4.23-1
- rebase to 2.4.23
- embeded db4 library removed
- removed bogus links in "SEE ALSO" in several man-pages (#624616)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #652315 - crash when TLS_CACERTDIR contains a subdirectory
        https://bugzilla.redhat.com/show_bug.cgi?id=652315
  [ 2 ] Bug #652304 - TLS_CACERTDIR takes precedence over TLS_CACERT
        https://bugzilla.redhat.com/show_bug.cgi?id=652304
  [ 3 ] Bug #650288 - openldap should ignore files not in the openssl c_hash format in cacertdir
        https://bugzilla.redhat.com/show_bug.cgi?id=650288
  [ 4 ] Bug #652818 - improve SSL/TLS log messages
        https://bugzilla.redhat.com/show_bug.cgi?id=652818
  [ 5 ] Bug #643045 - outdated autofs.schema
        https://bugzilla.redhat.com/show_bug.cgi?id=643045
  [ 6 ] Bug #641946 - slapd init script gets stuck in an infinite loop
        https://bugzilla.redhat.com/show_bug.cgi?id=641946
  [ 7 ] Bug #624616 - Bogus links in "SEE ALSO" part of several man-pages
        https://bugzilla.redhat.com/show_bug.cgi?id=624616
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update openldap' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list