Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

openldap2-devel-static-2.6.4-slfo.1.1.10 RPM for s390x

From OpenSuSE Leap 16.0 for s390x

Name: openldap2-devel-static Distribution: SUSE Linux Framework One
Version: 2.6.4 Vendor: SUSE LLC <https://www.suse.com/>
Release: slfo.1.1.10 Build date: Tue Sep 5 13:52:49 2023
Group: Development/Libraries/C and C++ Build host: reproducible
Size: 2789550 Source RPM: openldap2-2.6.4-slfo.1.1.10.src.rpm
Packager: https://www.suse.com/
Url: https://www.openldap.org
Summary: Static libraries for the OpenLDAP libraries
This package provides the static versions of the OpenLDAP libraries
for development.

Provides

Requires

License

OLDAP-2.8

Changelog

* Tue Sep 05 2023 kukuk@suse.com
  - Disable SLP by default for Factory and ALP (bsc#1214884)
* Sat Apr 15 2023 dmueller@suse.com
  - update to 2.6.4:
    * Fixed client tools to remove 'h' and 'p' options
    * Fixed ldapsearch memory leak with paged results (ITS#9860)
    * Fixed libldap ldif_open_urlto check for failure (ITS#9904 CVE-2023-2953 boo#1211795)
    * Fixed libldap ldap_url_parsehosts check for failure
    * Fixed liblunicode UTF8bvnormalize buffer size (ITS#9955)
    * Fixed lloadd memory leaks (ITS#9907)
    * Fixed lloadd shutdown code to protect memory correctly
    * Fixed lloadd race in epoch.c (ITS#9947)
    * Fixed lloadd potential deadlock with cn=monitor (ITS#9951)
    * Fixed lloadd to keep listener base around when not active
    * Fixed lloadd object reclamation sequencing (ITS#9983)
    * Fixed slapd memory leak with olcAuthIDRewrite (ITS#6035)
    * Fixed slapd free of redundant cmdline option (ITS#9912)
    * Fixed slapd transactions extended operations cleanup after
    * Fixed slapd deadlock with replicated cn=config
    * Fixed slapd connection close logic (ITS#9991)
    * Fixed slapd bconfig locking of cn=config entries (ITS#9045)
    * Fixed slapd-mdb max number of index databases to 256
    * Fixed slapd-mdb to always release entries from ADD operations
    * Fixed slapd-mdb to fully init empty DN in tool_entry_get
    * Fixed slapd-monitor memory leaks with lloadd (ITS#9906)
    * Fixed slapd-monitor to free remembered cookies (ITS#9339)
    * Fixed slapo-accesslog reqStart ordering matching rule
    * Fixed slapo-deref memory leak (ITS#9924)
    * Fixed slapo-dynlist to ignore irrelevant objectClasses
    * Fixed slapo-dynlist to avoid unnecessary searches (ITS#9929)
    * Fixed slapo-dynlist to mark internal searches as such
    * Fixed slapo-pcache crash in consistency_check (ITS#9966)
    * Fixed slapo-remoteauth memory leaks (ITS#9438)
    * Fixed slapo-rwm memory leaks (ITS#9817)
    * Build Environment
    * Fixed ancient DOS related ifdef checks (ITS#9925)
    * Fixed build process to not use gmake specific features
    * Fixed source tree to remove symlinks (ITS#9926)
    * Fixed slapo-otp testdir creation (ITS#9437)
    * Fixed slapd-tester memory leak (ITS#9908)
    * Fixed usage of non-standard C syntax (ITS#9898, ITS#9899,
      ITS#9901)
    * Fixed usage of bashism (ITS#9900)
    * Fixed test suite portability (ITS#9931)
    * Documentation
    * Fixed ldap_bind(3) to document ber_bvfree in ldap_sasl_bind
      (ITS#9976)
    * Fixed slapo-asyncmeta(5) to clarify scheduling for target
      connections (ITS#9941)
    * Fixed slapo-dynlist(5) to clarify configuration settings
      (ITS#9957)
    * Fixed slapo-unique(5) to clarify when quoting should be used
      (ITS#9915)
    * Minor cleanup
* Sat Dec 10 2022 dmueller@suse.com
  - add reproducible.patch to avoid using compile-time specific date/time
    constructs
* Mon Sep 26 2022 william.brown@suse.com
  - bsc#1202931 - CVE-2022-31253 - Openldap start script allowed the ldap user
    to privilege escalate to root due to unbound chown commands.
* Thu Jul 14 2022 michael@stroeder.com
  - removed obsolete 0017-Resolve-error-handling-in-new-ctx-when-global.patch
  - update to 2.6.3
    * Fixed librewrite declaration of calloc (ITS#9841)
    * Fixed libldap to check for NULL ld (ITS#9157)
    * Fixed libldap memory leaks (ITS#9876)
    * Fixed lloadd to correctly tag Notice of Disconnection (ITS#9856)
    * Fixed slapd delta-sync DN leak on ADD ops (ITS#9866)
    * Fixed slapd replication with back-glue (ITS#9868)
    * Fixed slapd lastbind replication with chaining (ITS#9863)
    * Fixed slapd-ldap to correctly set authzid (ITS#9863)
    * Fixed slapd-mdb to check for stale readers on
      MDB_READERS_FULL (ITS#7165)
    * Fixed slapd-mdb indexer task with replicated config (ITS#9858)
    * Fixed slapo-accesslog onetime memory leak (ITS#9864)
    * Fixed slapo-ppolicy interaction with slapo-rwm (ITS#9871)
    * Fixed slapo-rwm to handle escaping special characters (ITS#9817)
    * Fixed slapo-syncprov memory leaks (ITS#9867)
    * Fixed slapo-syncprov fallback in delta-sync mode (ITS#9823)
    * Fixed slapo-unique to not release NULL entry (ITS#8245)
    * doc: Fixed ldap_get_option(3) to clarify ldap_get/set_option
      restrictions (ITS#9824)
* Mon May 23 2022 michael@stroeder.com
  - Update to release 2.6.2
    * Added support for OpenSSL 3.0 (ITS#9436)
    * Fixed ldapdelete to prune LDAP subentries (ITS#9737)
    * Fixed libldap to drop connection when non-LDAP data is
      received (ITS#9803)
    * Fixed libldap to allow newlines at end of included file
      (ITS#9811)
    * Fixed slapd slaptest conversion of olcLastBind (ITS#9808)
    * Fixed slapd to correctly init global_host earlier (ITS#9787)
    * Fixed slapd bconfig locking for cn=config replication
      (ITS#9584)
    * Fixed slapd usage of thread local counters (ITS#9789)
    * Fixed slapd to clear runqueue task correctly (ITS#9785)
    * Fixed slapd idletimeout handling (ITS#9820)
    * Fixed slapd syncrepl handling of new sessions (ITS#9584)
    * Fixed slapd to clear connections on bind (ITS#9799)
    * Fixed slapd to correctly advance connections index (ITS#9831)
    * Fixed slapd syncrepl ODSEE replication of unknown attr
      (ITS#9801)
    * Fixed slapd-asyncmeta memory leak in keepalive setting,
      slapd-ldap memory leak in keepalive setting, SEGV on config
      rewrite, ordering on config rewrite, memory leak in keepalive
      setting (ITS#9802)
    * Fixed slapo-pcache SEGV & slapd-monitor SEGV on shutdown
      (ITS#9809)
    * Fixed slapd-monitor crash when hitting sizelimit (ITS#9832)
    * Fixed slapd-sql to properly escape filter value (ITS#9815)
    * Fixed slapo-dynlist dynamic group regression (ITS#9825)
    * Fixed slapo-ppolicy operation handling to be consistent
      (ITS#9794)
    * Fixed slapo-translucent to correctly duplicate substring
      filters (ITS#9818)
    * Contrib:
    * Update ppm module to the 2.1 release (ITS#9814)
    * Documentation:
    * admin26: Document new lloadd features (ITS#9780)
    * Fixed slapd.conf(5)/slapd-config(5) syncrepl
      sizelimit/timelimit documentation (ITS#9804)
    * Fixed slapd-sock(5) to clarify "sockresps result" behavior
      (ITS#8255)
* Thu May 12 2022 william.brown@suse.com
  - bsc#1199277 - Resolve segfault when calling new ctx with global ctx
    * 0017-Resolve-error-handling-in-new-ctx-when-global.patch
* Mon Apr 11 2022 michael@stroeder.com
  - Use libargon2 instead of libsodium because it supports p>1
  - Added new contrib overlays: authzid, datamorph, variant, vc
* Sat Apr 02 2022 jengelh@inai.de
  - Update to release 2.6.1
    * Ability to log directly to a file bypassing syslog
    * back-ndb is retired
    * back-sql and back-perl are deprecated
    * lloadd(8): Additional load balancing strategies.
    * lloadd(8): Additional options to improve coherence with certain
      controls and extended operations.
* Sat Mar 26 2022 coolo@suse.com
  - Add _multibuild support to integrate the build of libldapcpp-devel
    to drop the outdated copy
* Mon Oct 25 2021 michael@stroeder.com
  - update to 2.5.9
    OpenLDAP 2.5.9 Release (2021/10/25)
      Fixed slapo-accesslog to initialize minCSN on import of 2.4 databases (ITS#9720)
* Mon Oct 11 2021 michael@stroeder.com
  - update to 2.5.8
    OpenLDAP 2.5.8 Release (2021/10/11)
      Fixed libldap ldap_int_tls_connect: isdigit() requires unsigned char (ITS#9668)
      Fixed libldap memory leak in ldap_get_option LDAP_OPT_X_TLS_PEERCERT (ITS#9696)
      Fixed slapd to allow normalized values for namingContexts in cn=monitor (ITS#8341)
      Fixed slapd to normalize the suffix in rootDSE (ITS#9664)
      Fixed slapd slapadd to avoid destroying configDB prematurely (ITS#9678)
      Fixed slapd to not spam logs with lastbind information (ITS#9156)
      Fixed slapd slaptest migration to correctly set olcTSLVerifyClient (ITS#9711)
      Fixed slapd-mdb multival delete handling (ITS#9712)
      Fixed slapd-sql ldap_entry_objectclass table for mariadb/mysql (ITS#9679)
      Fixed slapd-wt multiple issues (ITS#9463)
      Fixed slapd-wt to close cache db correctly (ITS#9631)
      Fixed slapo-ppolicy to restore OpenLDAP 2.4 compatibilty (ITS#9671)
      Fixed slapo-syncprov to free uuid list when finished replaying sessionlog (ITS#6467)
      Build
      Fixed libldap result.c compilation on musl systems (ITS#9648)
      Fixed slapd duplicate definition of peerbv (ITS#9659)
      Fixed test suite with memberof modular builds (ITS#9464)
      Contrib
      Added man page for ppm contrib module (ITS#9644)
      Fix crash when pwdCheckModuleArg is not defined for ppm (ITS#9656)
      Documentation
      Fixed guide download link for heimdal (ITS#9669)
      Fixed guide documentation for TLSECName (ITS#9687)
      Fixed guide documentation missing tags (ITS#9693)
      Fixed guide loadbalancer typo (ITS#9699)
      Fixed guide synprov-nopresent redundant text (ITS#9689)
      Fixed guide various typos and fix config alignment (ITS#9706)
      Removed ppolicy.schema from servers/slapd/schema/README (ITS#9156)
      Fixed slapd.conf(5)/slapd-config(5) to document default for database monitoring (ITS#9674)
      Fixed slapd-meta(5)/slapd-asyncmeta(5) verbiage for try-propagate (ITS#9646)
      Fixed slapo-syncprov(5) to note entryCSN indexing is highly recommended (ITS#9688)
* Tue Aug 24 2021 mail@philipp-wagner.com
  - Update to upstream version 2.5.7
    Fixed lloadd client state tracking (ITS#9624)
    Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611)
    Fixed slapd-ldif duplicate controls response (ITS#9497)
    Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621)
    Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958)
    Fixed slapd-mdb idlexp maximum size handling (ITS#9637)
    Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628)
    Fixed slapd-sql to add support for ppolicy attributes (ITS#9629)
    Fixed slapd-sql to close transactions after bind and search (ITS#9630)
    Fixed slapo-accesslog to make reqMod optional (ITS#9569)
    Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625)
    Documentation
    slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637)
    slapo-accesslog(5) note that reqMod is optional (ITS#9569)
    Add ldapvc(1) man page (ITS#9549)
    Add guide section on load balancer (ITS#9443)
    Updated guide to document multiprovider as replacement for mirrormode (ITS#9200)
    Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200)
    Updated guide to document removal of deprecated options from client tools (ITS#9200)
* Fri Jul 30 2021 mail@philipp-wagner.com
  - Major version update to 2.5.6
    See https://www.openldap.org/software/release/announce.html for a list of
    changes.
  - The threaded version of the OpenLDAP libraries, libldap_r, has been merged
    with libldap with 2.5. Removed all related downstream changes, including the
    openldap-r-only.dif patch.
    Introduce a new compatibility symlink in the other direction: libldap_r
    pointing to libldap.
  - Removed the ppolicy-check-password module. It is unmaintained and does not
    build any more. As part of that also remove the patch
    patch 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch, which
    is applied to this module.
  - Removed patch 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch
    Fixed upstream in 2.5 (ITS#8866)
  - Updated patch 0005-pie-compile.dif
    Removed the hunks on back-bdb and back-hdb, which are retired backends in 2.5.
  - Removed patch 0007-Recover-on-DB-version-change.dif
    The back-bdb backend was retired.
  - Removed patch 0011-openldap-re24-its7796.patch
    Fixed upstream in 2.5 (ITS#7796)
  - Remove non-existant configure arguments:
    - -enable-rewrite, --enable-monitor, --enable-lmpasswd
  - Add the --enable-dynacl configure option, which is required for --enable-aci
  - Add the --with-argon2 configure option and remove it from the contrib
    modules, since it is now official (ITS#9453).
  - Pass mandir to smbk5pwd to ensure the man page ends up in /usr/share.
  - Include the new overlays in libdir/openldap in the packages.
  - Add the pkgconfig files to the devel package.
  - Remove compat macro for _fillupdir, which was introduced in Nov 2017 and
    should be widely available now.
