openldap2-devel-2.4.46-150200.14.11.2<>,b˳p9|Be4.2R,`)jz4T"eicGe)^$pLM.*O\,xK")q2w.X>>wHgyM]g R58me&o3`gVg> l::m z$76)cAv/{NХjj68mOu;/EB$" ZF=Krs=#'++FKTBP6崴uwsٞ`R_q27by\ŗk>A?d ( _ :RX`h  p  x  !$'++.//////(/8/@90@:5@FGHIXY\]^.b]cdefluvz8HL]`djCopenldap2-devel2.4.46150200.14.11.2Libraries, Header Files and Documentation for OpenLDAPThis package provides the OpenLDAP libraries, header files, and documentation.b˳sheep71RfSUSE Linux Enterprise 15SUSE LLC OLDAP-2.8https://www.suse.com/Development/Libraries/C and C++http://www.openldap.orglinuxx86_64;u$$ T d    ( #J4  Z  {Q 1  0  bTbTbTbTbUbUbUbUbUbUb˟bYbˣbˣbˤbˤbˤbˣbˣbˤbˣbˣbˢbˣbˣbˣbˣbˤbˣbˤbˢbˣbˤbˣbˤbˤbˣbˣbˤbˣbˤbˤbˤbˤbˣbˣbˣb}bbˀbˀbˀbˤb˂b˂bˢb˂bˣbˢbˣbˣbˣbˤb˃bˤb˄bˣbˤbˣbˣbˢbˤbˣb˅bˤbˤbˣbˢbˣbˣbˤbˤb˅bˣbˤbˢbˤbˣbˣbˤbˣbˣbˆbˣbˣbˆbˣbˤbˇbˢbˇbˇbˈbˈbˣbˈbˊbˊbˣbˣbˤbˢbˤbˣbˣbˤbˢbˤbˣbˤbˋbˣbˤbˋbˤbˤbˣbˌbˤbˤbˣbˣbˣbˤbˣbˣbˣbˣbˣbˣbˣbˤbˍbˣbˍbˍbˤbˎbˎbˤbˎbˣbˎbˣbˣbˣbˏbˣbˑbˣbˢbˣbˣbˤbˣbˤbˤbˣbˑbˤbˣbˤbˣbˣbˤbˣbˤbˣbˣbˣb˒bˤbˤbˣb˒bˤbˤbˢbˣbˣb˓bˣbˣbˤ580f36d19ca6a26250e8df7b41d3c25228ce02f9c432d39bbc1da543938bd673a2b6d6ab192265b2851d891db81a75bed9696d79d8f93291c3db93025fa4cdf5c422a988d317e6698b0457e8cf0a8f1ce39fe55c240db08790446d029e907db727b92ab08adc0ad19a4db020f186c0dd4defe31ffaf7ea39f701d93bdaffdceacaec54975f7198552201e4b8b398c715290598fb16e587fcf8c88b1676fb9a769b62289067d896eaf9a70e05b0f9636b0862aa6ae2f2d31f7bc53978bc49105d304af82dfc0846ef12c1bcf2fff9dc8c64afbb137fa5bdd37c2164c0b288a4b159f1323a5d2437cd3614e8b969d4e293b927fde001685303812c624884d33cc5c155e6ad14c54de1ea581c97f805caab3a5316b09a4f1f3c68f7f6f00771ca1fd66b6e51a26ec9a6d6a793dbbc9bf5eb2021cc278adfd41bc9c39de3d5308f9fa3fcf64e3f3131d2f7bbb8df78163442adb93c1630592a324446e84c7554a038c9f8bd17d8b177410a0da968c56113e38e742f6b15ffc2b199f0161b74175e8717421f9e3fbab3fbd9d9de0b282ea764868446e53bddc837de59a4113cee93c676c735a298268cb4c4ef86c60714a89984ca447bfe2c308e82be43336600c5f41afcc6fffac8bc5e00e580a0f0fcfa47965bd37cc5bc3b53da70ff3a4baa244de448eae7bc5f2f68fb690d0607772b974fe82750e00b46402ceb6a10becacfdc07d1b642762f6af1036de29371372a0ecb242773bc09066e023f060e345f45f85ff647c1b3ca0bcc2eb7dc68d40d9624dfb1bd735c5f7b135e4ce90d560f3de1285ad6cbfd51976da34ccab343263e5379d8594db00ad47e7ab2134f44856a3b0c13db8c687e5fe25eca23eb7d05fb55387704ccb76eff6c4e720e542303302a9e983d7cc9883253a06b8f6ca8987a142653b94f0b54dc18982e275a1d03f28197b69011017f7e2a52980105160c7cf589072662fbcc6ea32b6eec021caa1ae90d5fd68f5e20fcd065af70f8b154bac9a2bf38d9dc2cbf5cd6eb99abc187721c88b1ebcc484455114fff24de034ef42466863e6bfdf25b87bf7338904589b22de74ff2a466a7d5b55fb194b1e8cb62b20c9ecc6b9e85e698142545757decd18a658811bd44b794f7934945fe5fa645ef13504a827768695626dfdde50560af1441bfc07f065342f0d89188c539c1595d3c794dccaa2d48c17dcaf4f2c954b96e1ed08a2ec9029d2e200d98d3f6e0c5d40571e53a0bf19fa5bd427470ff93df6fec171f32b96076989d7001540f2438113f5f7018978fbbcb88b11670f58d10daa00b32d42845cefc126d1459cb345100e03598995690b3da80f26ff83e9239d6997ec0856d4f6848f43623642ecf6536af1ca16cc7ce1dc0a7edd1fbcb9eea3e93f6b7a5726aadc95c41cce43a04ded943502a77efda72cfd5f8853f99d1aaf069ea92fe7921e918d4a8d948f5726a30f9b9d8e8697bb81845a031dc85f44e201421aa3a1435f3fd7758e797766b10ffe2382b4b7a166875aa4e9c8e5ba2b8e39a27b80cdc538b5c42fb74b53b564af601ee41e778cec8dba6af645fa191ea9652fde6225d713e6603b889ca7d3105066f5d926a2cd0d92e871fba9b02d8219cb401336783f1a59c0dceff2004e533ff6a4d972c85ddf355460e25d35c5aaa9c8c9b0186c80975d7bc2a3a18018999e96931463805e3fd0153fde28ade789c75f36cfac647763ca460f36de60ec5f9df4bda3049f62186d8208ace70800dd2c6b61e1e1a429ea1195a108ab48bbad2e59273c84f1e5c8eff9fda6927b175f1043da38163d808985604701aae87088323562f76a9d94750519fc80f2832778a7234b443d7555a8d206bebd14d099bf7319bbeaee4c2628e384573aee5240eed44ad149fb89aaf1ca17ea0a8172601cafbd176690a736aed7653629ee905fec4f571439e0163ba6ade67ba406b237c5b858d22b221b8ddd8cff00c687b4026cb49d8b40569c4edaf6c4c1a155dbeb013caafa769bdc115b23a9231dea6a92a4612c7e63c4d6afb0bae7bad192468e82ad65bfd2989d5f595406889c0cd74b06055331ac540414f8b289d2471f6f89e1fb3509406