| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: ldb-tools | Distribution: SUSE Linux Enterprise 15 |
| Version: 2.6.2 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 150500.1.1 | Build date: Wed May 10 16:52:22 2023 |
| Group: Development/Libraries/C and C++ | Build host: sheep16 |
| Size: 101758 | Source RPM: ldb-2.6.2-150500.1.1.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://ldb.samba.org/ | |
| Summary: Tools to manipulate LDB files | |
Tools to manipulate LDB files.
LGPL-3.0-or-later
* Wed May 03 2023 nopower@suse.com
- Update to version 2.6.2
+ CVE-2023-0614: Not-secret but access controlled LDAP attributes
can be discovered; (bso#15270); (bsc#1209485).
* Fri Dec 09 2022 nopower@suse.com
- Update to version 2.6.1
+ CVE-2022-32746 Use-after-free occurring in database audit
logging module; (bso#15009); (bsc#1201490);
- Update to version 2.6.0
+ ldb: bump version to 2.6.0 for Samba 4.17.x releases
- Drop obsolete patch ldb-memory-bug-15096-4.15-ldbonly.patch
- Update to version 2.5.2;
+ CVE-2022-32746: Use-after-free occurring in database audit
logging module; (bso#15009); (bsc#1201490);
- Update to version 2.5.1
+ Fix build problems; (bso#15071);
- Update to version 2.5.0
+ No code changes, just bump version for samba 4.16.0 release
* Fri Jul 15 2022 nopower@suse.com
- Add ldb-memory-bug-15096-4.15-ldbonly.patch to backport all
changes for ldb-2.4.4.
+ CVE-2022-32745: samba: ldb: AD users can crash the server
process with an LDAP add or modify request; (bso#15008);
(bso#15096); (bsc#1201492).
+ CVE-2022-2031: samba, ldb: AD users can bypass certain
restrictions associated with changing passwords; (bso#15047);
(bsc#1201495);
+ CVE-2022-32744: samba, ldb: AD users can forge password change
requests for any user; (bso#15074); (bso#15047); (bsc#1201493).
* Fri Jul 08 2022 scabrero@suse.de
- Update to version 2.4.3
+ Fix build problems, waf produces incorrect names for python
extensions; (bso#15071);
* Wed Apr 06 2022 scabrero@suse.de
- Update to version 2.4.2
+ Fix for CVE-2021-3670, ensure that the LDB request has not
timed out during filter processing as the LDAP server
MaxQueryDuration is otherwise not honoured.
* Tue Jan 11 2022 scabrero@suse.de
- Modify packaging to allow parallel installation with libldb1
(bsc#1192684):
+ Private libraries are installed in %{_libdir}/ldb2/
+ Modules are installed in %{_libdir}/ldb2/modules
* Wed Nov 10 2021 scabrero@suse.de
- Update to version 2.4.1
+ Corrected python behaviour for 'in' for LDAP attributes
contained as part of ldb.Message; (bso#14845);
+ Fix memory handling in ldb.msg_diff; (bso#14836);
+ Corrected python docstrings
* Fri Sep 17 2021 scabrero@suse.de
- Update to version 2.4.0
+ Improve calculate_popt_array_length()
+ Use C99 initializers for builtin_popt_options[]
+ pyldb: Fix Message.items() for a message containing elements
+ pyldb: Add test for Message.items()
+ tests: Use ldbsearch '--scope instead of '-s'
+ pyldb: fix a typo
+ Change page size of guidindexpackv1.ldb
+ Use a 1MiB lmdb so the test also passes on aarch64 CentOS stream
+ attrib_handler casefold: simplify space dropping
+ fix ldb_comparison_fold off-by-one overrun
+ CVE-2020-27840: pytests: move Dn.validate test to ldb
+ CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode
+ CVE-2021-20277 ldb/attrib_handlers casefold: stay in bounds
+ CVE-2021-20277 ldb tests: ldb_match tests with extra spaces
+ improve comments for ldb_module_connect_backend()
+ test/ldb_tdb: correct introductory comments
+ ldb.h: remove undefined async_ctx function signatures
+ correct comments in attrib_handers val_to_int64
+ dn tests use cmocka print functions
+ ldb_match: remove redundant check
+ add tests for ldb_wildcard_compare
+ ldb_match: trailing chunk must match end of string
+ pyldb: catch potential overflow error in py_timestring
+ ldb: remove some 'if PY3's in tests
+ Add missing break in switch statement
* Wed Mar 31 2021 scabrero@suse.de
- Update to ldb 2.3.0
* Wed Mar 24 2021 nopower@suse.com
- Release ldb 2.2.1
+ CVE-2020-27840: samba: Unauthenticated remote heap corruption
via bad DNs; (bso#14595); (bsc#1183572).