* Fri Jun 04 2021 michael@stroeder.com
  - updated to 2.4.59
    OpenLDAP 2.4.59 Release (2021/06/03)
      Fixed libldap TLSv1.3 cipher suites with OpenSSL 1.1.1 (ITS#9521)
      Fixed libldap double free of LDAP_OPT_DEFBASE (ITS#9530)
      Fixed slapd syncrepl handling of add+delete on single value attr (ITS#9295)
      Fixed slapd-mdb cursor init check (ITS#9526)
      Fixed slapd-mdb deletion of context entry (ITS#9531)
      Fixed slapd-mdb off-by-one affecting search scope (ITS#9557)
      Fixed slapo-pcache locking during expiration (ITS#9529)
      Contrib
      Fixed slapo-autogroup to not thrash thread context (ITS#9494)
      Documentation
      ldap_modify(3) - Delete non-existent mod_next parameter (ITS#9559)
* Tue Mar 16 2021 michael@stroeder.com
  - updated to 2.4.58
    OpenLDAP 2.4.58 Release (2021/03/16)
      Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9454)
      Fixed slapd to alloc new conn struct after freeing old one (ITS#9458)
      Fixed slapd syncrepl to check all contextCSNs (ITS#9282)
      Fixed slapd-bdb lockdetect config (ITS#9449)
* Mon Jan 18 2021 michael@stroeder.com
  - updated to 2.4.57
    OpenLDAP 2.4.57 Release (2021/01/18)
    Fixed ldapexop to use correct return code (ITS#9417)
    Fixed slapd to remove asserts in UUIDNormalize (ITS#9391)
    Fixed slapd to remove assert in csnValidate (ITS#9410)
    Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9411, ITS#9427)
    Fixed slapd validity checks for serialNumberAndIssuerCheck (ITS#9404, ITS#9424)
    Fixed slapd AVA sort with invalid RDN (ITS#9412)
    Fixed slapd ldap_X509dn2bv to check for invalid BER after RDN count (ITS#9423, ITS#9425)
    Fixed slapd saslauthz to remove asserts in validation (ITS#9406, ITS#9407)
    Fixed slapd saslauthz to use slap_sl_free on normalized DN (ITS#9409)
    Fixed slapd saslauthz SEGV in slap_parse_user (ITS#9413)
    Fixed slapd modrdn memory leak (ITS#9420)
    Fixed slapd double-free in vrfilter (ITS#9408)
    Fixed slapd cancel operation to correctly terminate (ITS#9428)
    Fixed slapd-ldap fix binds on retry with closed connection (ITS#9400)
    Fixed slapo-syncprov to ignore duplicate sessionlog entries (ITS#9394)
* Thu Dec 17 2020 michael@stroeder.com
  - added openldap2.keyring and source signature file
* Wed Nov 11 2020 michael@stroeder.com
  - updated to 2.4.56
    OpenLDAP 2.4.56 Release (2020/11/10)
    Fixed slapd to remove assert in certificateListValidate (ITS#9383)
    Fixed slapd to remove assert in csnNormalize23 (ITS#9384)
    Fixed slapd to better parse ldapi listener URIs (ITS#9379)
* Tue Oct 27 2020 william.brown@suse.com
  - bsc#1175568 CVE-2020-8027
    openldap_update_modules_path.sh has a number of issues in it's
    design that lead to security issues. This file has been removed,
    from the package, and the %post execution of the install. The
    function is replaced by /usr/sbin/slapd-ldif-update-crc and
    /usr/lib/openldap/fixup-modulepath, through the addition of the
    source files:
    * fixup-modulepath.sh
    * slapd-ldif-update-crc.sh
    * update-crc.sh
* Mon Oct 26 2020 michael@stroeder.com
  - updated to 2.4.55
    OpenLDAP 2.4.55 Release (2020/10/26)
    Fixed slapd normalization handling with modrdn (ITS#9370)
    Fixed slapd-meta to check ldap_install_tls return code (ITS#9366)
    Contrib
      Fixed nssov misplaced semicolon (ITS#8731, ITS#9368)
    LMDB 0.9.27 Release (2020/10/26)
    ITS#9376 fix repeated DUPSORT cursor deletes
* Mon Oct 12 2020 michael@stroeder.com
  - updated to 2.4.54
    OpenLDAP 2.4.54 Release (2020/10/12)
    Fixed slapd delta-syncrepl to ignore delete ops on deleted entry (ITS#9342)
    Fixed slapd delta-syncrepl to be fully serialized (ITS#9330)
    Fixed slapd delta-syncrepl MOD on zero-length context entry (ITS#9352)
    Fixed slapd sessionlog to use a TAVL tree (ITS#8486)
    Fixed slapd syncrepl to be fully serialized (ITS#8102)
    Fixed slapd syncrepl to call check_syncprov on fresh consumer (ITS#9345)
    Fixed slapd syncrepl to propagate errors from overlay_entry_get_ov (ITS#9355)
    Fixed slapd syncrepl to not create empty ADD ops (ITS#9359)
    Fixed slapd syncrepl replace usage on single valued attrs (ITS#9295)
    Fixed slapd-monitor fix monitor_back_register_database for empty suffix DB (ITS#9353)
    Fixed slapo-accesslog normalizer for reqStart (ITS#9358)
    Fixed slapo-accesslog to not generate new contextCSN on purge (ITS#9361)
    Fixed slapo-syncprov contextCSN generation with empty suffix (ITS#9015)
* Mon Sep 07 2020 michael@stroeder.com
  - updated to 2.4.53
    OpenLDAP 2.4.53 (2020/09/07)
    Added slapd syncrepl additional SYNC logging (ITS#9043)
    Fixed slapd syncrepl segfault on NULL cookie on REFRESH (ITS#9282)
    Fixed slapd syncrepl to use fresh connection on REFRESH fallback (ITS#9338)
    Fixed slapo-ppolicy race condition for pwdFailureTime (ITS#9302,ITS#9334)
    Build
      Require OpenSSL 1.0.2 or later (ITS#9323)
      Fixed libldap compilation issue with broken C compilers (ITS#9332)
* Fri Aug 28 2020 michael@stroeder.com
  - updated to 2.4.52
    OpenLDAP 2.4.52 (2020/08/28)
    Added libldap LDAP_OPT_X_TLS_REQUIRE_SAN option (ITS#9318)
    Added libldap OpenSSL support for multiple EECDH curves (ITS#9054)
    Added slapd OpenSSL support for multiple EECDH curves (ITS#9054)
    Fixed librewrite malloc/free corruption (ITS#9249)
    Fixed libldap hang when using UDP and server down (ITS#9328)
    Fixed slapd syncrepl rare deadlock due to network issues (ITS#9324)
    Fixed slapd syncrepl regression that could trigger an assert (ITS#9329)
    Fixed slapd-mdb index error with collapsed range (ITS#9135)
* Thu Aug 20 2020 kukuk@suse.com
  - Switch from shadow to sysusers to generate ldap account
  - Remove if's for code older than SLE12 (Even SLE12 builds no longer)
  - Remove 12 years old sasl2 migration code
* Sat Aug 15 2020 kukuk@suse.com
  - Drop obsolete, not working DB_CONFIG
  - Remove init.d header from start script, does not work
  - Use bash for start script as syntax is not POSIX sh supported
  - Remove UPDATE_NEEDED section in start script, does never match
* Sat Aug 15 2020 kukuk@suse.com
  - Remove remaining rc.status usage in start script
* Wed Aug 12 2020 michael@stroeder.com
  - updated to 2.4.51
  - removed obsolete patch 0014-ITS-8650-fix-debug-usage.patch
    OpenLDAP 2.4.51 Release (2020/08/11)
    Added slapo-ppolicy implement Netscape password policy controls (ITS#9279)
    Fixed libldap retry loop in ldap_int_tls_connect (ITS#8650)
    Fixed libldap to use getaddrinfo in ldap_pvt_get_fqdn (ITS#9287)
    Fixed slapd to enforce singular existence of some overlays (ITS#9309)
    Fixed slapd syncrepl to not delete non-replicated attrs (ITS#9227)
    Fixed slapd syncrepl to correctly delete entries on resync (ITS#9282)
    Fixed slapd syncrepl to use replace on single valued attrs (ITS#9294, ITS#9295)
    Fixed slapd-perl dynamic config with threaded slapd (ITS#7573)
    Fixed slapo-ppolicy to expose the ppolicy control (ITS#9285)
    Fixed slapo-ppolicy race condition for pwdFailureTime (ITS#9302)
    Fixed slapo-ppolicy so it can only exist once per DB (ITS#9309)
    Fixed slapo-chain to check referral (ITS#9262)
    Build Environment
      Fix test064 so it no longer uses bashisms (ITS#9263)
    Contrib
      Fix default prefix value for pw-argon2, pw-pbkdf2 modules (ITS#9248)
      slapo-allowed - Fix usage of unitialized variable (ITS#9308)
    Documentation
      ldap_parse_result(3) - Document ldap_parse_intermediate (ITS#9271)
* Mon Jun 08 2020 callumjfarmer13@gmail.com
  - Revert changes to libexecdir
* Sun Jun 07 2020 michael@stroeder.com
  - More .spec cleanups
* Fri Jun 05 2020 callumjfarmer13@gmail.com
  - Fixes for %_libexecdir changing to /usr/libexec
  - Spec file cleanups
* Wed May 06 2020 michael@stroeder.com
  - updated to 2.4.50
  - added 0014-ITS-8650-fix-debug-usage.patch
  - enabled new contrib overlay pw-argon2
  - replaced FTP by HTTPS download URL for source
  - removed 0009-Fix-ldap-host-lookup-ipv6.patch (see bsc#1171127)
    OpenLDAP 2.4.50 Release (2020/04/28)
    Fixed client benign typos (ITS#8890)
    Fixed libldap type cast (ITS#9175)
    Fixed libldap retry loop in ldap_int_tls_connect (ITS#8650)
    Fixed libldap_r race on Windows mutex initialization (ITS#9181)
    Fixed liblunicode memory leak (ITS#9198)
    Fixed slapd benign typos (ITS#8890)
    Fixed slapd to limit depth of nested filters (ITS#9202)
    Fixed slapd-mdb memory leak in dnSuperiorMatch (ITS#9214)
    Fixed slapo-pcache database initialization (ITS#9182)
    Fixed slapo-ppolicy callback (ITS#9171)
    Build
      Fix olcDatabaseDummy initialization for windows (ITS#7074)
      Fix detection for ws2tcpip.h for windows (ITS#8383)
      Fix back-mdb types for windows (ITS#7878)
    Contrib
      Update ldapc++ config.guess and config.sub to support newer architectures (ITS#7855)
      Added pw-argon2 module (ITS#9233, ITS#8575, ITS#9203, ITS#9206)
    Documentation
      slapd-ldap(5) - Clarify idassert-authzfrom behavior (ITS#9003)
      slapd-meta(5) - Remove client-pr option (ITS#8683)
      slapdinex(8) - Fix truncate option information for back-mdb (ITS#9230)
* Thu Jan 30 2020 michael@stroeder.com
  - updated to 2.4.49
  - removed obsolete back-port patches:
    * 0013_openldap-its9124_fix_crash_with_cancel_exop.patch
  - removed obsolete source file DB_CONFIG
    OpenLDAP 2.4.49 Release (2020/01/30)
    Added slapd-monitor database entry count for slapd-mdb (ITS#9154)
    Fixed client tools to not add controls on cancel/abandon (ITS#9145)
    Fixed client tools SyncInfo message to be LDIF compliant (ITS#8116)
    Fixed libldap to correctly free sb (ITS#9081, ITS#8755)
    Fixed libldap descriptor leak if ldaps fails (ITS#9147)
    Fixed libldap remove unnecessary global mutex for GnuTLS (ITS#9069)
    Fixed slapd syntax evaluation of preferredDeliveryMethod (ITS#9067)
    Fixed slapd to relax domainScope control check (ITS#9100)
    Fixed slapd to have cleaner error handling during connection setup (ITS#9112)
    Fixed slapd data check when processing cancel exop (ITS#9124)
    Fixed slapd attribute description processing (ITS#9128)
    Fixed slapd-ldap to set oldctrls correctly (ITS#9076)
    Fixed slapd-mdb to honor unchecked limit with alias deref (ITS#7657)
    Fixed slapd-mdb missing final commit with slapindex (ITS#9095)
    Fixed slapd-mdb drop attr mappings added in an aborted txn (ITS#9091)
    Fixed slapd-mdb nosync FLAG configuration handling (ITS#9150)
    Fixed slapd-monitor global operation counter reporting (ITS#9119)
    Fixed slapo-ppolicy when used with slapauth (ITS#8629)
    Fixed slapo-ppolicy to add a missed normalised copy of pwdChangedTime (ITS#9126)
    Fixed slapo-syncprov fix sessionlog init (ITS#9146)
    Fixed slapo-unique loop termination (ITS#9077)
    Build Environment
      Fix mkdep to honor TMPDIR if set (ITS#9062)
      Remove ICU library detection (ITS#9144)
      Update config.guess and config.sub to support newer architectures (ITS#7855)
      Disable ITS8521 regression test as it is no longer valid (ITS#9015)
    Documentation
      admin24 - Fix inconsistent whitespace in replication section (ITS#9153)
      slapd-config(5)/slapd.conf(5) - Fix missing bold tag for keyword (ITS#9063)
      slapd-ldap(5) - Document "tls none" option (ITS#9071)
      slapo-ppolicy(5) - Correctly document pwdGraceAuthnLimit (ITS#9065)
* Fri Jan 10 2020 michael@stroeder.com
  - added back-port patch
    0013_openldap-its9124_fix_crash_with_cancel_exop.patch
    to fix OpenLDAP ITS#9124
* Sun Dec 22 2019 michael@stroeder.com
  - use BuildRequires:  pkgconfig(krb5) instead of krb5-devel-mini
* Fri Aug 02 2019 mliska@suse.cz
  - Use FAT LTO objects in order to provide proper static library.
* Thu Jul 25 2019 matthias.gerstner@suse.com
  - removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
    firewalld, see [1].
    [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
* Wed Jul 24 2019 michael@stroeder.com
  - Update to upstream release 2.4.48 with security fixes:
    * CVE-2019-13057 (ITS#9038):
      rootdn of any db can assert any identity
    * CVE-2019-13565 (ITS#9052):
      Unauthorized access caused by incorrect handling of SASL SSF values
  - Fix CVE-2017-17740 by disabling nops overlay not maintained by upstream
    (see also bsc#1073313, comment #36)
  - Removed obsolete patches:
    * 0002-openldap-its8727-plug-ber-leaks.patch
    * 0017-Fix-segfault-in-nops.patch
    OpenLDAP 2.4.48 (2019/07/24)
    Added libldap OpenSSL Elliptic Curve support (ITS#7595)
    Added libldap Expose OpenLDAP specific interfaces via openldap.h (ITS#8671)
    Added slapd-monitor support for slapd-mdb (ITS#7770)
    Fixed liblber leaks (ITS#8727)
    Fixed liblber with partial flush (ITS#8864)
    Fixed libldap ASYNC TLS so it works (ITS#8957,ITS#8980)
    Fixed libldap ASYNC connections with Solaris 10 (ITS#8968)
    Fixed libldap with SASL_NOCANON=on and ldapi connections (ITS#7585)
    Fixed libldap to be able to unset syncrepl TLS options (ITS#7042)
    Fixed libldap race condition in ldap_int_initialize (ITS#7996, ITS#8450)
    Fixed libldap return code in ldap_create_assertion_control_value (ITS#8674)
    Fixed libldap to correctly disable IPv6 when configured to do so (ITS#8754)
    Fixed libldap to correctly close TLS connection (ITS#8755)
    Fixed libldap with non-blocking TLS and referals (ITS#8167)
    Fixed libldap_r handling of deprecated OpenSSL function (ITS#8353)
    Fixed liblunicode case correspondance (ITS#8508)
    Fixed slapd with an idletimeout of less than four seconds (ITS#8952)
    Fixed slapd config parser variable for Windows64 (ITS#9012)
    Fixed slapd syncrepl fallback handling with delta-syncrepl (ITS#9015)
    Fixed slapd telephoneNumberNormalize, cert DN validation (ITS#8999)
    Fixed slapd syncrepl for relax with delta-syncrepl (ITS#8037)
    Fixed slapd to restrict rootDN proxyauthz to its own databases (ITS#9038)
    Fixed slapd to initialize SASL SSF per connection (ITS#9052)
    Fixed slapo-accesslog with SLAP_MOD_SOFT modifications (ITS#8990)
    Fixed slapd-ldap starttls connections timeout behavior (ITS#8963)
    Fixed slapd-ldap segfault when entry result doesn't match filter (ITS#8997)
    Fixed slapd-meta conversion from slapd.conf to cn=config (ITS#8743)
    Fixed slapd-meta assertion when network interface goes down (ITS#8841)
    Fixed slapd-mdb fix bitshift integer overflow (ITS#8989)
    Fixed slapd-mdb index cleanup with cn=config (ITS#8472)
    Fixed slapd-mdb to improve performance with alias deref (ITS#7657)
    Fixed slapo-accesslog possible assert with exops (ITS#8971)
    Fixed slapo-chain to correctly reject multiple chaining URIs (ITS#8637)
    Fixed slapo-chain conversion from slapd.conf to cn=config (ITS#8799)
    Fixed slapo-memberof conversion from slapd.conf to cn=config (ITS#8663)
    Fixed slapo-memberof for group name change to itself (ITS#9000)
    Fixed slapo-ppolicy behavior when pwdInHistory is changed (ITS#8349)
    Fixed slapo-rwm to not free original filter (ITS#8964)
    Fixed slapo-syncprov contextCSN generation (ITS#9015)
    Build Environment
      Fixed slapd to only link to BDB libraries with static build (ITS#8948)
      Fixed libldap implicit declaration with LDAP_CONNECTIONLESS (ITS#8794)
      Fixed libldap double inclusion of limits.h in cyrus.c (ITS#9041)
    Documentation
      General - Fixed minor typos (ITS#8764, ITS#8761)
      admin24 - Miscellaneous updates promoting mdb and fixing examples (ITS#9031)
      slapd.access(5) - Note MDB is the primary backend (ITS#8881)
      slapd.backends(5) - Note MDB is the recommended backend (ITS#8771)
      slapd-ldap(5) - Document starttls parameter (ITS#8693)
    Contrib
      Added slapo-lastbind capability to forward authTimestamp updates (ITS#7721)
* Tue May 14 2019 william.brown@suse.com
  - bsc#1111388 - incorrect post script call causes tmpfiles create not to
    be run.
* Sun Mar 10 2019 michael@stroeder.com
  - Corrected moduleload back_mdb.la to get a working configuration
    right after package installation.
