OpenLDAP 2.4.48 is now available for download as detailed on our download
page:
http://www.openldap.org/software/download/
and should soon be available on all official mirrors:
ftp://ftp.openldap.org/pub/OpenLDAP/MIRRORS
This is a maintenance release and is made available for general use. Users
of OpenLDAP Software are encouraged to upgrade.
This release includes two security fixes, ITS#9038 (CVE-2019-13057) and
ITS#9052 (CVE-2019-13565). These issues are unlikely to affect the
majority of deployments, but please check the details for each issue.
For downstream packagers, this release also includes a new header file
(openldap.h) that should be packaged along with the other header files.
Significant contributors are:
Howard Chu (Symas Corp)
Quanah Gibson-Mount (Symas Corp)
Ondřej Kuzník (Symas Corp)
OpenLDAP 2.4.48 (2019/07/24)
Added libldap OpenSSL Elliptic Curve support (ITS#7595)
Added libldap Expose OpenLDAP specific interfaces via openldap.h
(ITS#8671)
Added slapd-monitor support for slapd-mdb (ITS#7770)
Fixed liblber leaks (ITS#8727)
Fixed liblber with partial flush (ITS#8864)
Fixed libldap ASYNC TLS so it works (ITS#8957,ITS#8980)
Fixed libldap ASYNC connections with Solaris 10 (ITS#8968)
Fixed libldap with SASL_NOCANON=on and ldapi connections (ITS#7585)
Fixed libldap to be able to unset syncrepl TLS options (ITS#7042)
Fixed libldap race condition in ldap_int_initialize (ITS#7996, ITS#8450)
Fixed libldap return code in ldap_create_assertion_control_value
(ITS#8674)
Fixed libldap to correctly disable IPv6 when configured to do so
(ITS#8754)
Fixed libldap to correctly close TLS connection (ITS#8755)
Fixed libldap with non-blocking TLS and referals (ITS#8167)
Fixed libldap_r handling of deprecated OpenSSL function (ITS#8353)
Fixed liblunicode case correspondance (ITS#8508)
Fixed slapd with an idletimeout of less than four seconds (ITS#8952)
Fixed slapd config parser variable for Windows64 (ITS#9012)
Fixed slapd syncrepl fallback handling with delta-syncrepl (ITS#9015)
Fixed slapd telephoneNumberNormalize, cert DN validation (ITS#8999)
Fixed slapd syncrepl for relax with delta-syncrepl (ITS#8037)
Fixed slapd to restrict rootDN proxyauthz to its own databases
(ITS#9038)
Fixed slapd to initialize SASL SSF per connection (ITS#9052)
Fixed slapo-accesslog with SLAP_MOD_SOFT modifications (ITS#8990)
Fixed slapd-ldap starttls connections timeout behavior (ITS#8963)
Fixed slapd-ldap segfault when entry result doesn't match filter
(ITS#8997)
Fixed slapd-meta conversion from slapd.conf to cn=config (ITS#8743)
Fixed slapd-meta assertion when network interface goes down (ITS#8841)
Fixed slapd-mdb fix bitshift integer overflow (ITS#8989)
Fixed slapd-mdb index cleanup with cn=config (ITS#8472)
Fixed slapd-mdb to improve performance with alias deref (ITS#7657)
Fixed slapo-accesslog possible assert with exops (ITS#8971)
Fixed slapo-chain to correctly reject multiple chaining URIs (ITS#8637)
Fixed slapo-chain conversion from slapd.conf to cn=config (ITS#8799)
Fixed slapo-memberof conversion from slapd.conf to cn=config (ITS#8663)
Fixed slapo-memberof for group name change to itself (ITS#9000)
Fixed slapo-ppolicy behavior when pwdInHistory is changed (ITS#8349)
Fixed slapo-rwm to not free original filter (ITS#8964)
Fixed slapo-syncprov contextCSN generation (ITS#9015)
Build Environment
Fixed slapd to only link to BDB libraries with static build
(ITS#8948)
Fixed libldap implicit declaration with LDAP_CONNECTIONLESS
(ITS#8794)
Fixed libldap double inclusion of limits.h in cyrus.c (ITS#9041)
Documentation
General - Fixed minor typos (ITS#8764, ITS#8761)
admin24 - Miscellaneous updates promoting mdb and fixing examples
(ITS#9031)
slapd.access(5) - Note MDB is the primary backend (ITS#8881)
slapd.backends(5) - Note MDB is the recommended backend (ITS#8771)
slapd-ldap(5) - Document starttls parameter (ITS#8693)
Contrib
Added slapo-lastbind capability to forward authTimestamp updates
(ITS#7721)
MD5(openldap-2.4.48.tgz)= 0729a0711fe096831dedc159e0bbe73f
SHA1(openldap-2.4.48.tgz)= c1984e80f6db038b317bf931866adb38e5537dcd
LMDB 0.9.24 Release (2019/07/24)
ITS#8969 Tweak mdb_page_split
ITS#8975 WIN32 fix writemap set_mapsize crash
ITS#9007 Fix loose pages in WRITEMAP
>From https://ldapcon.org/2019/
It's high time we shared the news: the 7th Conference on LDAP, Directory
Services and Identity Management will take place November 4-6th at the
Holiday Inn in Sofia, Bulgaria. November 4th is set aside for workshops,
November 5th and 6th will be the regular sessions.
Situated at the crossroads between the east and the west, Sofia is
nearly 7,000 years old and steeped in historical significance. It's also
the largest city in Bulgaria, one of the top-10 locations in the world
for startups, especially tech, and one of Europe's most affordable
cities. Other attractions include good wine, great food that represents
Balkan and Oriental cuisine, and a great view to the Vitosha mountain,
making it a perfect location for the next LDAPCon.
Topics of interest will include service design, LDAP schema, protocol
enhancements, server technology and client programming.
There will be ample opportunities to meet other LDAP specialists
including the central figures in the development teams of many
well-known server products.
The Call for Participation is now open[0] and runs until August 1st.
[0]. https://cfp.ldapcon.org/ldapcon2019/cfp
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