+ CVE-2021-20277: samba: out of bounds read in ldb_handler_fold;
(bso#14655); (bsc#1183574).
* Mon Oct 12 2020 dimstar@opensuse.org
- Remove old if suse_version != 1110 || arch != i386 construct:
unlikely the current package ever builds for 1110 && 386.
* Fri Sep 11 2020 ddiss@suse.com
- Release ldb 2.2.0
+ Fix memory leak in ldb_kv_index_dn_ordered(); (bso#14299)
+ Fix off-by-one increment in lldb_add_msg_attr; (bso#14413)
* Fri Jul 03 2020 nopower@suse.com
- Release ldb 2.1.4
+ CVE-2020-10730: NULL de-reference in AD DC LDAP server when
ASQ and VLV combined; (bso#14364); (bsc#1173159)
* Wed May 20 2020 david.mulder@suse.com
ldb: Bump version to 2.1.3; (bso#14330)
* Tue Apr 28 2020 nopower@suse.com
- Release ldb 2.1.2
+ CVE-2020-10700: ldb: Always use ldb_next_request() in
ASQ module; ;(bso#14331); (bsc#1169850).
* Fri Mar 06 2020 nopower@suse.com
- Release ldb 2.1.1
+ Samba 4.11 and later give incorrect results for SCOPE_ONE
searches; (bso#14270).
* Wed Jan 22 2020 david.mulder@suse.com
ldb: Release ldb 2.0.8
+ Upgrade waf to version 2.0.18 to match the rest of Samba 4.11.x
(bso#13846)
* Fri Jan 17 2020 dmulder@suse.com
- libldb1 fails to migrate to libldb2 when libldb2 version is less
than libldb1 version; (bsc#1160341)
* Thu Dec 19 2019 nopower@suse.com
- Add obsolete ldb1 directive to baselibs.conf
* Thu Oct 03 2019 jmcdonough@suse.com
- Update to version 2.0.7
+ Robustness improvements against duplicate attributes in ldb_filter_attrs()
(bso#13695)
+ Robustness improvements against invalid string DN values (bso#14049)
+ log database repack so users know what is happening (bso#14059)
+ add ldb_options_get
+ add "batch_mode" option.
+ Remove Python 2.x support except to build just the bare C library
+ Remove --extra-python (a build time mode to produce Python2 and Python3
bindings at the same time)
+ Fix standalone build of ldb.
+ CVE-2019-3824 out of bounds read in wildcard compare (bso#13773)
* Thu Aug 01 2019 scabrero@suse.de
- Update to 1.5.5
+ LDAP_REFERRAL_SCHEME_OPAQUE was added to ldb_module.h; (bso#12478);
+ Skip @ records early in a search full scan; (bso#13893);
* Tue Mar 05 2019 dmulder@suse.com
- Update to 1.5.4
+ Fix standalone build of ldb.
+ C99 build fixes.
+ CVE-2019-3824 out of bounds read in wildcard compare (bug#13773)
- Update to 1.5.3
+ Avoid inefficient one-level searches (bug#13762)
+ The test api.py should not rely on order of entries in dict (bug#13772)
* Wed Feb 06 2019 dmulder@suse.com
- Update to 1.5.2
+ dirsync: Allow arbitrary length cookies (bug #13686)
+ The build uses python3 by default: --extra-python would take
python2 now
+ To build with python2 only use:
PYTHON=python2 ./configure
PYTHON=python2 make
PYTHON=python2 make install
* Mon Nov 12 2018 scabrero@suse.de
- Update to 1.4.3
+ Python: Ensure ldb.Dn can accept utf8 encoded unicode (bug 13616)
* Tue Sep 25 2018 scabrero@suse.de
- Update license to LGPL-3.0
* Fri Aug 17 2018 dmulder@suse.com
- Update to 1.4.2
+ Security fix for CVE-2018-1140 (NULL pointer de-reference, bug 13374)
+ Fix memory leaks and missing error checks (bug 13459, 13471, 13475)
- 1.4.1
+ add some missing return value checks
+ Fix several mem leaks in ldb_index ldb_search ldb_tdb (bug#13475)
+ ldb_tdb: Use mem_ctx and so avoid leak onto long-term memory
on duplicated add. (bug#13471)
+ ldb: Fix memory leak on module context (bug#13459)
+ Refused build of Samba 4.8 with ldb 1.4 (bug #13519)
+ Prevent similar issues in the future at configure time (bug #13519)
- 1.4.0
+ New LMDB backend (experimental)
+ Comprehensive tests for index behaviour
+ Enforce transactions for writes
+ Enforce read lock use for all reads
+ Fix memory leak in paged_results module.