* Fri Jan 04 2019 michael@stroeder.com
  - added back-ported fix for OpenLDAP ITS#8727
    (file 0002-openldap-its8727-plug-ber-leaks.patch)
* Thu Dec 20 2018 michael@stroeder.com
  - Update to upstream release 2.4.47
  - Removed obsolete patches:
    * 0006-No-Build-date-and-time-in-binaries.dif
      (upstream now uses SOURCE_DATE_EPOCH for reproducable builds)
    * 0012-ITS8051-sockdnpat.patch
    * 0014-ITS-8714-Send-out-EXTENDED-operation-message-from-back-sock.patch
    OpenLDAP 2.4.47 Release (2018/12/19)
      Added slapd-sock DN qualifier for subtrees to be processed (ITS#8051)
      Added slapd-sock ability to send extended operations to external listeners (ITS#8714)
      Fixed liblber to avoid incremental access to user-supplied bv in dupbv (ITS#8752)
      Fixed libldap dn to domain parsing with bad input (ITS#8842)
      Fixed slapd slapcat to correctly honor -g option (ITS#8667)
      Fixed slapd to correctly handle NO_SUCH_OBJECT with dynamic groups (ITS#8923)
      Fixed slapd to check status of rdnNormalize (ITS#8932)
      Fixed slapd cn=config when modifying slapo-syncprov config (ITS#8616)
      Fixed slapd sasl authz-policy "all" behavior (ITS#8909)
      Fixed slapd sasl minor typo (ITS#8918)
      Fixed slapd to correctly hide hidden DBs in the rootDSE (ITS#8912)
      Fixed slapd domainScope control to match Microsoft specification (ITS#8840)
      Fixed slapd-bdb/hdb/mdb to not convert certain IDLs to ranges (ITS#8868)
      Fixed slapo-accesslog deadlock during cleanup (ITS#8752)
      Fixed slapo-memberof cn=config modifications (ITS#8663)
      Fixed slapo-ppolicy with multimaster replication (ITS#8927)
      Fixed slapo-syncprov with NULL modlist (ITS#8843)
      Build Environment
      Added slapd reproducible build support (ITS#8928)
      Fixed missing includes with OpenSSL 1.0.2 (ITS#8809)
      Contrib
      Fixed slapo-pbkdf2 hash generation (ITS#8878)
      Documentation
      admin24 fixed minor typo (ITS#8887)
* Thu Nov 22 2018 jengelh@inai.de
  - Replace old $RPM_* shell vars
* Tue Nov 20 2018 ckowalczyk@suse.com
  - Fix CVE-2017-17740: when both the nops module and the memberof
    overlay are enabled, attempts to free a buffer that was allocated
    on the stack
    * patch: 0017-Fix-segfault-in-nops.patch
    (bsc#1073313)
* Mon Nov 12 2018 dleuenberger@suse.com
  - Emergency fix: move tmpfiles_create post from the library package
    to the main package's post script, which ships the tmpfiles.d
    configuration. Fixes the post script of the library (-p
    /sbin/ldconfig does not allow more statements in the script).
* Thu Nov 08 2018 varkoly@suse.com
  - bsc#1111388 openldap and /var/lib/ldap/DB_CONFIG* (transactional-update)
* Fri Oct 26 2018 michael@stroeder.com
  - Fixed broken memory handling in
    0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch
    affecting error response of slapo-unique
* Fri Aug 17 2018 ckowalczyk@suse.com
  - Fix slapd segfaults in mdb_env_reader_dest
    +  with patch 0016-Clear-shared-key-only-in-close-function.patch
    +  (bsc#1089640)
* Fri Jun 29 2018 michael@stroeder.com
  - fixed shee-bang in openldap_update_modules_path.sh (bsc#1099705)
* Wed Jun 20 2018 michael@stroeder.com
  - Added a patch to let slapd return the uniqueness check filter
    used before constraint violation to the client
    0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch
* Tue Jun 05 2018 varkoly@suse.com
  - bsc#1095816 libldap package does not contain and provide libldap anymore
* Thu May 24 2018 kukuk@suse.de
  - Don't require systemd explicit, spec file can handle both cases
    correct and in containers we don't have systemd.
* Tue Apr 24 2018 zsolt.kalmar@suse.com
  - bsc#1085064 Packaging issues have been discovered around the
    openldap_update_modules_path.sh which has been corrected:
    - the spec file was wrongly configured, therefore the script has
    never been called
    - the script should create the symlinks first, as slapcat is
    useless on a system which is already affected.
* Fri Apr 06 2018 zsolt.kalmar@suse.com
  - bsc#1085064 Add script "openldap_update_modules_path.sh" which
    which removes the configuration item olcModulePath in cn=config
    which is after upgrade from SLE12 to SLE15 holds inappropriate
    information. If the cn=config is being used on a system, the
    conflicting items in slapd.conf are ignored, despite of it, the
    backend DB configuration section has been also commented out in
    the default slapd.conf.
    In case of correct cn=config (the olcModulePath has been already
    removed), the script stops without touching anything.
* Fri Mar 23 2018 michael@stroeder.com
  - Upgrade to upstream 2.4.46 release
  - removed obsolete back-port patches:
    * 0013-ITS-8692-let-back-sock-generate-increment-line.patch
    * 0016-ITS-8782-fix-cancel-memleak.patch
    OpenLDAP 2.4.46 Release (2018/03/22)
    Fixed libldap connection delete callbacks when TLS fails to start (ITS#8717)
    Fixed libldap to not reuse tls_session if TLS hostname check fails (ITS#7373)
    Fixed libldap cross-compiling with OpenSSL 1.1 (ITS#8687)
    Fixed libldap OpenSSL 1.1.1 compatibility with BIO_method (ITS#8791)
    Fixed libldap MozNSS CA certificate hash matching (ITS#7374)
    Fixed libldap MozNSS with PEM certs when also using an NSS cert db (ITS#7389)
    Fixed libldap MozNSS initialization (ITS#8484)
    Fixed libldap GnuTLS with GNUTLS_E_AGAIN (ITS#8650)
    Fixed libldap memory leak with cancel operations (ITS#8782)
    Fixed slapd Eventlog registry key creation on 64-bit Windows (ITS#8705)
    Fixed slapd to maintain SSF across SASL binds (ITS#8796)
    Fixed slapd syncrepl deadlock when updating cookie (ITS#8752)
    Fixed slapd syncrepl callback to always be last in the stack (ITS#8752)
    Fixed slapd telephoneNumberNormalize when the value is spaces and hyphens (ITS#8778)
    Fixed slapd CSN queue processing (ITS#8801)
    Fixed slapd-ldap TLS connection timeout with high latency connections (ITS#8720)
    Fixed slapd-ldap to ignore unknown schema when omit-unknown-schema is set (ITS#7520)
    Fixed slapd-mdb with an optimization for long lived read transactions (ITS#8226)
    Fixed slapd-meta assert when olcDbRewrite is modified (ITS#8404)
    Fixed slapd-sock with LDAP_MOD_INCREMENT operations (ITS#8692)
    Fixed slapo-accesslog cleanup to only occur on failed operations (ITS#8752)
    Fixed slapo-dds entryTTL to actually decrease as per RFC 2589 (ITS#7100)
    Fixed slapo-syncprov memory leak with delete operations (ITS#8690)
    Fixed slapo-syncprov to not clear pending operation when checkpointing (ITS#8444)
    Fixed slapo-syncprov to correctly record contextCSN values in the accesslog (ITS#8100)
    Fixed slapo-syncprov not to log checkpoints to accesslog db (ITS#8607)
    Fixed slapo-syncprov to process changes from this SID on REFRESH (ITS#8800)
    Fixed slapo-syncprov session log parsing to not block other operations (ITS#8486)
    Build Environment
    Fixed Windows build with newer MINGW version (ITS#8697)
    Fixed compiler warnings and removed unused variables (ITS#8578)
    Contrib
    Fixed ldapc++ Control structure (ITS#8583)
    Documentation
    Delete stub manpage for back-ldbm (ITS#8713)
    Fixed ldap_bind(3) to mention the LDAP_SASL_SIMPLE mechanism (ITS#8121)
    Fixed ldap.conf(5) to note SASL_MECH/SASL_REALM are no longer user-only (ITS#8818)
    Fixed slapd-config(5) typo for olcTLSCipherSuite (ITS#8715)
    Fixed slapo-syncprov(5) indexing requirements (ITS#5048)
* Thu Feb 22 2018 fvogt@suse.com
  - Use %license (boo#1082318)
* Mon Dec 11 2017 michael@stroeder.com
  - added 0016-ITS-8782-fix-cancel-memleak.patch
* Thu Nov 23 2017 rbrown@suse.com
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Mon Oct 02 2017 jengelh@inai.de
  - Add openldap-r-only.dif so that openldap2's own tools also
    link against libldap_r rather than libldap.
  - Make libldap equivalent to libldap_r (like Debian) to avoid
    crashes in threaded programs which unknowingly get both
    libraries inserted into their process image.
    [rh#1370065, boo#996551]
* Mon Oct 02 2017 mrueckert@suse.de
  - use existing groups instead of inventing new ones
* Mon Sep 18 2017 michael@stroeder.com
  - added 0012-ITS8051-sockdnpat.patch
* Wed Sep 06 2017 michael@stroeder.com
  - updated 0014-ITS-8714-Send-out-EXTENDED-operation-message-from-back-sock.patch
* Fri Aug 18 2017 michael@stroeder.com
  - Added OpenLDAP new feature implementing OpenLDAP ITS#8714
    0014-ITS-8714-Send-out-EXTENDED-operation-message-from-back-sock.patch
* Thu Jul 20 2017 michael@stroeder.com
  - added overlay trace to package openldap2-contrib
* Wed Jul 12 2017 michael@stroeder.com
  - Upgrade to upstream 2.4.45 release
  - removed obsolete 0010-Enforce-minimum-DH-size-of-1024.patch
    and  0012-use-system-wide-cert-dir-by-default.patch
  - added 0013-ITS-8692-let-back-sock-generate-increment-line.patch
    for supporting modify increment operations with back-sock
  - added overlay addpartial to package openldap2-contrib
* Wed Jun 07 2017 hguo@suse.com
  - Remove legacy daemon control that was used to migrate from SLE 11
    to 12. (bsc#1038405)
* Tue Jun 06 2017 hguo@suse.com
  - There is no change made about the package itself, this is only
    copying over some changelog texts from SLE package:
  - bug#976172 owned by hguo@suse.com: openldap2 - missing
    /usr/share/doc/packages/openldap2/guide/admin/guide.html
  - bug#916914 owned by varkoly@suse.com: VUL-0: CVE-2015-1546:
    openldap2: slapd crash in valueReturnFilter cleanup
  - [fate#319300](https://fate.suse.com/319300)
  - [CVE-2015-1545](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545)
  - bug#905959 owned by hguo@suse.com: L3-Question: Are multiple
    "Connection 0" in a Multi Master setup normal ?
  - [CVE-2015-1546](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546)
  - bug#916897 owned by varkoly@suse.com: VUL-0: CVE-2015-1545:
    openldap2: slapd crashes on search with deref control and empty attr list
* Fri Apr 07 2017 jengelh@inai.de
  - Drop binutils requirement; the code using /usr/bin/strings has
    been dropped in openSUSE:Factory/openldap2 revision 112.
* Sat Feb 18 2017 kukuk@suse.com
  - Remove superfluous insserv PreReq.
* Thu Nov 10 2016 hguo@suse.com
  - Introduce patch 0012-use-system-wide-cert-dir-by-default.patch
    to let OpenLDAP read system wide certificate directory by
    default and avoid hiding the error if user specified CA location
    cannot be read (bsc#1009470).
* Fri Oct 14 2016 hguo@suse.com
  - Add more details in the comments of slapd.conf concerning
    file permission and StartTLS capability.
* Thu Jun 23 2016 jengelh@inai.de
  - Test for user/group existence before trying to add them.
    Summary spello update.
* Thu Jun 16 2016 hguo@suse.com
  - Move schema files into tarball addonschema.tar.gz:
    ldapns.ldif ldapns.schema rfc2307bis.ldif rfc2307bis.schema
    yast.ldif yast.schema
  - Package previously missing schema files in LDIF format:
    amavisd-new.ldif dhcp.ldif dlz.ldif dnszone.ldif samba3.ldif
    sudo.ldif suse-mailserver.ldif (bsc#984691)
  - Fix a minor issue in schema2ldif script that led to missing
    attribute in the generated LDIF.
* Tue May 17 2016 hguo@suse.com
  - Enable build flag LDAP_USE_NON_BLOCKING_TLS to fix bsc#978408.
* Thu Feb 25 2016 hguo@suse.com
  - Move ldap.conf into libldap-data package, per convention.
* Sun Feb 21 2016 jengelh@inai.de
  - Move ldap.conf out of shlib package again, they are not allowed
    there for obvious reasons (conflict with future package).
* Thu Feb 18 2016 hguo@suse.com
  - Build password strength enforcer as an implementation of ppolicy
    password checker, introducing:
    ppolicy-check-password-1.2.tar.gz
    ppolicy-check-password.Makefile
    ppolicy-check-password.conf
    ppolicy-check-password.5
    0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch
    (Implements fate#319461)
* Thu Feb 18 2016 lmuelle@suse.com
  - Remove redundant -n openldap2- package name prefix.
* Mon Feb 08 2016 hguo@suse.com
  - Remove openldap2-client.spec and openldap2-client.changes
    openldap2.spec now builds client utilities and libraries.
    Thus pre_checkin.sh is removed.
  - Move ldap.conf and its manual page from openldap2-client package
    to libldap-2_4-2 package, which is more appropriate.
  - Use RPM_OPT_FLAGS in build flags.
  - Macros dealing with old/unsupported distributions are removed.
  - Remove 0002-slapd.conf.dif and install improved slapd.conf from
    new source file slapd.conf.
  - Install slapd.conf.olctemplate to assist in preparing slapd.d
    for OLC.
  - Be explicit in sysconfig that by default openldap will use
    static file configuration.
  - Add the following schemas in LDIF format:
    * rfc2307bis.ldif
    * ldapns.ldif
    * yast.ldif
  - Other minor clean-ups in the spec file.
* Mon Feb 08 2016 mpluskal@suse.com
  - Use optflags when building
* Sat Feb 06 2016 michael@stroeder.com
  - Upgrade to upstream 2.4.44 release with accumulated bug fixes.
  - Specify source with FTP URL
  - Removed obsolete 0012-openldap-re24-its8336.patch
* Mon Jan 25 2016 hguo@suse.com
  - Relabel patch 0011-Enforce-minimum-DH-size-of-1024.patch
    into 0010-Enforce-minimum-DH-size-of-1024.patch
* Tue Dec 08 2015 michael@stroeder.com
  - Upgrade to upstream 2.4.43 release with accumulated bug fixes.
  - Still build on SLES12
  - Loadable backend and overlay modules are now installed
    into arch-specific path %{_libdir}/openldap
  - All backends and overlays as modules for smaller memory footprint
    on memory constrained systems
  - Added extra package for back-sock
  - Consequent use of %{_rundir} everywhere
  - Rely on upstream ./configure script instead of any other
    macro foo
  - Dropped linking with libwrap
  - Dropped 0004-libldap-use-gethostbyname_r.dif because this
    work-around for nss_ldap is obsolete
  - New sub-package openldap2-contrib with selected contrib/ overlays
  - Replaced addonschema.tar.gz with separate schema sources
  - Updated ldapns.schema from recent slapo-nssov source tree
  - Added symbolic link to slapd executable in /usr/sbin/
  - Added more complex example configuration file
    /etc/openldap/slapd.conf.example
  - Set OPENLDAP_START_LDAPI="yes" in /etc/sysconfig/openldap
  - Set OPENLDAP_REGISTER_SLP="no" in /etc/sysconfig/openldap
  - Added patch for OpenLDAP ITS#7796 to avoid excessive
    "not index" logging:
    0011-openldap-re24-its7796.patch
  - Replaced openldap-rc.tgz with single source files
  - Added soft dependency (Recommends) to cyrus-sasl
  - Added soft dependency (Recommends) to cyrus-sasl-devel
    to openldap2-devel
  - Added patch for OpenLDAP ITS#8336 (assert in liblmdb):
    0012-openldap-re24-its8336.patch
  - Remove obsolete patch 0001-build-adjustments.dif
* Wed Dec 02 2015 hguo@suse.com
  - Introduce patch 0010-Revert-Revert-ITS-8240-remove-obsolete-assert.patch
    to fix CVE-2015-6908. (bsc#945582)
  - Introduce patch 0011-Enforce-minimum-DH-size-of-1024.patch
    to address weak DH size vulnerability (bsc#937766)
* Mon Nov 30 2015 hguo@suse.com
  - Introduce patch 0009-Fix-ldap-host-lookup-ipv6.patch
    to fix an issue with unresponsive LDAP host lookups in IPv6 environment.