be27748ba8a033b30903fec8e0liblber-2.4.so.2.10.9libldap_r.solibldap_r-2.4.so.2.10.9lber-encode.3.gzlber-types.3.gzlber-types.3.gzlber-types.3.gzlber-types.3.gzlber-types.3.gzlber-types.3.gzlber-types.3.gzlber-types.3.gzlber-types.3.gzlber-decode.3.gzlber-encode.3.gzlber-types.3.gzlber-decode.3.gzlber-decode.3.gzlber-decode.3.gzlber-decode.3.gzlber-decode.3.gzlber-decode.3.gzlber-decode.3.gzlber-decode.3.gzlber-decode.3.gzlber-decode.3.gzlber-encode.3.gzlber-encode.3.gzlber-encode.3.gzlber-encode.3.gzlber-encode.3.gzlber-encode.3.gzlber-encode.3.gzlber-encode.3.gzlber-decode.3.gzlber-decode.3.gzlber-encode.3.gzlber-types.3.gzldap_error.3.gzldap_abandon.3.gzldap_add.3.gzldap_add.3.gzldap_add.3.gzldap_schema.3.gzldap_schema.3.gzldap_schema.3.gzldap_bind.3.gzldap_compare.3.gzldap_compare.3.gzldap_compare.3.gzldap_controls.3.gzldap_controls.3.gzldap_controls.3.gzldap_controls.3.gzldap_controls.3.gzldap_controls.3.gzldap_first_entry.3.gzldap_first_message.3.gzldap_first_reference.3.gzldap_get_values.3.gzldap_get_values.3.gzldap_get_dn.3.gzldap_delete.3.gzldap_delete.3.gzldap_delete.3.gzldap_dup.3.gzldap_get_dn.3.gzldap_get_dn.3.gzldap_get_dn.3.gzldap_get_dn.3.gzldap_get_dn.3.gzldap_error.3.gzldap_error.3.gzldap_get_dn.3.gzldap_get_dn.3.gzldap_extended_operation.3.gzldap_url.3.gzldap_get_values.3.gzldap_open.3.gzldap_open.3.gzldap_open.3.gzldap_tls.3.gzldap_url.3.gzldap_schema.3.gzldap_schema.3.gzldap_schema.3.gzldap_memory.3.gzldap_memory.3.gzldap_memory.3.gzldap_memory.3.gzldap_memory.3.gzldap_modify.3.gzldap_modify.3.gzldap_modify.3.gzldap_modrdn.3.gzldap_modrdn.3.gzldap_modrdn.3.gzldap_modify.3.gzldap_result.3.gzldap_result.3.gzldap_result.3.gzldap_first_attribute.3.gzldap_first_entry.3.gzldap_first_message.3.gzldap_first_reference.3.gzldap_schema.3.gzldap_schema.3.gzldap_schema.3.gzldap_parse_result.3.gzldap_parse_result.3.gzldap_error.3.gzldap_rename.3.gzldap_error.3.gzldap_bind.3.gzldap_bind.3.gzldap_schema.3.gzldap_search.3.gzldap_search.3.gzldap_search.3.gzldap_search.3.gzldap_get_option.3.gzldap_bind.3.gzldap_open.3.gzldap_bind.3.gzldap_bind.3.gzldap_sort.3.gzldap_sort.3.gzldap_sort.3.gzldap_tls.3.gzldap_tls.3.gzldap_schema.3.gzldap_get_dn.3.gzldap_schema.3.gzldap_schema.3.gzldap_schema.3.gzldap_memory.3.gzldap_schema.3.gzldap_schema.3.gzldap_schema.3.gzldap_tls.3.gzldap_bind.3.gzldap_bind.3.gzldap_bind.3.gzldap_bind.3.gzldap_url.3.gzldap_get_values.3.gzldap_get_values.3.gzrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootopenldap2-2.4.46-150200.14.11.2.src.rpmopenldap2-developenldap2-devel(x86-64)    libldap-2_4-2rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.4.46-150200.14.11.23.0.4-14.6.0-14.0-15.2-1openldap-devel4.14.1bx@bu bX b; b; b4t@b/.@b[@``KW`/@`+_@_@_/@_FN_?@^^^*@]B@\ڭ\r@[H[@[vZ@Za@Z@ZZ.s@Z@Y*@Y*@Y@Y@YYp@Yf@Y7Y6@X@X7@X$a@XWk@WbW;VVɦVŲ@VŲ@V@V@V@V@Vf@V^@V\:@V@V @U4@T@Tuwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comvarkoly@suse.comvarkoly@suse.comckowalczyk@suse.comckowalczyk@suse.comzsolt.kalmar@suse.comzsolt.kalmar@suse.commichael@stroeder.comfvogt@suse.commichael@stroeder.comrbrown@suse.comjengelh@inai.demrueckert@suse.demichael@stroeder.commichael@stroeder.commichael@stroeder.commichael@stroeder.commichael@stroeder.comhguo@suse.comhguo@suse.comjengelh@inai.dekukuk@suse.comhguo@suse.comhguo@suse.comjengelh@inai.dehguo@suse.comhguo@suse.comhguo@suse.comjengelh@inai.dehguo@suse.comlmuelle@suse.comhguo@suse.commpluskal@suse.commichael@stroeder.comhguo@suse.commichael@stroeder.comhguo@suse.comhguo@suse.comhguo@suse.comhguo@suse.comhguo@suse.comrguenther@suse.comjengelh@inai.de- bsc#1198341 - Prevent memory reuse which may lead to instability * 0243-Change-malloc-to-use-calloc-to-prevent-memory-reuse-.patch- bsc#1199240 - CVE-2022-29155 - Resolve sql injection in back-sql * 0242-ITS-9815-slapd-sql-escape-filter-values.patch- bsc#1191157 - Correct version specification in ppolicy to allow submission to SP3 for TLS1.3- bsc#1191157 - allow specification of max/min TLS version with TLS1.3 * 0239-ITS-9422-Update-for-TLS-v1.3.patch * 0240-ITS-9518-add-LDAP_OPT_X_TLS_PROTOCOL_MAX-option.patch * 0241-TLS-set-protocol-version.patch- bsc#1197004 - libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol resolution failures. openldap2 and libldap now are locked to their related release versions.