We hold at most 10 outstanding paged result cookies
(bug #13362)
+ Fix compiler warnings
+ Python3 improvements
+ Restore --disable-python build
+ Fix for performance regression on one-level searches
(bug #13448)
+ Samba's subtree_rename could fail to rename some entries
(bug #13452)
* Wed Aug 15 2018 dmulder@suse.com
- Add fix_ldb_mod_op_test.patch: Fix missing NULL terminator in
ldb_mod_op_test testsuite
* Tue Aug 14 2018 dmulder@suse.com
- Update to 1.3.5
+ Security fix for CVE-2018-1140 (NULL pointer de-reference,
bug #13374).
- 1.3.4
+ Fix memory leaks and missing error checks (bug #13459, #13471,
[#13475]).
+ Fix fallback to full scan (performance regression) on
one-level search (bug #13448).
+ Fix read corruption (missing results) during writes,
particularly during a Samba subtree rename (bug #13452).
* Wed May 23 2018 jmcdonough@suse.com
- Update to 1.3.3
+ Fix failure to upgrade to the GUID index DB format; (bso#13306).
* Fri Mar 16 2018 jmcdonough@suse.com
- Update to 1.3.2;
+ Expose the SHOW_BINARY, ENABLE_TRACING and DONT_CREATE_DB flag
constants in the python api.
+ Don't load LDB_MODULESDIR as a module file.
+ Fix binary data in debug log (bug #13185).
+ Intersect the index from SCOPE_ONELEVEL with the index for the
search expression (bso#13191)
+ GUID Index support.
* Fri Feb 09 2018 scabrero@suse.com
- Update to 1.2.3; (bsc#1080545);
+ Performance regression in DNS server with introduction of DNS wildcard;
(bso#13191);
* Mon Oct 02 2017 jengelh@inai.de
- Remove %if guards for blocks that do not affect the build result.
Fix RPM groups and summaries.
Drop very old SUSE support. Replace old RPM macros by new
constructs.
* Mon Sep 18 2017 scabrero@suse.com
- Update to 1.2.2
+ Bug #13017: Add ldb_ldif_message_redacted_string() to allow debug
of redacted log messages, avoiding showing secret values
+ Bug #13015: Allow re-index of newer databases with binary GUID TDB keys
(this officially removes support for re-index of the original
pack format 0, rather than simply segfaulting).
+ Avoid memory allocation and so make modify of records in ldb_tdb faster
* Wed Jul 26 2017 scabrero@suse.com
- Update to 1.2.1
+ Bug #12882: Do not install _ldb_text.py if we have system libldb
+ Use libraries from build dir for testsuite
+ Bug #12900: Fix index out of bound in ldb_msg_find_common_values
* Wed Jul 05 2017 scabrero@suse.com
- Update to 1.2.0
+ handle one more LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK
case in ldb_tdb
+ fix ldb_tdb locking (performance) problems
+ fix ldb_tdb search inconsistencies by adding
read_[un]lock() hooks to the module stack
(bug #12858)
+ add cmocka based tests for the locking issues
+ ldb_version.h provides LDB_VERSION_{MAJOR,MINOR,RELEASE} defines
+ protect ldb_modules.h from being used by Samba < 4.7
Note: that this release (as well as 1.1.30 and 1.1.31)
may cause problems for older applications, e.g. Samba
See https://bugzilla.samba.org/show_bug.cgi?id=12859
* Mon Jul 03 2017 scabrero@suse.com
- Update to 1.1.31
+ let ldbdump parse the -i option
+ don't allow the reveal_internals control for ldbedit
+ only allow --show-binary for ldbsearch
+ don't let ldbsearch create non-existing files
+ fix ldb_tdb search inconsistencies
+ add cmocka based tests
+ provide an interface for improved indexing for callers
like Samba, which will allow much better performance.
+ Makes ldb access to tdb:// databases use a private event context
rather than the global event context passed in by the caller.
This is because running other operations while locks are held
or a search is being conducted is not safe.
+ Add efficient function to find duplicate values in ldb messages
(this makes large multi-valued attributes in ldb_tdb more efficient)
- Add ldb-tests-do-not-override-lib-path.patch: Check if LD_LIBRARY_PATH
and LDB_MODULES_PATH environment variables are set before overriding
them.
* Tue Jan 24 2017 ddiss@suse.com
- Update to 1.1.29; (bsc#1032915).
+ add support for LDB_CONTROL_RECALCULATE_RDN_OID on ldb_modify()
+ Performance and memory consumption improvements
* Wed Sep 14 2016 jmcdonough@suse.com
- Update to 1.1.27
+ performance improvements
+ VLV control improvements
* Tue Mar 15 2016 lmuelle@suse.com
- Require talloc 2.1.6 at build-time; (bsc#954658).