    (bsc#955210)
* Fri Oct 09 2015 hguo@suse.com
  - Remove OpenLDAP 2.3 code and patches from build source.
    Compatibility libraries for OpenLDAP 2.3 are built in package:
    compat-libldap-2_3-0
    Removed source files:
      openldap-2.3.37-liblber-length-decoding.dif
      openldap-2.3.37-libldap-ntlm.diff
      openldap-2.3.37-libldap-ssl.dif
      openldap-2.3.37-libldap-sasl-max-buff-size.dif
      openldap-2.3.37-libldap-tls_chkhost-its6239.dif
      openldap-2.3.37-libldap-gethostbyname_r.dif
      openldap-2.3.37-libldap-suid.diff
      openldap-2.3.37.dif
      openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif
      openldap-2.3.37-libldap-ldapi_url.dif
      openldap-2.3.37.tgz
      openldap-2.3.37-libldap-utf8-ADcanonical.dif
      README.update
      check-build.sh
* Thu Oct 01 2015 hguo@suse.com
  - Upgrade to upstream 2.4.42 release with accumulated bug fixes.
* Tue Jul 21 2015 hguo@suse.com
  - Upgrade to upstream 2.4.41 release with accumulcated bug fixes and stability improvements.
    * Add patch 0008-In-monitor-backend-do-not-return-Connection0-entries.patch
    * Remove already applied patch 0008-ITS-7723-fix-reference-counting.patch
    * Remove already applied patch 0009-gcc5.patch
    (Implements fate#319301)
* Thu Feb 19 2015 rguenther@suse.com
  - Add 0009-gcc5.patch to pass -P to the preprocessor in configure checks
    for Berkeley DB version
* Wed Nov 26 2014 jengelh@inai.de
  - binutils is required for "strings" utility invocation in %pre
    [bnc#904028]
  - Remove SLE10 definitions
* Sun Oct 12 2014 jengelh@inai.de
  - Use %_smp_mflags for parallel build
* Mon Sep 22 2014 tchvatal@suse.com
  - Add baselibs.conf to sources list
* Wed Sep 10 2014 varkoly@suse.com
  - Do not bypass output of useradd and groupadd
* Tue Sep 02 2014 ro@suse.de
  - sanitize release line in specfile
* Wed Jul 16 2014 ckornacker@suse.com
  - segfault on certain queries with rwm overlay (bnc#846389)
    0008-ITS-7723-fix-reference-counting.patch
* Fri Jun 06 2014 ckornacker@suse.com
  - enable systemd slapd service if SysV ldap was enabled (bnc#881476)
* Tue May 13 2014 coolo@suse.com
  - use %_rundir if available, otherwise /var/run
* Wed Apr 23 2014 dmueller@suse.com
  - move systemd requires to server package
* Tue Feb 18 2014 ckornacker@suse.com
  - Fix systemd service installation
* Sun Feb 16 2014 ro@suse.de
  - use configure macro also for building the 2.3.37 version
* Wed Feb 12 2014 varkoly@suse.com
  - Remove PidFile from service definition
  - Update to 2.4.39
    * Fixed libldap MozNSS crash (ITS#7783)
    * Fixed libldap memory leak with SASL (ITS#7757)
    * Fixed libldap assert in parse_passwdpolicy_control (ITS#7759)
    * Fixed libldap shortcut NULL RDNs (ITS#7762)
    * Fixed libldap deref to use correct control
    * Fixed liblmdb keysizes with mdb_update_key (ITS#7756)
    * Fixed slapd cn=config olcDbConfig modification (ITS#7750)
    * Fixed slapd-bdb/hdb to bail out of search if config is paused (ITS#7761)
    * Fixed slapd-bdb/hdb indexing issue with derived attributes (ITS#7778)
    * Fixed slapd-mdb to bail out of search if config is paused (ITS#7761)
    * Fixed slapd-mdb indexing issue with derived attributes (ITS#7778)
    * Fixed slapd-perl to bail out of search if config is paused (ITS#7761)
    * Fixed slapd-sql to bail out of search if config is paused (ITS#7761)
    * Fixed slapo-constraint handling of softadd/softdel (ITS#7773)
    * Fixed slapo-syncprov assert with findbase (ITS#7749)
    * Build Environment
      Test suite: Use $(MAKE) for tests (ITS#7753)
    * Documentation
      admin24 fix TLSDHParamFile to be correct (ITS#7684)
* Tue Feb 11 2014 varkoly@suse.com
  - Add systemd style service definition
  - FATE#315028 remove memory limit for slapd
  - FATE#315415: LDAP compat packages required for older SLES versions
    For this reson following patches were applied:
    openldap-2.3.37-libldap-suid.diff
    openldap-2.3.37-libldap-ldapi_url.dif
    openldap-2.3.37-libldap-ntlm.diff
    openldap-2.3.37-libldap-gethostbyname_r.dif
    openldap-2.3.37-libldap-sasl-max-buff-size.dif
    openldap-2.3.37-libldap-utf8-ADcanonical.dif
    openldap-2.3.37-liblber-length-decoding.dif
    openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif
    openldap-2.3.37-libldap-tls_chkhost-its6239.dif
    openldap-2.3.37-libldap-ssl.dif
* Wed Dec 11 2013 matz@suse.de
  - Make /etc/sasl2 owned by openldap2.
* Wed Dec 11 2013 varkoly@suse.com
  - Update to 2.4.38
    * Fixed liblmdb nordahead flag (ITS#7734)
    * Fixed liblmdb to check cursor index before cursor_del (ITS#7733)
    * Fixed liblmdb wasted space on split (ITS#7589)
    * Fixed slapd for certs with a NULL issuerDN (ITS#7746)
    * Fixed slapd cn=config with empty nested includes (ITS#7739)
    * Fixed slapd syncrepl memory leak with delta-sync MMR (ITS#7735)
    * Fixed slapd-bdb/hdb to stop processing on dn not found (ITS#7741)
    * Fixed slapd-bdb/hdb with indexed ANDed filters (ITS#7743)
    * Fixed slapd-mdb to stop processing on dn not found (ITS#7741)
    * Fixed slapd-mdb dangling reader (ITS#7662)
    * Fixed slapd-mdb matching rule for OlcDbEnvFlags (ITS#7737)
    * Fixed slapd-mdb with indexed ANDed filters (ITS#7743)
    * Fixed slapd-meta from blocking other threads (ITS#7740)
    * Fixed slapo-syncprov assert with findbase (ITS#7749)
      Changes in 2.4.37
    * Added liblmdb nordahead environment flag (ITS#7725)
    * Fixed client tools CLDAP with IPv6 (ITS#7695)
    * Fixed libldap CLDAP with IPv6 (ITS#7695)
    * Fixed libldap lock ordering with abandon op (ITS#7712)
    * Fixed liblmdb segfault with mdb_cursor_del (ITS#7718)
    * Fixed liblmdb when converting to writemap (ITS#7715)
    * Fixed liblmdb assert on MDB_NEXT with delete (ITS#7722)
    * Fixed liblmdb wasted space on split (ITS#7589)
    * Fixed slapd cn=config with olcTLSProtocolMin (ITS#7685)
    * Fixed slapd-bdb/hdb optimize index updates (ITS#7329)
    * Fixed slapd-ldap chaining with cn=config (ITS#7381, ITS#7434)
    * Fixed slapd-ldap chaning with controls (ITS#7687)
    * Fixed slapd-mdb optimize index updates (ITS#7329)
    * Fixed slapd-meta chaining with cn=config (ITS#7381, ITS#7434)
    * Fixed slapo-constraint to no-op on nonexistent entries (ITS#7692)
    * Fixed slapo-dds assert on startup (ITS#7699)
    * Fixed slapo-memberof to not replicate internal ops (ITS#7710)
    * Fixed slapo-refint to not replicate internal ops (ITS#7710)
      Changes in 2.4.36
    * Added back-meta target filter patterns (ITS#7609)
    * Added liblmdb mdb_txn_env to API (ITS#7660)
    * Fixed libldap CLDAP with uninit'd memory (ITS#7582)
    * Fixed libldap with UDP (ITS#7583)
    * Fixed libldap OpenSSL TLS versions (ITS#7645)
    * Fixed liblmdb MDB_PREV behavior (ITS#7556)
    * Fixed liblmdb transaction issues (ITS#7515)
    * Fixed liblmdb mdb_drop overflow page return (ITS#7561)
    * Fixed liblmdb nested split (ITS#7592)
    * Fixed liblmdb overflow page behavior (ITS#7620)
    * Fixed liblmdb race condition with read and write txns (ITS#7635)
    * Fixed liblmdb mdb_del behavior with MDB_DUPSORT and mdb_del (ITS#7658)
    * Fixed slapd cn=config with unknown schema elements (ITS#7608)
    * Fixed slapd cn=config with loglevel 0 (ITS#7611)
    * Fixed slapd slapi filterlist free behavior (ITS#7636)
    * Fixed slapd slapi control free behavior (ITS#7641)
    * Fixed slapd schema countryString as directoryString (ITS#7659)
    * Fixed slapd schema telephoneNumber as directoryString (ITS#7659)
    * Fixed slapd-bdb/hdb to wait for read locks in tool mode (ITS#6365)
    * Fixed slapd-mdb behavior with alias dereferencing (ITS#7577 )
    * Fixed slapd-mdb modrdn and base-scoped searches (ITS#7604)
    * Fixed slapd-mdb refcount behavior (ITS#7628)
    * Fixed slapd-meta binding flag is set (ITS#7524)
    * Fixed slapd-meta with minimal config (ITS#7581)
    * Fixed slapd-meta missing results messages (ITS#7591)
    * Added slapd-meta TCP keepalive support (ITS#7513)
    * Fixed slapo-sssvlv double free (ITS#7588)
    * Fixed slaptest to list -Q option (ITS#7568)
      Changes in 2.4.35
    * Fixed liblmdb mdb_cursor_put with MDB_MULTIPLE (ITS#7551)
    * Fixed liblmdb page rebalance (ITS#7536)
    * Fixed liblmdb missing parens (ITS#7377)
    * Fixed liblmdb mdb_cursor_del crash (ITS#7553)
    * Fixed slapd syncrepl updateCookie status (ITS#7531)
    * Fixed slapd connection logging (ITS#7543)
    * Fixed slapd segfault on modify (ITS#7542, ITS#7432)
    * Fixed slapd-mdb to reject undefined attrs (ITS#7540)
    * Fixed slapo-pcache with +/- attrsets (ITS#7552)
      Changes in 2.4.34
    * Fixed libldap connections with EINTR (ITS#7476)
    * Fixed libldap lineno overflow in ldif_read_record (ITS#7497)
    * Fixed liblmdb mdb_env_open flag handling (ITS#7453)
    * Fixed liblmdb mdb_midl_sort array optimization (ITS#7432)
    * Fixed liblmdb freelist with large entries (ITS#7455)
    * Fixed liblmdb to check for filled dirty page list (ITS#7491)
    * Fixed liblmdb to validate data limits (ITS#7485)
    * Fixed liblmdb mdb_update_key for large keys (ITS#7505)
    * Fixed ldapmodify to not core dump with invalid LDIF (ITS#7477)
    * Fixed slapd syncrepl for old entries in MMR setup (ITS#7427)
    * Fixed slapd signedness for index_substr_any_* (ITS#7449)
    * Fixed slapd enforce SLAPD_MAX_DAEMON_THREADS (ITS#7450)
    * Fixed slapd mutex in send_ldap_ber (ITS#6164)
    * Added slapd-ldap onerr option (ITS#7492)
    * Added slapd-ldap keepalive support (ITS#7501)
    * Fixed slapd-ldif with empty dir (ITS#7451)
    * Fixed slapd-mdb to reopen attr DBs after env reopen (ITS#7416)
    * Fixed slapd-mdb handling of missing entries (ITS#7483,7496)
    * Fixed slapd-mdb environment flag setting (ITS#7452)
    * Fixed slapd-mdb with sub db slapcat (ITS#7469)
    * Fixed slapd-mdb to correctly work with toolthreads > 2 (ITS#7488,ITS#7527)
    * Fixed slapd-mdb subtree search speed (ITS#7473)
    * Fixed slapd-meta conversion to cn=config (ITS#7525)
    * Fixed slapd-meta segfault when modifying olcDbUri (ITS#7526)
    * Fixed slapd-sql back-config support (ITS#7499)
    * Fixed slapo-constraint handle uri and restrict correctly (ITS#7418)
    * Fixed slapo-constraint with multi-master replication (ITS#7426)
    * Fixed slapo-constraint segfault (ITS#7431)
    * Fixed slapo-deref control initialization (ITS#7436)
    * Fixed slapo-deref control exposure (ITS#7445)
    * Fixed slapo-memberof with internal ops (ITS#7487)
    * Fixed slapo-pcache matching rules for config db (ITS#7459)
    * Fixed slapo-rwm modrdn cleanup (ITS#7414)
    * Fixed slapo-sssvlv maxperconn parameter (ITS#7484)
* Mon Jun 17 2013 jengelh@inai.de
  - For now, avoid automatic use of libdb-6_0 by explicitly selecting
    libdb-4_8 as BuildRequire.