- jsc#PM-3288 - restore CLDAP functionality in CLI tools- Revert jsc#PM-3288 - CLDAP ( -DLDAP_CONNECTIONLESS ) due to regression reporting is bsc#1197004 causing SSSD to have faults.- jsc#PM-3288 - restore CLDAP functionality in CLI tools- bsc#1187210 - Resolve bug in the idle / connection TTL timeout implementation in OpenLDAP. * 0231-ITS-9468-Added-test-case-for-proxy-re-binding-anonym.patch * 0232-ITS-9468-back-ldap-Return-disconect-if-rebind-cannot.patch * 0233-ITS-9468-removed-accidental-unicode-characters.patch * 0234-ITS-9468-documented-that-re-connecting-does-not-happ.patch * 0235-ITS-9468-summarize-discussion-about-rebind-as-user.patch * 0236-ITS-9468-fixed-typos.patch * 0237-ITS-9468-always-init-lc_time-and-lc_create_time.patch * 0238-ITS-9468-do-not-arm-expire-timer-for-connections-tha.patch- bsc#1182791 - improve proxy connection timout options to correctly prune connections. * 0225-ITS-8625-Separate-Avlnode-and-TAvlnode-types.patch * 0226-ITS-9197-back-ldap-added-task-that-prunes-expired-co.patch * 0227-ITS-9197-Increase-timeouts-in-test-case-due-to-spora.patch * 0228-ITS-9197-fix-typo-in-prev-commit.patch * 0229-ITS-9197-Fix-test-script.patch * 0230-ITS-9197-fix-info-msg-for-slapd-check.patch- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. * 0220-ITS-9423-ldap_X509dn2bv-check-for-invalid-BER-after-.patch - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. * 0222-ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. * 0223-ITS-9427-fix-issuerAndThisUpdateCheck.patch - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. * 0224-ITS-9428-fix-cancel-exop.patch - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. * 0218-ITS-9412-fix-AVA_Sort-on-invalid-RDN.patch - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. * 0217-ITS-9409-saslauthz-use-slap_sl_free-in-prev-commit.patch * 0216-ITS-9409-saslauthz-use-ch_free-on-normalized-DN.patch - bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. * 0219-ITS-9413-fix-slap_parse_user.patch - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. * 0213-ITS-9406-9407-remove-saslauthz-asserts.patch * 0214-ITS-9406-fix-debug-msg.patch - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). * 0212-ITS-9404-fix-serialNumberAndIssuerCheck.patch * 0221-ITS-9424-fix-serialNumberAndIssuerSerialCheck.patch - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). * 0215-ITS-9408-fix-vrfilter-double-free.patch- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. * patch: 0211-ITS-9454-fix-issuerAndThisUpdateCheck.patch- bsc#1178909 CVE-2020-25709 CVE-2020-25710 - Resolves two issues where openldap would crash due to malformed inputs. * patch: 0209-ITS-9383-remove-assert-in-certificateListValidate.patch * patch: 0210-ITS-9384-remove-assert-in-obsolete-csnNormalize23.patch- bsc#1179503 - fix proxy retry binds to a remote server * patch: 0208-ITS-9400-back-ldap-fix-retry-binds.patch- bsc#1178387 (CVE-2020-25692) - unauthenticated remote denial of service due to incorrect validation of modrdn equality rules. * patch: 0207-ITS-9370-check-for-equality-rule-on-old_rdn.patch- bsc#1175568 CVE-2020-8027 openldap_update_modules_path.sh has a number of issues in it's design that lead to security issues. This file has been removed, from the package, and the %post execution of the install. The function is replaced by /usr/sbin/slapd-ldif-update-crc and /usr/lib/openldap/fixup-modulepath, through the addition of the source files: * fixup-modulepath.sh * slapd-ldif-update-crc.sh * update-crc.sh- bsc#1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. * 0206-openldap-tlso-use-openssl-api-to-verify-host.patch- bsc#1172704 - Change DB_CONFIG to root:ldap permissions. - bsc#1172698 (CVE-2020-8023) - local priv esc via start script chown -R on olcdbdirectory path. Remove chown -R on start to resolve.