* Tue Mar 08 2016 dimstar@opensuse.org
- Add ldb-python3.5-fix-soabi_name.patch: Do not change x86_64 to
x86-64 when building with python 3.5.
* Sun Feb 21 2016 lmuelle@suse.com
- Avoid a file collision for non SUSE build targets; (bsc#966174).
* Wed Feb 17 2016 lmuelle@suse.com
- Update to 1.1.26; (bsc#954658).
+ let a timeout of -1 indicate no timeout for a given request
+ fix memory leaks in pyldb ldb.search()
+ build fixes
+ improve pyldb ldb.search() help message
+ add pyldb ldb.search_iterator() api
+ add LDB_ATTR_FLAG_FORCE_BASE64_LDIF as optional argument
to ldb_schema_attribute_add()
+ add client support for LDB_CONTROL_DIRSYNC_EX
* Fri Feb 12 2016 lmuelle@suse.com
- Provide python-ldb and python-ldb-devel; (bsc#966523).
* Wed Jan 27 2016 lmuelle@suse.com
- Update to 1.1.25; (bsc#954658).
+ torture: test ldb_unpack_data_only_attr_list
+ increment version due to added ldb_unpack_data_only_attr_list
+ introduce ldb_unpack_data_withlist to unpack partial list of attributes
* Thu Dec 10 2015 lmuelle@suse.com
- Update to 1.1.24.
+ fix LDAP \00 search expression attack DoS; CVE-2015-3223; (bso#11325)
+ fix remote read memory exploit in LDB; CVE-2015-5330; (bso#11599)
+ move ldb_(un)pack_data into ldb_module.h for testing
+ fix installation of _ldb_text.py
+ fix propagation of LDB errors through TDB
+ fix bug triggered by having an empty message in database during search
* Wed Nov 11 2015 lmuelle@suse.com
- Update to 1.1.23; (bsc#954658).
+ Test improvements
+ Improved python3 bindings; (bsc#951911)
+ Minor build fixes
* Fri Oct 30 2015 lmuelle@suse.com
- Add doxygen at build time to add the development documentation.
- Disable rpath-install and silent-rules while configure.
* Thu Oct 22 2015 lmuelle@suse.com
- Rename pyldb to python-ldb.
* Mon Sep 07 2015 lmuelle@suse.com
- Move the ldb-cmdline library to the ldb-tools package as the packaged
binaries depend on it.
* Mon Sep 07 2015 lmuelle@suse.com
- Update the Samba Library Distribution Key file 'ldb.keyring'; (bso#945116).
* Wed Jul 22 2015 lmuelle@suse.com
- Update to 1.1.21; (bsc#939050).
+ build fixes
+ improved python bindings
* Sun Mar 01 2015 lmuelle@suse.com
- Update to 1.1.20.
+ validate_ldb of String(Generalized-Time) does not accept millisecond
format ".000Z"; (bso#9810)
+ fix logic in ldb_val_to_time()
* Tue Jan 13 2015 lmuelle@suse.com
- Update to 1.1.19.
+ Allow to register extended match rules
* Sun Dec 21 2014 lmuelle@suse.com
- Update to 1.1.18.
+ fixes for segfaults in pyldb
+ documentation fixes
+ build system improvements
+ fix a typo in the comment, LDB_FLAGS_MOD_xxx -> LDB_FLAG_MOD_xxx
+ Fix check for third_party
+ make the successful ldb_transaction_start() message clearer
+ ldb-samba: fix a memory leak in ldif_canonicalise_objectCategory()
+ ldb-samba: Move pyldb-utils dependency to python_samba__ldb
+ build: improve detection of srcdir
* Thu Nov 06 2014 lmuelle@suse.com
- Use the upstream tar ball, as signature verification is now able to handle
compressed archives.
* Tue Oct 28 2014 lmuelle@suse.com
- Remove dependency on gpg-offline as signature checking is implemented in the
source validator.
/usr/bin/ldbadd /usr/bin/ldbdel /usr/bin/ldbedit /usr/bin/ldbmodify /usr/bin/ldbrename /usr/bin/ldbsearch /usr/lib64/ldb2/libldb-cmdline.so /usr/share/man/man1/ldbadd.1.gz /usr/share/man/man1/ldbdel.1.gz /usr/share/man/man1/ldbedit.1.gz /usr/share/man/man1/ldbmodify.1.gz /usr/share/man/man1/ldbrename.1.gz /usr/share/man/man1/ldbsearch.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 18:11:13 2024