* Mon Mar 25 2013 jengelh@inai.de
  - Put static libs into openldap2-devel-static and relieve
    openldap2-devel of static-only deps
* Sat Nov 17 2012 ro@suse.de
  - fix check-build.sh for kernel > 3.0
* Fri Nov 16 2012 rhafer@suse.com
  - Fixed initscript to avoid endless loop when no configuration
    is present in /etc/openldap/slapd.d/ (bnc#767464)
  - cleaned up SLES10 buildrequires and dependencies
  - removed support for building on SLES9, didn't work anyway anymore
  - Don't buildrequire krb5-mini on Distributions where it does not
    exist
* Fri Oct 26 2012 rhafer@suse.com
  - enabled mdb backend
  - Update to 2.4.33
    * Added slapd-meta cn=config support
    * Fixed slapd alock handling on Windows (ITS#7361)
    * Fixed slapd acl handling with zero-length values (ITS#7350)
    * Fixed slapd syncprov to not reference ops inside a lock (ITS#7172)
    * Fixed slapd delta-syncrepl MMR with large attribute values (ITS#7354)
    * Fixed slapd slapd_rw_destroy function (ITS#7390)
    * Fixed slapd-ldap idassert bind handling (ITS#7403)
    * Fixed slapo-constraint with multiple modifications (ITS#7168)
    Changes in 2.4.32:
    * Added slappasswd loadable module support (ITS#7284)
    * Fixed tools to not clobber SASL_NOCANON (ITS#7271)
    * Fixed libldap function declarations (ITS#7293)
    * Fixed libldap double free (ITS#7270)
    * Fixed libldap debug level setting (ITS#7290)
    * Fixed libldap gettime() regression (ITS#6262)
    * Fixed libldap sasl handling (ITS#7118, ITS#7133)
    * Fixed libldap to correctly free socket with TLS (ITS#7241)
    * Fixed slapd config index renumbering (ITS#6987)
    * Fixed slapd duplicate error response (ITS#7076)
    * Fixed slapd parsing of PermissiveModify control (ITS#7298)
    * Fixed slapd-bdb/hdb cache hang under high load (ITS#7222)
    * Fixed slapd-bdb/hdb alias checking (ITS#7303)
    * Fixed slapd-bdb/hdb olcDbConfig changes work immediately (ITS#7338)
    * Fixed slapd-ldap to encode user DN during password change (ITS#7319)
    * Fixed slapd-ldap assertion when proxying to MS AD (ITS#6851)
    * Fixed slapd-ldap monitoring (ITS#7182, ITS#7225)
    * Fixed slapd-perl panic (ITS#7325)
    * Fixed slapo-accesslog memory leaks with sync replication (ITS#7292)
    * Fixed slapo-syncprov memory leaks with sync replication (ITS#7292)
* Fri Oct 26 2012 coolo@suse.com
  - add explicit buildrequire on groff - needed to build manuals
* Tue Oct 16 2012 coolo@suse.com
  - buildrequire krb5-mini in openldap2-client to avoid cycle
  - move Summary out of the %if as prepare_spec is confused about
    the license otherwise
* Thu May 10 2012 rhafer@suse.de
  - update to 2.4.31
    * Added slapo-accesslog support for reqEntryUUID (ITS#6656)
    * Fixed libldap IPv6 URL detection (ITS#7194)
    * Fixed libldap rebinding on failed connection (ITS#7207)
    * Fixed slapd listener initialization (ITS#7233)
    * Fixed slapd cn=config with olcTLSVerifyClient (ITS#7197)
    * Fixed slapd delta-syncrepl fallback on non-leaf error (ITS#7195)
    * Fixed slapd to reject MMR setups with bad serverID setting
      (ITS#7200)
    * Fixed slapd approxIndexer key generation (ITS#7203)
    * Fixed slapd modification of olcSuffix (ITS#7205)
    * Fixed slapd schema validation with missing definitions
      (ITS#7224)
    * Fixed slapd syncrepl -c with supplied CSN values (ITS#7245)
    * Fixed slapd-bdb/hdb idlcache with only one element (ITS#7231)
    * Fixed slapo-accesslog deadlock with non-logged write ops
      (ITS#7088)
    * Fixed slapo-syncprov sessionlog check (ITS#7218)
    * Fixed slapo-syncprov entry leak (ITS#7234)
    * Fixed slapo-syncprov startup initialization (ITS#7235)
* Mon Apr 23 2012 rhafer@suse.de
  - Disabled testsuite for now. Causes problems in the buildserivce
* Tue Mar 06 2012 rhafer@suse.de
  - Update to 2.4.30
    * Fixed libldap socket polling for writes (ITS#7167)
    * Fixed liblutil string modifications (ITS#7174)
    * Fixed slapd crash when attrsOnly is true (ITS#7143)
    * Fixed slapd syncrepl delete handling (ITS#7052,ITS#7162)
    * Fixed slapo-pcache time-to-refesh handling (ITS#7178)
    * Fixed slapo-syncprov loop detection (ITS#6024)
* Mon Feb 27 2012 rhafer@suse.de
  - Update to 2.4.29
    * Fixed slapd cn=config modification of first schema element
      (ITS#7098)
    * Fixed slapd operation reuse (ITS#7107)
    * Fixed slapd blocked writers to not interfere with pool pause
      (ITS#7115)
    * Fixed slapd connection loop connindex usage (ITS#7131)
    * Fixed slapd double mutex unlock via connection_done (ITS#7125)
    * Fixed slapd check order in connection_write (ITS#7113)
    * Fixed slapd slapadd to exit on failure (ITS#7142)
    * Fixed slapd syncrepl reference to freed memory
      (ITS#7127,ITS#7132)
    * Fixed slapd syncrepl to ignore some errors on delete
      (ITS#7052)
    * Fixed slapd syncrepl to handle missing oldRDN (ITS#7144)
    * Fixed slapd-monitor compare op to update cached entry
      (ITS#7123)
    * Fixed slapo-syncprov with already abandoned operation
      (ITS#7150)
  - Included patches from RE24 branch:
    * only poll sockets for write as needed (ITS#7167, bnc#749082)
    * sycnrepl Fixes (ITS#7162)
* Wed Dec 07 2011 cfarrell@suse.com
  - license update: OLDAP-2.8
    SPDX format (http://www.spdx.org/licenses)
* Fri Dec 02 2011 rhafer@suse.de
  - Update to 2.4.28
    * Fixed back-mdb out of order slapadd (ITS#7090)
    changes in OpenLDAP 2.4.27 Release (2011/11/24):
    * Added slapd delta-syncrepl MMR (ITS#6734,ITS#7029,ITS#7031)
    * Fixed ldapmodify crash with LDIF controls (ITS#7039)
    * Fixed ldapsearch to honor timeout and timelimit (ITS#7009)
    * Fixed libldap endless looping (ITS#7035)
    * Fixed libldap TLS to not check hostname when using 'allow'
      (ITS#7014)
    * Fixed slapadd common code into slapcommon (ITS#6737)
    * Fixed slapd backend connection initialization (ITS#6993)
    * Fixed slapd frontend DB parsing in cn=config (ITS#7016)
    * Fixed slapd hang with {numbered} overlay insertion (ITS#7030)
    * Fixed slapd inet_ntop usage (ITS#6925)
    * Fixed slapd cn=config deletion of bitmasks (ITS#7083)
    * Fixed slapd cn=config modify replace/delete crash (ITS#7065)
    * Fixed slapd schema UTF8StringNormalize with 0 length values
      (ITS#7059)
    * Fixed slapd with dynamic acls for cn=config (ITS#7066)
    * Fixed slapd response callbacks (ITS#6059,ITS#7062)
    * Fixed slapd no_connection warnings with ldapi
      (ITS#6548,ITS#7092)
    * Fixed slapd return code processing (ITS#7060)
    * Fixed slapd sl_malloc various issues (ITS#6437)
    * Fixed slapd startup behavior (ITS#6848)
    * Fixed slapd syncrepl crash with non-replicated ops (ITS#6892)
    * Fixed slapd syncrepl with modrdn (ITS#7000,ITS#6472)
    * Fixed slapd syncrepl timeout when using refreshAndPersist
      (ITS#6999)
    * Fixed slapd syncrepl deletes need a non-empty CSN (ITS#7052)
    * Fixed slapd syncrepl glue for empty suffix (ITS#7037)
    * Fixed slapd results cleanup (ITS#6763,ITS#7053)
    * Fixed slapd validation of args for TLSCertificateFile
      (ITS#7012)
    * Fixed slapd-bdb/hdb to build entry DN based on parent DN
      (ITS#5326)
    * Fixed slapd-hdb with zero-length entries (ITS#7073)
    * Fixed slapd-hdb duplicate entries in subtree IDL cache
      (ITS#6983)
    * Fixed slapo-pcache response cleanup (ITS#6981)
    * Fixed slapo-ppolicy pwdAllowUserChange behavior (ITS#7021)
    * Fixed slapo-sssvlv issue with greaterThanorEqual (ITS#6985)
    * Fixed slapo-sssvlv to only return requested attrs (ITS#7061)
    * Fixed slapo-syncprov DSA attribute filtering for Persist mode
      (ITS#7019)
    * Fixed slapo-syncprov when consumer has newer state of our SID
      (ITS#7040)
    * Fixed slapo-syncprov crash (ITS#7025)
    * Added missing LDIF form of schema files (ITS#7063)
* Fri Nov 25 2011 coolo@suse.com
  - add libtool as buildrequire to avoid implicit dependency
* Mon Oct 24 2011 rhafer@suse.de
  - ACL changes to the config database only got active after slapd
    restart in certain cases (bnc#716895, ITS#7066).
  - Adjusted default DB_CONFIG to increase max values for locks and
    lock objects (bnc#719803)
  - Fix UTF8StringNormalize overrun on zero-length string
    (bnc#724201, ITS#7059)
* Thu Jul 07 2011 rhafer@suse.de
  - Update to 2.4.26
    * Added libldap LDAP_OPT_X_TLS_PACKAGE (ITS#6969)
    * Fixed libldap descriptor leak (ITS#6929)
    * Fixed libldap socket leak (ITS#6930)
    * Fixed libldap get option crash (ITS#6931)
    * Fixed libldap lockup (ITS#6898)
    * Fixed libldap ASYNC TLS setup (ITS#6828)
    * Fixed libldap with missing \n terminations (ITS#6947)
    * Fixed tools double free (ITS#6946)
    * Fixed tools verbose output (ITS#6977)
    * Fixed ldapmodify SEGV on invalid LDIF (ITS#6978)
    * Added slapd extra_attrs database option (ITS#6513)
    * Fixed slapd asserts (ITS#6932)
    * Fixed slapd configfile param on windows (ITS#6933)
    * Fixed slapd config with global chaining (ITS#6843)
    * Fixed slapd uninitialized variables (ITS#6935)
    * Fixed slapd config objectclass is readonly (ITS#6963)
    * Fixed slapd entry response with control (ITS#6899)
    * Fixed slapd with unknown attrs (ITS#6819)
    * Fixed slapd normalization of schema RDN (ITS#6967)
    * Fixed slapd operations cache to 10 op limit (ITS#6944)
    * Fixed slapd syncrepl crash with non-replicated ops (ITS#6892)
    * Fixed slapd-bdb/hdb with sparse index ranges (ITS#6961)
    * Fixed back-ldap ppolicy updates (ITS#6711)
    * Fixed back-ldap with id-assert (ITS#6817)
    * Fixed various slapo-pcache issues (ITS#6823, ITS#6950,
      ITS#6951, ITS#6953, ITS#6954)
    * Fixed slapo-pcache database corruption (ITS#6831)
    * Fixed slapo-syncprov with replicated subtrees (ITS#6872)
  - backported delete support for child entries of overlays from
    master (bnc#704398)
* Tue Mar 29 2011 rhafer@suse.de
  - Updated to 2.4.25, important changes:
    * Fixed ldapsearch pagedresults loop (ITS#6755)
    * Fixed tools for incompatible args (ITS#6849)
    * Fixed libldap MozNSS crash (ITS#6863)
    * Fixed slapd add objectclasses in order (ITS#6837)
    * Added slapd ordering for uidNumber and gidNumber (ITS#6852)
    * Fixed slapd segfault when adding values out of order (ITS#6858)
    * Fixed slapd sortval handling (ITS#6845)
    * Fixed slapd-bdb with slapadd/index quick option (ITS#6853)
    * Fixed slapd-ldap chain cn=config support (ITS#6837)
    * Fixed slapd-ldap chain with slapd.conf (ITS#6857)
    * Fixed slapd-meta deadlock (ITS#6846)
    * Fixed slapo-sssvlv with multiple requests (ITS#6850)
    * Fixed contrib/lastbind install rules (ITS#6238)
    * Fixed contrib/cloak install rules (ITS#6877)
* Tue Feb 22 2011 rhafer@suse.de
  - Surpress gcc warnings about extra format string arguments for 2.3.x
    built as well.
* Mon Feb 14 2011 rhafer@suse.de
  - Updated to 2.4.24, important changes:
    * Added libldap_r,libldap formal concurrency API (ITS#6625,ITS#5421)
    * Added slapadd attribute value checking (ITS#6592)
    * Added slapcat continue mode for problematic DBs (ITS#6482)
    * Added slapd syncrepl suffixmassage support (ITS#6781)
    * Fixed liblber to not close invalid sockets (ITS#6585)
    * Fixed libldap referral chasing (ITS#6602)
    * Fixed libldap leak when chasing referrals (ITS#6744)
    * Fixed slapd acl parsing overflow (ITS#6611)
    * Fixed slapd acl when resuming parsing (ITS#6804)
    * Fixed slapd default config acls with overlays (ITS#6822)
    * Fixed slapd config leak with olcDbDirectory (ITS#6634)
    * Fixed slapd when first acl is value dependent (ITS#6693)
    * Fixed slapd-bdb slapadd -q with glued dbs (ITS#6794)
    * Fixed slapo-ppolicy don't update opattrs on consumers (ITS#6608)
    * Fixed slapo-ppolicy to allow userPassword deletion (ITS#6620)
    * Fixed slapo-syncprov to send error if consumer is newer (ITS#6606)
    * Fixed slapo-syncprov filter race condition (ITS#6708)
    * Fixed slapo-syncprov active mod race (ITS#6709)
    * Fixed slapo-syncprov to refresh if context is dirty (ITS#6710)
    * Fixed slapo-syncprov CSN updates to all replicas (ITS#6718)
    * Fixed slapo-syncprov sessionlog ordering (ITS#6716)
    * Fixed slapo-syncprov sessionlog with adds (ITS#6503)
    * Fixed slapo-syncprov mutex (ITS#6438)
    * Fixed slapo-syncprov mincsn check with MMR (ITS#6717)
    * Fixed slapo-syncprov control leak (ITS#6795)
    * Fixed slapo-syncprov error codes (ITS#6812)
    * For a comprehensive list of changes please consult the CHANGES
      file
  - removed unneeded openSUSE 11.0 specifc patch
* Tue Feb 01 2011 rhafer@suse.de
  - slapadd -q could crash for glued bdb/hdb databases
* Wed Jan 19 2011 rhafer@suse.de
  - Install the correct schema2ldif script (bnc#665530)
* Wed Jan 05 2011 rhafer@novell.com
  - Fixed quotation in init-script to avoid errors when calling it
    from within /etc/openldap/slapd.d/cn=config/ (bnc#660492).
* Fri Nov 12 2010 rhafer@novell.com
  - Surpress gcc warnings about extra format string arguments.
  - Split-off openldap2-doc (noarch) package (Admin Guide and IDs)
  - Backported -VVV commandline switch for slapd from HEAD
    (to list enabled static overlays)
  - Build all overlays except syncprov and ppolicy as dynamic modules
    (Fixes bnc#648479, FATE#307837)
  - Added README.dynamic-overlays to point out some details about
    dynamic overlays
  - simplified pie-compile patch and adjusted it to work with
    dynamic overlays
* Tue Oct 05 2010 rhafer@novell.com
  - Handle the libdb-4_5 -> libdb-4_8 Version update by opening the
    Databases with DB_RECOVER if a version mismatch is detected.
* Sun Oct 03 2010 cristian.rodriguez@opensuse.org
  - Do not include Build date and time in binaries, this
    avoids build-compare failures and unhelpful rebuilds/republishes
* Wed Sep 29 2010 rhafer@novell.com
  - Don't build 2.3 slapcat anymore for 11.3 and newer. We switch to
    2.4 long ago.
  - Removed automatic 2.3->2.4 migration in %post
  - moved back-sql examples to make rpmlint happy
* Thu Aug 26 2010 rhafer@novell.com
  - Fix listener URIs in init script to make SLP registration work
    again (bnc#620389)
* Fri Jul 23 2010 rhafer@novell.com
  - Fixed RPM Group and Summary Tags (bnc#624980)
* Thu Jul 01 2010 rhafer@novell.com
  - Updated to 2.4.23:
    * Fixed libldap to return server's error code (ITS#6569)
    * Fixed libldap memleaks (ITS#6568)
    * Fixed liblutil off-by-one with delta (ITS#6541)
    * Fixed slapd acls with glued databases (ITS#6468)
    * Fixed slapd syncrepl rid logging (ITS#6533)
    * Fixed slapd modrdn handling of invalid values (bnc#612430,
      ITS#6570)
    * Fixed slapd-bdb hasSubordinates computation (ITS#6549)
    * Fixed slapd-bdb to use memcpy instead for strcpy (ITS#6474)
    * Fixed slapd-bdb entry cache delete failure (ITS#6577)
    * Fixed slapd-ldap to return control responses (ITS#6530)
    * Fixed slapo-ppolicy to use Debug (ITS#6566)
    * Fixed slapo-refint to zero out freed DN vals (ITS#6572)
    * Fixed slapo-rwm to use Debug (ITS#6566)
    * Fixed slapo-sssvlv to use Debug (ITS#6566)
    * Fixed slapo-syncprov lost deletes in refresh phase (bnc#606294,
      ITS#6555)
    * Fixed slapo-valsort to use Debug (ITS#6566)
    * Fixed contrib/nssov network.c missing patch (ITS#6562)
  - New subpackage openldap2-back-sql. Contains the SQL backend
    module plus some documentation (bnc#395719)
  - generate Patches from git tree (resulted in all patches being
    renamed)
  - installing binaries without stripping them is done by setting
    the STRIP enviroment variable instead for patching the Makefile
    now
  - Fixed a bug in the syncprov overlay which could lead to not
    replicate delete Operations (ITS#6555, bnc#606294)
  - BuildRequires cleanup
* Thu Jul 01 2010 rhafer@novell.com
  - LDAP clients could crash the server by submitting a specially
    crafted LDAP ModRDN operation.  (bnc#612430, ITS#6570)
  - Delete Operations happening during the "Refresh" phase of
    "refreshAndPersist" replication failed to replicate under
    certain circumstances (bnc#606294, ITS#6555)
* Mon May 10 2010 rhafer@novell.com
  - Create /var/run/slapd on demand. /var/run might be mounted on
    tmpfs.
* Thu Apr 15 2010 adrian@suse.de
  - fix build dependency cycle for -client package with openslp
* Wed Mar 17 2010 rhafer@novell.com
  - Fixed quotation in sed expression to escape ldapi path in init
    script
* Tue Mar 16 2010 rhafer@novell.com
  - Removed obsolete hunk from openldap2.dif
  - Remove ldap.conf patch to use saner default for Certificate
    verification (bnc#575146)
* Sat Feb 13 2010 rguenther@suse.de
  - Add fix for stricter fortification checks of GCC 4.5.