- bsc#1170771 (CVE-2020-12243) - recursive filters may crash server * patch: 0205-bsc-1170771-limit-depth-of-nested-filters.patch- bsc#1158921 libldap-data should be requires, not recommends to help prevent user confusion around configuration ownership.- bsc#1143194 (CVE-2019-13565) - ssf memory reuse leads to incorrect authorisation of another connection, granting excess connection rights (ssf). * patch: 0201-ITS-9052-zero-out-sasl_ssf-in-connection_init.patch - bsc#1143273 (CVE-2019-13057) - rootDN of a backend may proxyauth incorrectly to another backend, violating multi-tenant isolation. * patch: 0202-ITS-9038-restrict-rootDN-proxyauthz-to-its-own-DBs.patch * patch: 0203-ITS-9038-Update-test028-to-test-this-is-enforced.patch * patch: 0204-ITS-9038-Another-test028-typo.patch- bsc#1111388 - incorrect post script call causes tmpfiles create not to be run.- bsc#1114845 - broken shebang line in openldap_update_modules_path.sh - fix the script- Emergency fix: move tmpfiles_create post from the library package to the main package's post script, which ships the tmpfiles.d configuration. Fixes the post script of the library (-p /sbin/ldconfig does not allow more statements in the script). - bsc#1111388 openldap and /var/lib/ldap/DB_CONFIG* (transactional-update) * source: openldap2.conf - Added a patch to let slapd return the uniqueness check filter used before constraint violation to the client. Fixed broken memory handling in affecting error response of slapo-unique ITS#8866 slapo-unique to return filter used in diagnostic message * patch: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch - Don't require systemd explicit, spec file can handle both cases correct and in containers we don't have systemd.- Fix CVE-2017-17740: when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack * patch: 0017-Fix-segfault-in-nops.patch (bsc#1073313)- Fix slapd segfaults in mdb_env_reader_dest with patch 0016-Clear-shared-key-only-in-close-function.patch (bsc#1089640)- bsc#1085064 Packaging issues have been discovered around the openldap_update_modules_path.sh which has been corrected: - the spec file was wrongly configured, therefore the script has never been called - the script should create the symlinks first, as slapcat is useless on a system which is already affected.- bsc#1085064 Add script "openldap_update_modules_path.sh" which which removes the configuration item olcModulePath in cn=config which is after upgrade from SLE12 to SLE15 holds inappropriate information. If the cn=config is being used on a system, the conflicting items in slapd.conf are ignored, despite of it, the backend DB configuration section has been also commented out in the default slapd.conf. In case of correct cn=config (the olcModulePath has been already removed), the script stops without touching anything.- Upgrade to upstream 2.4.46 release - removed obsolete back-port patches: * 0013-ITS-8692-let-back-sock-generate-increment-line.patch * 0016-ITS-8782-fix-cancel-memleak.patch OpenLDAP 2.4.46 Release (2018/03/22) Fixed libldap connection delete callbacks when TLS fails to start (ITS#8717) Fixed libldap to not reuse tls_session if TLS hostname check fails (ITS#7373) Fixed libldap cross-compiling with OpenSSL 1.1 (ITS#8687) Fixed libldap OpenSSL 1.1.1 compatibility with BIO_method (ITS#8791) Fixed libldap MozNSS CA certificate hash matching (ITS#7374) Fixed libldap MozNSS with PEM certs when also using an NSS cert db (ITS#7389) Fixed libldap MozNSS initialization (ITS#8484) Fixed libldap GnuTLS with GNUTLS_E_AGAIN (ITS#8650) Fixed libldap memory leak with cancel operations (ITS#8782) Fixed slapd Eventlog registry key creation on 64-bit Windows (ITS#8705) Fixed slapd to maintain SSF across SASL binds (ITS#8796) Fixed slapd syncrepl deadlock when updating cookie (ITS#8752) Fixed slapd syncrepl callback to always be last in the stack (ITS#8752) Fixed slapd telephoneNumberNormalize when the value is spaces and hyphens (ITS#8778) Fixed slapd CSN queue processing (ITS#8801) Fixed slapd-ldap TLS connection timeout with high latency connections (ITS#8720) Fixed slapd-ldap to ignore unknown schema when omit-unknown-schema is set (ITS#7520) Fixed slapd-mdb with an optimization for long lived read transactions (ITS#8226) Fixed slapd-meta assert when olcDbRewrite is modified (ITS#8404) Fixed slapd-sock with LDAP_MOD_INCREMENT operations (ITS#8692) Fixed slapo-accesslog cleanup to only occur on failed operations (ITS#8752) Fixed slapo-dds entryTTL to actually decrease as per RFC 2589 (ITS#7100) Fixed slapo-syncprov memory leak with delete operations (ITS#8690) Fixed slapo-syncprov to not clear pending operation when checkpointing (ITS#8444) Fixed slapo-syncprov to correctly record contextCSN values in the accesslog (ITS#8100) Fixed slapo-syncprov not to log checkpoints to accesslog db (ITS#8607) Fixed slapo-syncprov to process changes from this SID on REFRESH (ITS#8800) Fixed slapo-syncprov session log parsing to not block other operations (ITS#8486) Build Environment Fixed Windows build with newer MINGW version (ITS#8697) Fixed compiler warnings and removed unused variables (ITS#8578) Contrib Fixed ldapc++ Control structure (ITS#8583) Documentation Delete stub manpage for back-ldbm (ITS#8713) Fixed ldap_bind(3) to mention the LDAP_SASL_SIMPLE mechanism (ITS#8121) Fixed ldap.conf(5) to note SASL_MECH/SASL_REALM are no longer user-only (ITS#8818) Fixed slapd-config(5) typo for olcTLSCipherSuite (ITS#8715) Fixed slapo-syncprov(5) indexing requirements (ITS#5048)- Use %license (boo#1082318)- added 0016-ITS-8782-fix-cancel-memleak.patch- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Add openldap-r-only.dif so that openldap2's own tools also link against libldap_r rather than libldap. - Make libldap equivalent to libldap_r (like Debian) to avoid crashes in threaded programs which unknowingly get both libraries inserted into their process image. [rh#1370065, boo#996551]- use existing groups instead of inventing new ones- added 0012-ITS8051-sockdnpat.patch- updated 0014-ITS-8714-Send-out-EXTENDED-operation-message-from-back-sock.patch- Added OpenLDAP new feature implementing OpenLDAP ITS#8714 0014-ITS-8714-Send-out-EXTENDED-operation-message-from-back-sock.patch- added overlay trace to package openldap2-contrib- Upgrade to upstream 2.4.45 release - removed obsolete 0010-Enforce-minimum-DH-size-of-1024.patch and 0012-use-system-wide-cert-dir-by-default.patch - added 0013-ITS-8692-let-back-sock-generate-increment-line.patch for supporting modify increment operations with back-sock - added overlay addpartial to package openldap2-contrib- Remove legacy daemon control that was used to migrate from SLE 11 to 12. (bsc#1038405)- There is no change made about the package itself, this is only copying over some changelog texts from SLE package: - bug#976172 owned by hguo@suse.com: openldap2 - missing /usr/share/doc/packages/openldap2/guide/admin/guide.html - bug#916914 owned by varkoly@suse.com: VUL-0: CVE-2015-1546: openldap2: slapd crash in valueReturnFilter cleanup - [fate#319300](https://fate.suse.com/319300) - [CVE-2015-1545](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545) - bug#905959 owned by hguo@suse.com: L3-Question: Are multiple "Connection 0" in a Multi Master setup normal ? - [CVE-2015-1546](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546) - bug#916897 owned by varkoly@suse.com: VUL-0: CVE-2015-1545: openldap2: slapd crashes on search with deref control and empty attr list- Drop binutils requirement; the code using /usr/bin/strings has been dropped in openSUSE:Factory/openldap2 revision 112.- Remove superfluous insserv PreReq.