* Thu Jan 07 2010 rhafer@novell.com
  - Updated to 2.4.21:
    * Fixed liblutil for negative microsecond offsets (ITS#6405)
    * Fixed slapd global settings to work without restart (ITS#6428)
    * Fixed slapd looping with SSL/TLS connections (ITS#6412)
    * Fixed slapd syncrepl freeing tasks from queue (ITS#6413)
    * Fixed slapd syncrepl parsing of tls defaults (ITS#6419)
    * Fixed slapd syncrepl uninitialized variables (ITS#6425)
    * Fixed slapd-config Adds with Abstract classes (ITS#6408)
    * Fixed slapo-dynlist behavior with simple filters (ITS#6421)
    * Fixed slapd-ldif access outside database directory (ITS#6414)
    * Fixed slapo-translucent with back-null (ITS#6403)
    * Fixed slapo-unique criteria checking (ITS#6270)
  - removed some obsolete RPM dependencies
  - Added missing tags to init script to silence rpmlint warnings
* Thu Dec 10 2009 rhafer@novell.com
  - Fixed an issue in back-config's objectclass inheritence code that
    could cause the server to fail to start or to spin in an endless
    loop (bnc#558059,ITS#6408)
  - default the tls_reqcert parameter of a syncrepl config to
    "demand" as documented even if other tls_ options are absent
    (bnc#558397, ITS#6319)
  - apply changes to the global size and timelimits to all database
    that don't specify limits themself. (bnc#562184, ITS#6428)
* Mon Nov 30 2009 rhafer@novell.com
  - Update to 2.4.20 (fate#306593), most important fixes since 2.4.19
    * Fixed liblber embedded NUL values in BerValues (ITS#6353)
    * Fixed libldap sasl buffer sizing (ITS#6327,ITS#6334)
    * Fixed libldap uninitialized return value (ITS#6355)
    * Fixed libldap unlimited timeout (ITS#6388)
    * Added slapd handling of hex server IDs (ITS#6297)
    * Fixed slapd checks of str2filter (ITS#6391)
    * Fixed slapd configArgs initialization (ITS#6363)
    * Fixed slapd db_open with connection_fake_init (ITS#6381)
    * Fixed slapd with embedded \0 in bervals (ITS#6378,ITS#6379)
    * Fixed slapd inclusion of ac/unistd.h (ITS#6342)
    * Fixed slapd sl_free to better reclaim memory (ITS#6380)
    * Fixed slapd syncrepl deletes in MirrorMode (ITS#6368)
    * Fixed slapd syncrepl to use correct SID (ITS#6367)
    * Fixed slapd tls_accept to retry in certain cases (ITS#6304)
    * Fixed slapd-bdb/hdb cache corruption (ITS#6341)
    * Fixed slapd-bdb/hdb entry cache (ITS#6360)
    * Fixed slapo-syncprov checkpoint conversion (ITS#6370)
    * Fixed slapo-syncprov deadlock (ITS#6335)
    * Fixed slapo-syncprov out of order changes (ITS#6346)
  - Added switch to enable/disable testsuite (%run_test_suite)
* Tue Nov 03 2009 coolo@novell.com
  - updated patches to apply with fuzz=0
* Mon Sep 28 2009 rhafer@novell.com
  - Added schema2ldif tool to openldap2-client subpackage
    (bnc#541819)
* Wed Sep 23 2009 rhafer@novell.com
  - Changed permissions on /var/run/slapd to a saner default for
    ldapi:/// (bnc#536729)
* Wed Sep 09 2009 rhafer@novell.com
  - libldap's check of the hostname against the TLS Certificate's CN
    Attribute did not handle possible NUL bytes in the CN correctly
    and was vulnerable against attacks with spoofed Certificates.
    (bnc#537143, ITS#6239)
* Tue Jul 14 2009 rhafer@novell.com
  - Update to 2.4.17. Most important changes:
    * Fixed liblber to use ber_strnlen (ITS#6080)
    * Fixed libldap openssl digest initialization (ITS#6192)
    * Fixed libldap tls NULL error messages (ITS#6079)
    * Added slapd sasl auxprop support (ITS#6147)
    * Added slapd schema checking tool (ITS#6150)
    * Added slapd writetimeout keyword (ITS#5836)
    * Fixed slapd abandon/cancel handling for some ops (ITS#6157)
    * Fixed slapd access setstyle to expand (ITS#6179)
    * Fixed slapd assert with closing connections (ITS#6111)
    * Fixed slapd bind race condition (ITS#6189)
    * Fixed slapd cert validation (ITS#6098)
    * Fixed slapd connection_destroy assert (ITS#6089)
    * Fixed slapd csn normalization (ITS#6195)
    * Fixed slapd errno handling (ITS#6037)
    * Fixed slapd hung writers (ITS#5836)
    * Fixed slapd ldapi issues (ITS#6056)
    * Fixed slapd normalization of updated schema attributes (ITS#5540)
    * Fixed slapd olcLimits handling (ITS#6159)
    * Fixed slapd olcLogLevel with hex levels (ITS#6162)
    * Fixed slapd sending cancelled operations results (ITS#6103)
    * Fixed slapd slapi_entry_has_children (ITS#6132)
    * Fixed slapd sockets usage on windows (ITS#6039)
    * Fixed slapd some abandon and cancel race conditions (ITS#6104)
    * Fixed slapd tls context after changes (ITS#6135)
    * Fixed slapd-bdb/hdb adjust dncachesize if too low (ITS#6176)
    * Fixed slapd-bdb/hdb crashes during delete (ITS#6177)
    * Fixed slapd-bdb/hdb multiple olcIndex for same attr (ITS#6196)
    * Fixed slapd-hdb freeing of already freed entries (ITS#6074)
    * Fixed slapd-hdb entryinfo cleanup (ITS#6088)
    * Fixed slapd-hdb dncache lockups (ITS#6095)
    * Fixed slapd-ldap deadlock with non-responsive TLS URIs (ITS#6167)
    * Fixed slapo-ppolicy to honor pwdLockout (ITS#6168)
    * Fixed slapo-ppolicy to return check modules error message (ITS#6082)
    * Added slapo-rwm rwm-drop-unrequested-attrs config option (ITS#6057)
    * Fixed slapo-rwm dn passing (ITS#6070)
    * Fixed slapo-rwm entry free/release (ITS#6058, ITS#6081)
    * Fixed tools returning ldif errors (ITS#5892)
  - Backported fix for failing back-monitor test from HEAD
  - re-enabled some formerly disabled tests from the testsuite
* Mon Jun 29 2009 rhafer@novell.com
  - Fixed Summary/Description for -client subpackage
* Thu Jun 25 2009 rhafer@novell.com
  - Improved connection check in init script (bnc#510295)
* Mon Jun 15 2009 rhafer@novell.com
  - Fixed complilation with newer glibc (2.3.X release needs
    GNU_SOURCE defined as well in getpeerid.c)
* Wed Apr 29 2009 rhafer@novell.com
  - gcc 4.4 fixes
* Mon Apr 06 2009 rhafer@suse.de
  - Update to 2.4.16. Most important fixes:
    * Fixed libldap segfault in checking cert/DN (ITS#5976)
    * Fixed libldap peer cert double free (ITS#5849)
    * Fixed libldap referral chasing (ITS#5980)
    * Fixed slapd backglue with empty DBs (ITS#5986)
    * Fixed slapd ctxcsn race condition (ITS#6001)
    * Fixed slapd debug message (ITS#6027)
    * Fixed slapd redundant module loading (ITS#6030)
    * Fixed slapd schema_init freed value (ITS#6036)
    * Fixed slapd syncrepl newCookie sync messages (ITS#5972)
    * Fixed slapd syncrepl hang during shutdown (ITS#6011)
    * Fixed slapd syncrepl too many MMR messages (ITS#6020)
    * Fixed slapd syncrepl skipped entries with MMR (ITS#5988)
    * Fixed slapd-bdb/hdb cachesize handling (ITS#5860)
    * Fixed slapd-bdb/hdb with slapcat with empty dn (ITS#6006)
    * Fixed slapd-bdb/hdb with NULL transactions (ITS#6012)
    * Fixed slapd-ldap incorrect referral handling (ITS#6003,ITS#5916)
    * Fixed slapd-ldap/meta with broken AD results (ITS#5977)
    * Fixed slapd-ldap/meta with invalid attrs again (ITS#5959)
    * Fixed slapo-accesslog interaction with ppolicy (ITS#5979)
    * Fixed slapo-dynlist conversion to cn=config (ITS#6002)
    * Fixed various slapo-syncprov issues (ITS#5972, ITS#6020,
      ITS#5985, ITS#5999, ITS#5973, ITS#6045, ITS#6024, ITS#5988)
  - Fix building on older openSUSE releases
* Fri Mar 20 2009 rhafer@suse.de
  - Update to 2.4.15. Most important changes:
    * Fixed slapd bconfig conversion again (ITS#5346)
    * Fixed slapd behavior with superior objectClasses again (ITS#5517)
    * Fixed slapd RFC4512 behavior with same attr in RDN (ITS#5968)
    * Fixed slapd corrupt contextCSN (ITS#5947)
    * Fixed slapd syncrepl order to match on add/delete (ITS#5954)
    * Fixed slapd adding rdn with other values (ITS#5965)
    * Fixed slapd-bdb/hdb behavior with unallocatable shm (ITS#5956)
    * Fixed slapd-ldap/meta with entries with invalid attrs (ITS#5959)
    * Fixed slapo-pcache caching invalid entries (ITS#5927)
    * Fixed slapo-syncprov csn updates (ITS#5969)
    * Added libldap option to disable SASL host canonicalization (ITS#5812)
    * Fixed libldap chasing multiple referrals (ITS#5853)
    * Fixed libldap setuid usage with .ldaprc (ITS#4750)
    * Fixed libldap deref handling (ITS#5768)
    * Fixed libldap NULL pointer deref (ITS#5934)
    * Fixed libldap peer cert memory leak (ITS#5849)
    * Fixed libldap intermediate response behavior (ITS#5896)
    * Fixed libldap IPv6 address handling (ITS#5937)
    * Fixed libldap_r deref building (ITS#5768)
    * Fixed libldap_r slapd lockup when paused during shutdown (ITS#5841)
    * Fixed slapd acl checks on ADD (ITS#4556,ITS#5723)
    * Fixed slapd acl application to newly created backends (ITS#5572)
    * Fixed slapd bconfig to return error codes (ITS#5867)
    * Fixed slapd bconfig encoding incorrectly (ITS#5897)
    * Fixed slapd bconfig dangling pointers (ITS#5924)
    * Fixed slapd epoll handling (ITS#5886)
    * Fixed slapd glue with MMR (ITS#5925)
    * Fixed slapd listener comparison (ITS#5613)
    * Fixed various syncrepl issues (ITS#5809,ITS#5850, ITS#5843,
      ITS#5866, ITS#5901, ITS#5881, ITS#5935, ITS#5710,
      ITS#5781, ITS#5809, ITS#5798, ITS#5826)
    * Fixed slapd-bdb/hdb dncachesize handling (ITS#5860)
    * Fixed slapd-bdb/hdb trickle task usage (ITS#5864)
    * Fixed slapd-hdb idlcache with empty suffix (ITS#5859)
* Wed Jan 07 2009 olh@suse.de
  - obsolete old -XXbit packages (bnc#437293)
* Fri Dec 12 2008 rhafer@suse.de
  - Fixed openldap2-devel dependencies (bnc#457989)
* Tue Dec 09 2008 rhafer@suse.de
  - Fixed a bug in the threadpool implementation that could cause
    slapd to lockup when shutting down while the pool is paused.
    (bnc#450457, ITS#5841)
* Fri Nov 28 2008 rhafer@suse.de
  - Disable the slapadd trickle-task it cause performance issues
    when using libdb-4.5 (bnc#449641)
  - removed obsolete configure option (ldbm backend does not exist
    in OpenLDAP 2.4)
* Fri Nov 21 2008 ro@suse.de
  - update check-build.sh
* Wed Nov 05 2008 rhafer@suse.de
  - Fixed database shutdown sequence (bnc#441774, ITS#5745)
* Tue Nov 04 2008 rhafer@suse.de
  - Handle ldbm databases in updates from 2.3 release (bnc#440589)
* Thu Oct 23 2008 rhafer@suse.de
  - the helper function to create various LDAP controls returned
    wrong error codes under certain circumstances
    (bnc#429064, ITS#5762)
  - Fixed referral chasing in chain-overlay (bnc#438088, ITS#5742)
  - Fixed back-config integration of overlays with private instances
    of databases (translucent, chain, ...) (bnc#438094, ITS#5736)
* Mon Oct 13 2008 rhafer@suse.de
  - Added missing #include to slapo-collect
* Sun Oct 12 2008 rhafer@suse.de
  - Update to 2.4.12. Most important changes:
    * Fixed libldap ldap_utf8_strchar arguments (ITS#5720)
    * Fixed libldap TLS_CRLFILE (ITS#5677)
    * Fixed librewrite memory handling (ITS#5691)
    * Fixed slapd attribute leak (ITS#5683)
    * Fixed slapd config backend with index greater than sibs (ITS#5684)
    * Fixed slapd custom attribute inheritance (ITS#5642)
    * Fixed slapd firstComponentMatch normalization (ITS#5634)
    * Fixed slapd connection events enabled twice (ITS#5725)
    * Fixed slapd memory handling (ITS#5691)
    * Fixed slapd objectClass canonicalization (ITS#5681)
    * Fixed slapd objectClass termination (ITS#5682)
    * Fixed slapd overlay control registration (ITS#5649)
    * Fixed slapd runqueue checking (ITS#5726)
    * Fixed slapd sortvals comparison (ITS#5578)
    * Fixed slapd syncrepl contextCSN detection (ITS#5675)
    * Fixed slapd syncrepl error logging (ITS#5618)
    * Fixed slapd syncrepl runqueue interval (ITS#5719)
    * Fixed slapd-bdb entry return if attr not present (ITS#5650)
    * Fixed slapd-bdb/hdb release search entries earlier (ITS#5728,ITS#5730)
    * Fixed slapd-bdb/hdb subtree search with empty suffix (ITS#5729)
    * Fixed slapo-memberof internal operations DN (ITS#5622)
    * Fixed slapo-pcache attrset crash (ITS#5665)
    * Fixed slapo-pcache caching with invalid schema (ITS#5680)
    * Fixed slapo-ppolicy control return on password modify exop (ITS#5711)
  - removed obsolete patches
* Mon Oct 06 2008 rhafer@suse.de
  - remove some problematic test-cases, that cause a lot of
    unreproducable buildfailures
  - check for exisitence of /etc/openldap/slapd.conf in init-script
    assume back-config usage if it isn't present (bnc#428168)
* Wed Sep 24 2008 rhafer@suse.de
  - Mark Schema and SuSEfirewall files as %config
  - openldap2-back-perl requires perl
  - Give more meaningful error messages when index configuration
    fails (bnc#429150)
* Fri Sep 19 2008 rhafer@suse.de
  - Reduced debug-level during "make test" to reduce required disk
    space and buildtime
* Thu Sep 18 2008 rhafer@suse.de
  - Fixed init-script dependencies (bnc#426214)
* Fri Sep 12 2008 rhafer@suse.de
  - Backported fix for a crash in back-config when adding entries with
    a too large index (ITS#5684)
  - Backported fix for a crash when adding an invalid olcBdbConfig
    Entry to back-config (ITS#5698)
* Tue Sep 09 2008 rhafer@suse.de
  - Removed getaddrinfo workaround. Recent glibc doesn't need it
    anymore (bnc#288879, ITS#5251)
  - Server requires libldap of the same version.