- Introduce patch 0012-use-system-wide-cert-dir-by-default.patch to let OpenLDAP read system wide certificate directory by default and avoid hiding the error if user specified CA location cannot be read (bsc#1009470).- Add more details in the comments of slapd.conf concerning file permission and StartTLS capability.- Test for user/group existence before trying to add them. Summary spello update.- Move schema files into tarball addonschema.tar.gz: ldapns.ldif ldapns.schema rfc2307bis.ldif rfc2307bis.schema yast.ldif yast.schema - Package previously missing schema files in LDIF format: amavisd-new.ldif dhcp.ldif dlz.ldif dnszone.ldif samba3.ldif sudo.ldif suse-mailserver.ldif (bsc#984691) - Fix a minor issue in schema2ldif script that led to missing attribute in the generated LDIF.- Enable build flag LDAP_USE_NON_BLOCKING_TLS to fix bsc#978408.- Move ldap.conf into libldap-data package, per convention.- Move ldap.conf out of shlib package again, they are not allowed there for obvious reasons (conflict with future package).- Build password strength enforcer as an implementation of ppolicy password checker, introducing: ppolicy-check-password-1.2.tar.gz ppolicy-check-password.Makefile ppolicy-check-password.conf ppolicy-check-password.5 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch (Implements fate#319461)- Remove redundant -n openldap2- package name prefix.- Remove openldap2-client.spec and openldap2-client.changes openldap2.spec now builds client utilities and libraries. Thus pre_checkin.sh is removed. - Move ldap.conf and its manual page from openldap2-client package to libldap-2_4-2 package, which is more appropriate. - Use RPM_OPT_FLAGS in build flags. - Macros dealing with old/unsupported distributions are removed. - Remove 0002-slapd.conf.dif and install improved slapd.conf from new source file slapd.conf. - Install slapd.conf.olctemplate to assist in preparing slapd.d for OLC. - Be explicit in sysconfig that by default openldap will use static file configuration. - Add the following schemas in LDIF format: * rfc2307bis.ldif * ldapns.ldif * yast.ldif - Other minor clean-ups in the spec file.- Use optflags when building- Upgrade to upstream 2.4.44 release with accumulated bug fixes. - Specify source with FTP URL - Removed obsolete 0012-openldap-re24-its8336.patch- Relabel patch 0011-Enforce-minimum-DH-size-of-1024.patch into 0010-Enforce-minimum-DH-size-of-1024.patch- Upgrade to upstream 2.4.43 release with accumulated bug fixes. - Still build on SLES12 - Loadable backend and overlay modules are now installed into arch-specific path %{_libdir}/openldap - All backends and overlays as modules for smaller memory footprint on memory constrained systems - Added extra package for back-sock - Consequent use of %{_rundir} everywhere - Rely on upstream ./configure script instead of any other macro foo - Dropped linking with libwrap - Dropped 0004-libldap-use-gethostbyname_r.dif because this work-around for nss_ldap is obsolete - New sub-package openldap2-contrib with selected contrib/ overlays - Replaced addonschema.tar.gz with separate schema sources - Updated ldapns.schema from recent slapo-nssov source tree - Added symbolic link to slapd executable in /usr/sbin/ - Added more complex example configuration file /etc/openldap/slapd.conf.example - Set OPENLDAP_START_LDAPI="yes" in /etc/sysconfig/openldap - Set OPENLDAP_REGISTER_SLP="no" in /etc/sysconfig/openldap - Added patch for OpenLDAP ITS#7796 to avoid excessive "not index" logging: 0011-openldap-re24-its7796.patch - Replaced openldap-rc.tgz with single source files - Added soft dependency (Recommends) to cyrus-sasl - Added soft dependency (Recommends) to cyrus-sasl-devel to openldap2-devel - Added patch for OpenLDAP ITS#8336 (assert in liblmdb): 0012-openldap-re24-its8336.patch - Remove obsolete patch 0001-build-adjustments.dif- Introduce patch 0010-Revert-Revert-ITS-8240-remove-obsolete-assert.patch to fix CVE-2015-6908. (bsc#945582) - Introduce patch 0011-Enforce-minimum-DH-size-of-1024.patch to address weak DH size vulnerability (bsc#937766)- Introduce patch 0009-Fix-ldap-host-lookup-ipv6.patch to fix an issue with unresponsive LDAP host lookups in IPv6 environment. (bsc#955210)- Remove OpenLDAP 2.3 code and patches from build source. Compatibility libraries for OpenLDAP 2.3 are built in package: compat-libldap-2_3-0 Removed source files: openldap-2.3.37-liblber-length-decoding.dif openldap-2.3.37-libldap-ntlm.diff openldap-2.3.37-libldap-ssl.dif openldap-2.3.37-libldap-sasl-max-buff-size.dif openldap-2.3.37-libldap-tls_chkhost-its6239.dif openldap-2.3.37-libldap-gethostbyname_r.dif openldap-2.3.37-libldap-suid.diff openldap-2.3.37.dif openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif openldap-2.3.37-libldap-ldapi_url.dif openldap-2.3.37.tgz openldap-2.3.37-libldap-utf8-ADcanonical.dif README.update check-build.sh- Upgrade to upstream 2.4.42 release with accumulated bug fixes.- Upgrade to upstream 2.4.41 release with accumulcated bug fixes and stability improvements. * Add patch 0008-In-monitor-backend-do-not-return-Connection0-entries.patch * Remove already applied patch 0008-ITS-7723-fix-reference-counting.patch * Remove already applied patch 0009-gcc5.patch (Implements fate#319301)- Add 0009-gcc5.patch to pass -P to the preprocessor in configure checks for Berkeley DB version- binutils is required for "strings" utility invocation in %pre [bnc#904028] - Remove SLE10 definitionssheep71 1658375091  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~2.4.46-150200.14.11.22.4.46-150200.14.11.2lber.hlber_types.hldap.hldap_cdefs.hldap_features.hldap_schema.hldap_utf8.hldif.hslapi-plugin.hliblber.solibldap.solibldap_r.sober_alloc_t.3.gzber_bvarray_add.3.gzber_bvarray_free.3.gzber_bvdup.3.gzber_bvecadd.3.gzber_bvecfree.3.gzber_bvfree.3.gzber_bvstr.3.gzber_bvstrdup.3.gzber_dupbv.3.gzber_first_element.3.gzber_flush.3.gzber_free.3.gzber_get_bitstring.3.gzber_get_boolean.3.gzber_get_enum.3.gzber_get_int.3.gzber_get_next.3.gzber_get_null.3.gzber_get_stringa.3.gzber_get_stringb.3.gzber_next_element.3.gzber_peek_tag.3.gzber_printf.3.gzber_put_enum.3.gzber_put_int.3.gzber_put_null.3.gzber_put_ostring.3.gzber_put_seq.3.gzber_put_set.3.gzber_put_string.3.gzber_scanf.3.gzber_skip_tag.3.gzber_start_set.3.gzber_str2bv.3.gzlber-decode.3.gzlber-encode.3.gzlber-memory.3.gzlber-sockbuf.3.gzlber-types.3.gzld_errno.3.gzldap.3.gzldap_abandon.3.gzldap_abandon_ext.3.gzldap_add.3.gzldap_add_ext.3.gzldap_add_ext_s.3.gzldap_add_s.3.gzldap_attributetype2name.3.gzldap_attributetype2str.3.gzldap_attributetype_free.3.gzldap_bind.3.gzldap_bind_s.3.gzldap_compare.3.gzldap_compare_ext.3.gzldap_compare_ext_s.3.gzldap_compare_s.3.gzldap_control_create.3.gzldap_control_dup.3.gzldap_control_find.3.gzldap_control_free.3.gzldap_controls.3.gzldap_controls_dup.3.gzldap_controls_free.3.gzldap_count_entries.3.gzldap_count_messages.3.gzldap_count_references.3.gzldap_count_values.3.gzldap_count_values_len.3.gzldap_dcedn2dn.3.gzldap_delete.3.gzldap_delete_ext.3.gzldap_delete_ext_s.3.gzldap_delete_s.3.gzldap_destroy.3.gzldap_dn2ad_canonical.3.gzldap_dn2dcedn.3.gzldap_dn2str.3.gzldap_dn2ufn.3.gzldap_dnfree.3.gzldap_dup.3.gzldap_err2string.3.gzldap_errlist.3.gzldap_error.3.gzldap_explode_dn.3.gzldap_explode_rdn.3.gzldap_extended_operation.3.gzldap_extended_operation_s.3.gzldap_first_attribute.3.gzldap_first_entry.3.gzldap_first_message.3.gzldap_first_reference.3.gzldap_free_urldesc.3.gzldap_get_dn.3.gzldap_get_option.3.gzldap_get_values.3.gzldap_get_values_len.3.gzldap_init.3.gzldap_init_fd.3.gzldap_initialize.3.gzldap_install_tls.3.gzldap_is_ldap_url.3.gzldap_matchingrule2name.3.gzldap_matchingrule2str.3.gzldap_matchingrule_free.3.gzldap_memalloc.3.gzldap_memcalloc.3.gzldap_memfree.3.gzldap_memory.3.gzldap_memrealloc.3.gzldap_memvfree.3.gzldap_modify.3.gzldap_modify_ext.3.gzldap_modify_ext_s.3.gzldap_modify_s.3.gzldap_modrdn.3.gzldap_modrdn2.3.gzldap_modrdn2_s.3.gzldap_modrdn_s.3.gzldap_mods_free.3.gzldap_msgfree.3.gzldap_msgid.3.gzldap_msgtype.3.gzldap_next_attribute.3.gzldap_next_entry.3.gzldap_next_message.3.gzldap_next_reference.3.gzldap_objectclass2name.3.gzldap_objectclass2str.3.gzldap_objectclass_free.3.gzldap_open.3.gzldap_parse_extended_result.3.gzldap_parse_reference.3.gzldap_parse_result.3.gzldap_parse_sasl_bind_result.3.gzldap_parse_sort_control.3.gzldap_parse_vlv_control.3.gzldap_perror.3.gzldap_rename.3.gzldap_rename_s.3.gzldap_result.3.gzldap_result2error.3.gzldap_sasl_bind.3.gzldap_sasl_bind_s.3.gzldap_schema.3.gzldap_scherr2str.3.gzldap_search.3.gzldap_search_ext.3.gzldap_search_ext_s.3.gzldap_search_s.3.gzldap_search_st.3.gzldap_set_option.3.gzldap_set_rebind_proc.3.gzldap_set_urllist_proc.3.gzldap_simple_bind.3.gzldap_simple_bind_s.3.gzldap_sort.3.gzldap_sort_entries.3.gzldap_sort_strcasecmp.3.gzldap_sort_values.3.gzldap_start_tls.3.gzldap_start_tls_s.3.gzldap_str2attributetype.3.gzldap_str2dn.3.gzldap_str2matchingrule.3.gzldap_str2objectclass.3.gzldap_str2syntax.3.gzldap_strdup.3.gzldap_sync.3.gzldap_syntax2name.3.gzldap_syntax2str.3.gzldap_syntax_free.3.gzldap_tls.3.gzldap_tls_inplace.3.gzldap_unbind.3.gzldap_unbind_ext.3.gzldap_unbind_ext_s.3.gzldap_unbind_s.3.gzldap_url.3.gzldap_url_parse.3.gzldap_value_free.3.gzldap_value_free_len.3.gz/usr/include//usr/lib64//usr/share/man/man3/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:24987/SUSE_SLE-15-SP2_Update/343a9c43b17f3fdc042a8f3ea98c7d12-openldap2.SUSE_SLE-15-SP2_Updatedrpmxz5x86_64-suse-linuxC source, ASCII texttroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)C source, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)C source, ASCII text (gzip compressed data, max compression, from Unix)*@+w`ӛccyrus-sasl-develutf-8ff10e217d7bd6e8605ff7aaad2614a54d9b4145ceacb8fbff8d783d6def5d940?7zXZ !t/*]"k%{\.:!wY :~)B55e>CHJkZ+$8+BYhwb$9#ۢ(;kuob-YB^3G8aҁ_}| x'F~0OhaH_syY)/^N?VXMJhZg>QG1Njڻ] |i ;C3S~ph{U鵕hHMË* oVj08I%hPǬ.Mh(ڜ2a>!M4%;Ãy!KéQKujP-]G ]ϧH^zAOL Fj~mDˏ}{u45j.@%:T|T LtA~F{-؀m%+tq~G"1}؏~ԑ![zEg\¬y=*035VeG5cL 2_xWJ?/M@'Y/ڇ J@b2}\9eS0__ C=8ϓ8$i% 0^z{hp7t!$"#Mi KޖhŵcuoZh2l@.Ck>aΪ *CgkK_4JnO$+Uji(W!4mG's7h lيMGYL^YQ<m;'xO,<>9-K CwUVa clӟi喰BcBW;_~D/8%^gt40Ԛՠ9jH! }x)jψnQTwPDb((TOCO~ e%NQ'W&R"(*ylqCXǽc<ĚZ%[hzg09+h$‡Z rA>8ɭfKzi_*?1+d=,Alro۝)qoUO PZ /gЯܾ\1MޑRS8<#N)h:sIZ-_c9I=ӟ dcoāE1V())vq,O'aG-EW2XsAN/ˌ lb'te"FĬ纸J ex0 M*Ϟ6(J!u;TT.N?e, |O4}jHt ,$ƄJ'J֞Ԛ[ʲx|h3R^>W/+/<]@^ZHv{L%aC9y9πP=dHByXliChEMԐ}]ka[Kd-=B 0’8=xfjj p+$+msvtimpKm8Q^׺gK\XgTKW2yxnnD9`d/r$4, B5컹,r2K1E%G|1&`ɤa6Yo$}\.>iCҺydiTQ+[v M֪U"d B(pd)oU](-6{1e{ Z^ XL@8'S:@t}bB6Bۗ Jŕ UKzi2ڲۑ 0Mc%QNQOZʀB6}ҙh'2iwT"ZWy{&+9ί/YYށ.^Hla{?myA [W"7ژ>?vQ٩.{byI`ɝVLnU*?u~sgkrh[4"6gP3 poo|zA"^&^協wC҄-*(+sy5x\[ɗ-3G0ICo!j3>$ &E#7q>3po:mH3T*15pG Æromܧ+F~gxi>:yZ9W,pskLd [X#gƚb~$zҞ{ݕ}Q)(=zQ?X]{g 2 -ŅTl57c&KX#7YwdIp Ys~KDҎΦL圦T\|+W͗i E?&% pxx*7L"UW3@MYZ"Il{G׀em8nZbus U)J÷*@.4C_`N-.̄O[ ‹53κ2j"ƮQr ܯJHE'}}C>= l, `?〧37 ]Wuz4IE5o ̣2P˕W}&.=v`gK }MEqjh7XQYl9jA|t*nQcmKD!'A^JKE ؜;&Dp,zqTEpVqNKFgV^6vwkܕe=z7íXpj3yr֙ZS t.Mo~ ϾaY=LZmWurwGr/Ɇb0WKύiKO-&$Sqnn^۱R'2Q9ڿ@$@z48[8-E\9>|vk0xZYa P85l%~_uS_z1/bD$M)c%^hL@ opwE@ҫ~TJVkls7A@rJ2!Kvׯh `Bя<~n^6_QfOPWlUG.0|-d)獴56p^NGM3˟URFهƮbUhz{A*MMߔ: vfr|br( \GUg7'um\!-Xo{ H}=i@FM3@Rܥo66mP.c"Q )yGGտRV AZ,/&"/Uf .{i<&*G{P:C W~AʬѩSl1muP3/Yߟ,CbGM7K⳹_.BOy}bhR>dFywN9A|uq)^"jgx5'νQLYc=k֦kG45TFSR<RcWAMڊ݉+NFz;*h櫻u90X> nIzYO4^e/=$~3-šUʡjNnw^8SV._Yyy;0#Űd+\qy_޼9\FqЧ)=ֲ;a+ֻὥ0\ 5,;u(+QMN.j@(QE=tGJf)< (=HMWb2)|$/;EM #B(eV?P0f"4.hpvдo>3hyHͮd|϶UDlbљJIfnFb;@-Ǻ B G e[71vG&(Y`xGBFq6p-|E|neڪy6t q_fdF~FZWaݤ%eԑz?D YGЍI}K3|vΥi*20S&-4wFY,V$kͅ3w4ةl~[Gpfj-xxJMJ7u˞ug?+/!S&Z5{D聁E]EXNx::Ͷm7}}]%q6BvFh b,g&HM9cP(/f> Dg 9f=7 I5uށ{tZo-uK*B:C RBF>:)ET~Q37%T5[)'L5g}6}Fp{mi:VFv ,;]"P꫙m>ڐJ%(lV3Xg%fO8[<} JGkzN ;R^^ҧUjhM"y? kkKwn Dť ~FuH|2Oq3@BpcJ+[|%hN) HqKY~V@J /&j3S>lvsuK(#|TU#XaB !!7d'A~Oa}o1+ '(O$@&^$tq8yp8$~!d&`u9V8xwz a}4WTr5hi)VtҷBGQ8S-<EÑ%/?:fUF>60NC! ]-`1Bū>'R%GIO qC*.-bbI>q"ݙK[\|DpYיbɒQm"017l~͏140;&D6 DPt1}j'N' lB~LNLqب3Ftb)VZM5wbԛzid5*Sxޘ =@y74U6s YZ