* Mon Sep 08 2008 rhafer@suse.de
  - Import back-config support for deleting databases from CVS HEAD
* Tue Sep 02 2008 rhafer@suse.de
  - Dropped evolution specific ntlm-bind Patch (Fate#303480)
* Thu Aug 28 2008 rhafer@suse.de
  - added ldapns.schema , to allow to use pam_ldap's "check_host_attr"
    and "check_service_attr" features (bnc#419984)
  - backport overlay_register_control fix from HEAD (bnc#420016,
    ITS#5649)
* Mon Aug 18 2008 mrueckert@suse.de
  - remove outdated options in the fillup_and_insserv call
* Mon Aug 18 2008 rhafer@suse.de
  - fixed LSB-Headers in init-script
* Wed Aug 13 2008 ro@suse.de
  - try to fix build for buildservice
    (BUILD_INCARNATION can be empty)
* Mon Aug 11 2008 rhafer@suse.de
  - /usr/lib/sasl2/slapd.conf was moved to /etc/sasl2/slapd.conf
    (bnc#412652)
  - adjust ownerships of database directories even when using
    back-config
* Thu Jul 31 2008 rhafer@suse.de
  - Enable back-config delete support
* Tue Jul 29 2008 rhafer@suse.de
  - Update to Version 2.4.11. Most important changes:
    * Fixed liblber ber_get_next length decoding (ITS#5580)
    * Added libldap assertion control (ITS#5560)
    * Fixed liblutil missing return code (ITS#5615)
    * Fixed slapd cert serial number parsing (ITS#5588)
    * Fixed slapd check for structural_class failures (ITS#5540)
    * Fixed slapd config backend renumbering (ITS#5571)
    * Fixed slapd configContext OID (ITS#5383)
    * Fixed slapd crash with no listeners (ITS#5563)
    * Fixed slapd sets memory leak (ITS#5557)
    * Fixed slapd sortvals binary search (ITS#5578)
    * Fixed slapd syncrepl updates with multiple masters (ITS#5597)
    * Fixed slapd syncrepl superior objectClass delete/add (ITS#5600)
    * Fixed slapd syncrepl/slapo-syncprov contextCSN updates as internal ops (ITS#5596)
    * Fixed slapo-memberof replace handling (ITS#5584)
    * Added slapo-nssov contrib module
    * Fixed slapo-pcache handling of negative search caches (ITS#5546)
    * Fixed slapo-ppolicy DNs with whitespaces (ITS#5552)
    * Fixed slapo-ppolicy modify with internal ops (ITS#5569)
    * Fixed slapo-syncprov ACL evaluation (ITS#5548)
    * Fixed slapo-syncprov crash with delcsn (ITS#5589)
    * Fixed slapo-syncprov full reload (ITS#5564)
    * Fixed slapo-syncprov missing olcSpReloadHint attr(ITS#5591)
    * Fixed slapo-unique filter normalization (ITS#5581)
* Mon Jun 30 2008 rhafer@suse.de
  - Only apply -fPIE patch to recent Distributions
  - removed -fPIE from the slapcat-2.3 build
  - Adjust BuildRequires for older Distributions
* Fri Jun 27 2008 coolo@suse.de
  - make sure the subpacks are only in one spec file declared
* Tue Jun 24 2008 rhafer@suse.de
  - branched off libldap-2_4-2 package to support the shared library
    packaging policy
* Wed Jun 11 2008 rhafer@suse.de
  - Update to Version 2.4.10. Most important changes:
    * Fixed libldap ld_defconn cleanup if it was freed (ITS#5518,
      ITS#5525)
    * Fixed libldap msgid handling (ITS#5318)
    * Fixed libldap t61 infinite loop (ITS#5542)
    * Fixed libldap_r missing stubs (ITS#5519)
    * Fixed slapd initialization of sr_msgid, rs->sr_tag (ITS#5461)
    * Fixed slapd missing termination of integerFilter keys
      (ITS#5503)
    * Fixed slapd multiple attrs in URI (ITS#5516)
    * Fixed slapd sasl_ssf retrieval (ITS#5403)
    * Fixed slapd socket assert (ITS#5489)
    * Fixed slapd syncrepl cookie (ITS#5536)
    * Fixed slapd-bdb/hdb MAXPATHLEN (ITS#5531)
    * Fixed slapd-bdb indexing in single ADD/MOD (ITS#5521)
    * Fixed slapd-ldap entry_get() op-dependent behavior (ITS#5513)
    * Fixed slapd-meta quarantine crasher (ITS#5522)
    * Fixed slapo-refint to allow setting modifiers name (ITS#5505)
    * Fixed slapo-syncprov contextCSN passing on syncprov consumers
      (ITS#5488)
    * Fixed slapo-syncprov csn update with delta-syncrepl (ITS#5493)
    * Fixed slapo-syncprov op2.o_extra reset (ITS#5501, #5506)
    * Fixed slapo-syncprov searching wrong backend (ITS#5487)
    * Fixed slapo-syncprov sending ops without queued CSNs (ITS#5465)
    * Fixed slapo-syncprov max csn search on startup (ITS#5537)
    * Fixed slapo-unique config structs (ITS#5526)
    * Fixed slapo-unique filter terminator (ITS#5511)
* Fri May 16 2008 rhafer@suse.de
  - Support update from 2.3 releases (bnc#390247)
* Thu May 08 2008 rhafer@suse.de
  - Update to Version 2.4.9. Most important changes:
    * Fixed libldap to use unsigned port (ITS#5436)
    * Fixed libldap error message for missing close paren (ITS#5458)
    * Fixed libldap_r tpool pause checks (ITS#5364, #5407)
    * Fixed slapcat error checking (ITS#5387)
    * Fixed slapd abstract objectClass inheritance check (ITS#5474)
    * Fixed slapd add operations requiring naming attrs (ITS#5412)
    * Fixed slapd connection handling (ITS#5469)
    * Fixed slapd frontendDB backend selection (ITS#5419)
    * Fixed slapd pagedresults stale state (ITS#5409)
    * Fixed slapd pointer dereference (ITS#5388)
    * Fixed slapd null argument dereference (ITS#5435)
    * Fixed slapd REP_ENTRY flags (ITS#5340)
    * Fixed slapd value list termination (ITS#5450)
    * Fixed slapd-bdb ID_NOCACHE handling (ITS#5439)
    * Fixed slapd-bdb entryinfo state if db_lock fails (ITS#5455)
    * Fixed slapd-bdb referral rewrite (ITS#5339)
    * Fixed slapd-config overlay stacking (ITS#5346)
    * Fixed slapd-config attribute publishing (ITS#5383)
    * Fixed slapd-ldap connection handler (ITS#5404)
    * Fixed slapd-ldif file name handling & multi-suffix/dir catch
      (ITS#5408)
    * Fixed slapd-meta connections on error (ITS#5440)
    * Fixed slapd-meta crash on search (ITS#5481)
    * Various syncrepl fixes (ITS#5407, ITS#5413, ITS#5426, ITS#5430,
      ITS#5432, ITS#5454, ITS#5397, ITS#5470)
    * Various slapo-syncprov fixes (ITS#5401, ITS#5405, ITS#5418,
      ITS#5486, ITS#5433, ITS#5434, ITS#5437, ITS#5444, ITS#5445,
      ITS#5484, ITS#5451)
* Fri Apr 25 2008 rhafer@suse.de
  - Adjust ownership of DB_CONFIG to ldap:ldap (bnc#376204)
* Thu Apr 10 2008 matz@suse.de
  - Compile with glibc 2.8.
* Thu Apr 10 2008 ro@suse.de
  - added baselibs.conf file to build xxbit packages
    for multilib support
* Thu Apr 03 2008 rhafer@suse.de
  - removed apparmor profile
* Mon Mar 03 2008 rhafer@suse.de
  - revert last change and make libldap_r available again as some
    packages seem to directly rely on libldap_r. Assume they know
    of the libldap_r's limitations.
* Wed Feb 27 2008 rhafer@suse.de
  - Moved libldap_r from -client subpackage to the main server
    package as it is only meant to be used by slapd.
  - Removed static libldap_r.a library and libldap_r.so link from
    - devel subpackage. External programs should only use the "normal"
    libldap library.
* Wed Feb 20 2008 rhafer@suse.de
  - Update to Version 2.4.8. Most important changes:
    * Fixed libldap extended decoding (ITS#5304)
    * Fixed libldap filter abort (ITS#5300)
    * Fixed libldap ldap_parse_sasl_bind_result (ITS#5263)
    * Fixed libldap result codes for open (ITS#5338)
    * Fixed libldap search timeout crash (ITS#5291)
    * Fixed libldap paged results crash (ITS#5315)
    * Fixed slapd support for 2.1 CSN (ITS#5348)
    * Fixed slapd include handling (ITS#5276)
    * Fixed slapd modrdn check for valid new DN (ITS#5344)
    * Fixed slapd multi-step SASL binds (ITS#5298)
    * Fixed slapd overlay ordering when moving to slapd.d (ITS#5284)
    * Fixed slapd NULL printf (ITS#5264)
    * Fixed slapd NULL set values (ITS#5286)
    * Fixed slapd timestamp race condition (ITS#5370)
    * Fixed slapd cn=config crash on delete (ITS#5343)
    * Fixed slapd cn=config global acls (ITS#5352)
    * Fixed slapd truncated cookie (ITS#5362)
    * Fixed slapd str2entry with no attrs (ITS#5308)
    * Fixed slapd TLSVerifyClient default (ITS#5360)
    * Fixed slapd delta-syncrepl refresh mode (ITS#5376)
    * Fixed slapd ACL sets URI attrs (ITS#5384)
    * Fixed slapd invalid entryUUID filter (ITS#5386)
    * Fixed slapd-bdb idlcache on adds (ITS#5086)
    * Fixed slapd-bdb crash with modrdn (ITS#5358)
    * Fixed slapd-bdb modrdn to same dn (ITS#5319)
    * Fixed slapd-bdb MMR (ITS#5332)
    * Fixed slapd-meta setting of sm_nvalues (ITS#5375)
    * Fixed slapd-monitor crash (ITS#5311)
    * Fixed slapo-ppolicy only password check with policy (ITS#5285)
    * Fixed slapo-ppolicy del/replace password without new one (ITS#5373)
    * Fixed slapo-syncprov hang on checkpoint (ITS#5261)
* Thu Jan 10 2008 rhafer@suse.de
  - Removed bogus debugging output from slapd_getaddrinfo_dupl.dif
* Wed Jan 09 2008 rhafer@suse.de
  - Fixed allocation for paged results cookie (Bug #352255, ITS#5315)
* Fri Dec 14 2007 rhafer@suse.de
  - Update to Version 2.4.7. Most important changes:
    * Added slapd ordered indexing of integer attributes (ITS#5239)
    * Fixed slapd paged results control handling (ITS#5191)
    * Fixed slapd sasl-host parsing (ITS#5209)
    * Fixed slapd filter normalization (ITS#5212)
    * Fixed slapd multiple suffix checking (ITS#5186)
    * Fixed slapd paged results handling when using rootdn (ITS#5230)
    * Fixed slapd syncrepl presentlist handling (ITS#5231)
    * Fixed slapd core schema 'c' definition for RFC4519 (ITS#5236)
    * Fixed slapd 3-way Multi-Master Replication (ITS#5238)
    * Fixed slapd hash collisions in index slots (ITS#5183)
    * Fixed slapd replication of dSAOperation attributes (ITS#5268)
    * Fixed slapadd contextCSN updating (ITS#5225)
    * Fixed slapd-bdb/hdb to report and fail on internal errors (ITS#5232)
    * Fixed slapd-bdb/hdb dn2entry lock bug (ITS#5257)
    * Fixed slapd-bdb/hdb dn2id lock bug (ITS#5262)
    * Fixed slapd-hdb caching on rename ops (ITS#5221)
    * Fixed slapo-accesslog abandoned op cleanup (ITS#5161)
    * Fixed slapo-dds deleting from nonexistent db (ITS#5267)
    * Fixed slapo-memberOf deleted values saving (ITS#5258)
    * Fixed slapo-pcache op->o_abandon handling (ITS#5187)
    * Fixed slapo-ppolicy single password check on modify (ITS#5146)
    * Fixed slapo-ppolicy internal search (ITS#5235)
    * Fixed slapo-syncprov refresh and persist cookie sending (ITS#5210)
    * Fixed slapo-syncprov ignore invalid cookies (ITS#5211)
    * Fixed slapo-translucent interaction with slapo-rwm (ITS#4889)
* Thu Nov 29 2007 rhafer@suse.de
  - check for duplicates in getaddrinfo results and ignore them.
    (Bug #288879)
* Tue Nov 27 2007 rhafer@suse.de
  - The init-script removed directory access on /etc/openldap/slapd.d
    (Bug #344091)
* Mon Nov 26 2007 rhafer@suse.de
  - Update to Version 2.4.6. Initial 2.4 release for "general use".
    New features:
    * Usability/Manageability:
    - More complete Documentation (manual pages and Admin Guide)
    - dynamic configuration and monitoring improvments
    * More functionality
    - New overlays (dds, memberof, constraint)
    - Multimaster syncrepl replication
    * Performance improvments:
    - Further optimized frontend
    - Reduced locking contention in backend
  - back-config support through new sysconfig option
    "OPENLDAP_CONFIG_BACKEND"
  - Install admin guide from the main tarball, to get rid of the
    admin-guide tarball
  - New sysconfig options:
    * OPENLDAP_START_LDAP to allow to disable the ldap:// listener
    * OPENLDAP_LDAPI_INTERFACES to specify the paths for the ldapi:///
      listeners
* Mon Oct 29 2007 rhafer@suse.de
  - Update to Version 2.3.39. Most important changes:
    * Fixed slapd database/overlay config conflict (ITS#4848)
    * Fixed slapd password_hash config order (ITS#5082)
    * Fixed slapd slap_mods_check bug (ITS#5119)
    * Fixed slapd ACL sets memory handling (ITS#4860,ITS#4873)
    * Fixed slapd ordered values add normalization issue (ITS#5136)
    * Fixed slapd-bdb DB_CONFIG conversion bug (ITS#5118)
    * Fixed slapd-ldap search control parsing (ITS#5138)
    * Fixed slapd-ldap SASL idassert w/o authcId
    * Fixed slapd-ldif directory separators in DN (ITS#5172)
    * Fixed slapd-meta conn caching on bind failure (ITS#5154)
    * Fixed slapd-meta bind timeout assertion (ITS#5185)
    * Fixed slapd-sql concurrency issue (ITS#5095)
    * Fixed slapo-chain double-free (ITS#5137)
    * Fixed slapo-pcache and -rwm interaction fix (ITS#4991)
    * Fixed slapo-pcache non-null terminated array crasher (ITS#5163)
    * Fixed slapo-rwm modlist handling (ITS#5124)
    * Fixed slapo-rwm UUID in filter (ITS#5168)
    * Fixed sasl SASL_SSF_EXTERNAL type (ITS#3864)
    * Fixed liblber Windows x64 portability (ITS#5105)
    * Fixed libldap ppolicy control creation (ITS#5103)
  - Silenced some rpmlint warnings
* Wed Aug 22 2007 rhafer@suse.de
  - Call "ldconfig" from %post and %postun in openldap2-client
    (Bug #298297)
* Tue Jul 24 2007 rhafer@suse.de
  - Update to Version 2.3.37. Most important changes:
    * Fixed slapd-glue/syncprov interaction (ITS#4623)
    * Fixed slapd-ldap search reference crash (ITS#5025)
    * Fixed slapd-ldbm crash on Compare op (ITS#5044)
    * Fixed slapo-rwm searchFilter double free (ITS#5043)
  - Most important changes in 2.3.36:
    * Fixed slapd mutex bug after failed startup (ITS#4957)
    * Fixed slapd sasl failed Bind bug (ITS#4954)
    * Fixed slapd sasl ssf logging (ITS#5001)
    * Fixed slapd tool op init (ITS#4911)
    * Fixed slapd-bdb no-op crasher (ITS#4925)
    * Fixed slapd-relay crash when no database can be selected (ITS#4958)
    * Fixed slapo-chain RFC3062 passwd exop handling (ITS#4964)
    * Fixed slapo-dynlist multiple group/url[/member] config (ITS#4989)
    * Fixed slapo-pcache handling of abandoned Operations (#5015)
    * Fixed slapo-pcache and -rwm interaction (ITS#4991)
    * Fixed slapo-ppolicy pwdReset/pwdMinAge (ITS#4970)
    * Fixed slapo-ppolicy control cleanup from ITS#4665
    * Fixed slapo-syncprov cookie parsing error (ITS#4977)
    * Fixed slapo-valsort crash on delete op (ITS#4966)
    * Fixed libldap referral chasing loop (ITS#4955)
    * Fixed libldap response code handling on rebind (ITS#4924)
    * Fixed libldap SASL_MAX_BUFF_SIZE (ITS#4935)
* Wed Jun 13 2007 dmueller@suse.de
  - remove binutils prereq
* Mon May 21 2007 dmueller@suse.de
  - reduce duplicated buildrequires against db42 and db45
* Tue May 15 2007 rhafer@suse.de
  - imported apparmor profile from apparmor (this profile is not
    enabled by default)
* Fri May 04 2007 rhafer@suse.de
  - Update to Version 2.3.35. Most important changes:
    * Fixed ldapmodify to use correct memory free functions (ITS#4901)
    * Fixed slapd acl set minor typo (ITS#4874)
    * Fixed slapd entry consistency check in str2entry2 (ITS#4852)
    * Fixed slapd ldapi:// credential issue (ITS#4893)
    * Fixed slapd str2anlist handling of undefined attrs/OCs (ITS#4854)
    * Fixed slapd syncrepl delta-sync modlist free (ITS#4904)
    * Added slapd syncrepl retry logging (ITS#4915)
    * Fixed slapd zero-length IA5string handling (ITS#4823)
    * Fixed slapd-bdb/hdb startup with missing shm env (ITS#4851)
    * Fixed slapd-ldap/meta consistency in referral proxying (ITS#4861)
    * Fixed slapd-ldap bind cleanup in case of unauthorized idassert
    * Fixed slapd-meta search cleanup
    * Fixed slapd-meta/slapo-rwm filter mapping
    * Fixed slapd-sql subtree shortcut (ITS#4856)
    * Fixed slapo-dynlist crasher (ITS#4891)
    * Fixed slapo-refint config message (ITS#4853)
    * Fixed libldap time_t signedness (ITS#4872)
    * Fixed libldap_r tpool reset (ITS#4855,#4899)
* Wed May 02 2007 dmueller@suse.de
  - Fix comparison with string literal
* Wed Apr 18 2007 schwab@suse.de
  - Fix generation of debuginfo packages.
* Tue Mar 20 2007 rguenther@suse.de
  - removed krb5-devel BuildRequires (support via cyrus-sasl)
* Thu Mar 15 2007 rhafer@suse.de
  - added Service definitions for SuSEfirewall2 (Bug #251654)
* Thu Feb 22 2007 rhafer@suse.de
  - Updated to Version 2.3.34. Most important changes:
    * Fixed libldap missing get_option(TLS CipherSuite) (ITS#4815)
    * Fixed ldapmodify printing error from ldap_result() (ITS#4812)
    * Fixed slapadd LDIF parsing (ITS#4817)
    * Fixed slapd libltdl link ordering (ITS#4830)
    * Fixed slapd syncrepl memory leaks (ITS#4805)
    * Fixed slapd dynacl/ACI compatibility with 2.1
    * Fixed slapd-bdb/hdb be_entry_get with aliases/referrals
      (ITS#4810)
    * Fixed slapd-ldap more response handling bugs (ITS#4782)
    * Fixed slapd-ldap C-API code tests (ITS#4808)
    * Fixed slapd-monitor NULL printf (ITS#4811)
    * Fixed slapo-chain spurious additional info in response
      (ITS#4828)
    * Fixed slapo-syncprov presence list (ITS#4813)
    * Fixed slapo-syncprov contextCSN checkpoint again (ITS#4720)
    * Added slapo-ppolicy cn=config support (ITS#4836)
    * Added slapo-auditlog cn=config support
* Fri Jan 26 2007 rhafer@suse.de
  - Updated to Version 2.3.33. Most important changes:
    * Fixed slapd-ldap chase-referrals switch (ITS#4557)
    * Fixed slapd-ldap bind behavior when idassert is always used
      (ITS#4781)
    * Fixed slapd-ldap response handling bugs (ITS#4782)
    * Fixed slapd-ldap idassert mode=self anonymous ops (ITS#4798)
    * Fixed slapd-ldap/meta privileged connections handling
      (ITS#4791)
    * Fixed slapd-meta retrying (ITS#4594, 4762)
    * Fixed slapo-chain referral DN use (ITS#4776)
    * Fixed slapo-dynlist dangling pointer after entry free
      (ITS#4801)
    * Fixed libldap ldap_pvt_put_filter syntax checks (ITS#4648)
* Fri Jan 12 2007 rhafer@suse.de
  - Updated to Version 2.3.32. Most important changes:
    * Fixed libldap unchased referral leak (ITS#4545)
    * Fixed libldap tls callback (ITS#4723)
    * Fixed slapd memleak on failed bind (ITS#4771)
    * Fixed slapd connections_shutdown assert
    * Fixed slapd add redundant duplicate value check (ITS#4600)
    * Fixed slapd ACL set memleak (ITS#4780)
    * Fixed slapd syncrepl shutdown hang (ITS#4790)
* Fri Nov 17 2006 rhafer@suse.de
  - Fix for a flaw in libldap's strval2strlen() function when processing the
    authcid string of certain Bind Requests, which could allow attackers to
    cause an affected application to crash (especially the OpenLDAP Server),
    creating a denial of service condition (Bug#221154,ITS#4740)
* Tue Nov 14 2006 rhafer@suse.de
  - Additional back-perl fixes from CVS. The first revision of the
    patch did not fix the problem completely  (Bug#207618, ITS#4751)
* Fri Oct 27 2006 rhafer@suse.de
  - cyrus-sasl configuration moved from %{_libdir}/sasl2 to
    /etc/sasl2/ (Bug: #206414)
* Wed Oct 04 2006 rhafer@suse.de
  - Add $network to Should-Start/Should-Stop in init scripts
    (Bug: #206823)
  - Imported latest back-perl changes from CVS, to fix back-perl
    initialization (Bug: #207618)
* Tue Aug 22 2006 rhafer@suse.de
  - Updated to Version 2.3.27
    * Fixed libldap dnssrv bug with "not present" positive statement
      (ITS#4610)
    * Fixed libldap dangling pointer issue (ITS#4405)
    * Fixed slapd incorrect rebuilding of replica URI (ITS#4633)
    * Fixed slapd DN X.509 normalization crash (ITS#4644)
    * Fixed slapd-monitor operations order via callbacks (ITS#4631)
    * Fixed slapo-accesslog purge task during shutdown
    * Fixed slapo-ppolicy handling of default policy (ITS#4634)
    * Fixed slapo-ppolicy logging verbosity when using default policy
    * Fixed slapo-syncprov incomplete sync on restart issues (ITS#4622)
* Wed Aug 02 2006 rhafer@suse.de
  - Updated to Version 2.3.25
    * Add libldap_r TLS concurrency workaround (ITS#4583)
    * Fixed slapd acl selfwrite bug (ITS#4587)
    * Fixed various syncrepl and slapo-syncprov bugs (ITS#4582, 4622,
      4534,4613, 4589)
    * Fixed slapd-bdb/hdb lock bug with virtual root (ITS#4572)
    * Fixed slapd-bdb/hdb modrdn new entry disappearing bug (ITS#4616)
    * Fixed slapd-bdb/hdb cache job issue
    * Fixed slapo-ppolicy password hashing bug (ITS#4575)
    * Fixed slapo-ppolicy password modify pwdMustChange reset bug (ITS#4576)
    * Fixed slapo-ppolicy control can be critical (ITS#4596)
  - Enabled CLDAP (LDAP over UDP) support
* Mon Jun 26 2006 rhafer@suse.de
  - Updated to Version 2.3.24
    * Fixed slapd syncrepl timestamp bug (delta-sync/cascade)
      (ITS#4567)
    * Fixed slapd-bdb/hdb non-root users adding suffix/root entries
      (ITS#4552)
    * Re-fixed slapd-ldap improper free bug in exop (ITS#4550)
    * Fixed slapd-ldif assert bug (ITS#4568)
    * Fixed slapo-syncprov crash under glued database (ITS#4562)
  - cleaned up SLES10 update specific stuff
  - added "chain-return-error" feature from HEAD to chain overlay
    (ITS#4570)
* Thu Jun 22 2006 schwab@suse.de
  - Don't use automake macros without using automake.
* Wed May 24 2006 rhafer@suse.de
  - Updated to Version 2.3.23
    * obsoletes the patches: libldap_ads-sasl-gssapi.dif,
      slapd-epollerr.dif
    * Fixed slapd-ldap improper free bug (ITS#4550)
    * Fixed libldap referral input destroy issue (ITS#4533)
    * Fixed libldap ldap_sort_entries tail bug (ITS#4536)
    * Fixed slapd runqueue use of freed memory (ITS#4517)
    * Fixed slapd thread pool init issue (ITS#4513)
    * Fixed slapd-bdb/hdb pre/post-read freeing (ITS#4532)
    * Fixed slapd-bdb/hdb pre/post-read unavailable issue (ITS#4538)
    * Fixed slapd-bdb/hdb referral issue (ITS#4548)
    * Fixed slapo-ppolicy BER tags issue (ITS#4528)
    * Fixed slapo-ppolicy rebind bug (ITS#4516)
    * For more details see the CHANGES file
  - Install CHANGES file to /usr/share/doc/packages/openldap2
* Wed May 10 2006 rhafer@suse.de
  - Really apply the patch for Bug#160566
  - slapd could crash while processing queries with pre-/postread
    controls (Bug#173877, ITS#4532)
* Fri Mar 24 2006 rhafer@suse.de
  - Backported fix from CVS for occasional crashes in referral
    chasing code (as used in e.g. back-meta/back-ldap).
    (Bug: #160566, ITS: #4448)
* Mon Mar 13 2006 rhafer@suse.de
  - openldap2 must obsolete -back-monitor and -back-ldap to have them
    removed during update (Bug: #157576)
* Fri Feb 17 2006 rhafer@suse.de
  - Add "external" to the list of supported SASL mechanisms
    (Bug: #151771)
* Thu Feb 16 2006 rhafer@suse.de
  - Error out when conversion from old configfile to config database
    fails (Bug: #135484,#135490 ITS: #4407)
* Mon Feb 13 2006 rhafer@suse.de
  - Don't ignore non-read/write epoll events (Bug: #149993,
    ITS: #4395)
  - Added update message to /usr/share/update-messages/en/ and enable
    it, when update did not succeed.
* Thu Feb 09 2006 rhafer@suse.de
  - OPENLDAP_CHOWN_DIRS honors databases defined in include files
    (Bug: #135473)
  - Fixed version numbers in README.update
  - Fixed GSSAPI binds against Active Directory (Bug: #149390)
* Fri Feb 03 2006 rhafer@suse.de
  - Cleaned up update procedure
  - man-pages updates and fixes (Fate: #6365)
* Fri Jan 27 2006 rhafer@suse.de
  - Updated to 2.3.19 (Bug #144371)
* Fri Jan 27 2006 mls@suse.de
  - converted neededforbuild to BuildRequires
* Wed Jan 25 2006 rhafer@suse.de
  - Updated Admin Guide to latest version
  - build slapcat from openldap-2.2.24 and install it to
    /usr/sbin/openldap-2.2-slapcat to be able to migrate from
    OpenLDAP 2.2.
  - removed slapd-backbdb-dbupgrade which is no longer needed
  - attempt to dump/reload bdb databases in %{post}
  - Update notes in README.update
* Fri Jan 13 2006 rhafer@suse.de
  - New sysconfig variable OPENLDAP_KRB5_KEYTAB
  - Cleanup in default configuration and init scripts
* Wed Jan 11 2006 rhafer@suse.de
  - Updated to 2.3.17
  - Remove OPENLDAP_RUN_DB_RECOVER from sysconfig file in %post
    slapd does now automatically recover the database if needed
  - Removed unneeded README.SuSE
  - Small adjustments to the default DB_CONFIG file
* Mon Jan 09 2006 rhafer@suse.de
  - Updated to 2.3.16
* Mon Dec 19 2005 rhafer@suse.de
  - Fixed filelist (slapd-hdb man-page was missing)
* Fri Dec 09 2005 rhafer@suse.de
  - Fixed build on x86_64
* Wed Dec 07 2005 rhafer@suse.de
  - Merged -back-ldap and -back-monitor subpackages into the main
    package and don't build them as dynamic modules anymore.
  - updated to OpenLDAP 2.3.13
* Mon Nov 28 2005 rhafer@suse.de
  - updated to OpenLDAP 2.3.12
* Wed Oct 26 2005 rhafer@suse.de
  - updated to OpenLDAP 2.3.11
  - removed the "LDAP_DEPRECATED" workaround
* Mon Sep 26 2005 rhafer@suse.de
  - Add "LDAP_DEPRECATED" to ldap.h for now
* Fri Sep 23 2005 rhafer@suse.de
  - updated to OpenLDAP 2.3.7
* Tue Aug 16 2005 rhafer@suse.de
  - allow start_tls while chasing referrals (Bug #94355, ITS #3791)
* Mon Jul 04 2005 rhafer@suse.de
  - devel-subpackage requires openldap2-client of the same version
    (Bugzilla: #93579)
* Thu Jun 30 2005 uli@suse.de
  - build with -fPIE (not -fpie) to avoid GOT overflow on s390*
* Wed Jun 22 2005 rhafer@suse.de
  - build the server packages with -fpie/-pie
* Wed Jun 15 2005 rhafer@suse.de
  - updated to 2.2.27
* Wed May 25 2005 rhafer@suse.de
  - libldap-gethostbyname_r.dif: Use gethostbyname_r instead of
    gethostbyname in libldap. Should fix host lookups through
    nss_ldap (Bugzilla: #76173)
* Fri May 13 2005 rhafer@suse.de
  - Updated to 2.2.26
  - made /%{_libdir}]/sasl2/slapd.conf %config(noreplace)
* Thu Apr 28 2005 rhafer@suse.de
  - Added /%{_libdir}]/sasl2/slapd.conf to avoid warnings about
    unconfigured OTP mechanism (Bugzilla: #80588)
* Tue Apr 12 2005 rhafer@suse.de
  - added minimal timeout to startproc in init-script to let it
    report the "failed" status correctly in case of misconfiguration
    (Bugzilla: #76393)
* Mon Apr 04 2005 rhafer@suse.de
  - crl-check.dif: Implements CRL checking on client and server side
  - use different base ports for differnt values of BUILD_INCARNATION
    (/.buildenv) to allow parallel runs of the test-suite on a single
    machine
* Mon Apr 04 2005 uli@suse.de
  - force yielding-select test to yes (test occasionally hangs QEMU)
* Fri Apr 01 2005 uli@suse.de
  - disable test suite on ARM (hangs QEMU)
* Tue Mar 29 2005 rhafer@suse.de
  - updated to 2.2.24
  - enabled back-hdb
* Wed Mar 02 2005 rhafer@suse.de
  - syncrepl.dif: merged latest syncrepl fixes (Bugzilla: #65928)
  - libldap-reinit-fdset.dif: Re-init fd_sets when select is
    interupted (Bugzilla #50076, ITS: #3524)
* Thu Feb 17 2005 rhafer@suse.de
  - checkproc_before_recover.dif: Check if slapd is stopped before
    running db_recover from the init script. (Bugzilla: #50962)
* Tue Feb 01 2005 rhafer@suse.de
  - Cleanup back-bdb databases in %post, db-4.3 changed the
    transaction log format again.
  - cosmetic fixes in init script
* Tue Jan 25 2005 rhafer@suse.de
  - updated to 2.2.23
  - cleaned up #neededforbuild
  - package should also build on older SuSE Linux releases now
  - increased killproc timeout in init-script (Bugzilla: #47227)
* Thu Jan 13 2005 rhafer@suse.de
  - updated to 2.2.20
  - Removed unneeded dependencies
* Fri Dec 10 2004 kukuk@suse.de
  - don't install *.la files
* Wed Nov 10 2004 rhafer@suse.de
  - updated to 2.2.18
  - use kerberos-devel-packages in neededforbuild
* Fri Sep 24 2004 ro@suse.de
  - re-arranged specfile to sequence (header (package/descr)* rest)
    so the checking parser is not confused ...
* Fri Sep 24 2004 rhafer@suse.de
  - Added pre_checkin.sh to generate a separate openldap2-client
    spec-file from which the openldap2-client and openldap2-devel
    subpackages are built. Should reduce build time for libldap as
    the test-suite is only executed in openldap2.spec.
* Fri Sep 10 2004 rhafer@suse.de
  - libldap-result.dif: ldapsearch was hanging in select() when
    retrieving results from eDirectory through a StartTLS protected
    connection (Bugzilla #44942)
* Mon Aug 09 2004 dobey@suse.de
  - added ntlm support
* Tue Aug 03 2004 rhafer@suse.de
  - updated to 2.2.16
  - Updated ACLs in slapd_conf.dif to disable default read access
    to the "userPKCS12" Attribute
  - rc-check-conn.diff: When starting slapd wait until is accepts
    connections, or 10 seconds at maximum (Bugzilla #41354)
  - Backported -o slp={on|off} feature from OpenLDAP Head and added
    new sysconfig variable (OPENLDAP_REGISTER_SLP) to be able
    to switch SLP registration on and off. (Bugzilla #39865)
  - removed unneeded README.update
* Fri Apr 30 2004 rhafer@suse.de
  - updated to 2.2.11
  - remove SLES8 update specific stuff
  - Bugzilla #39652: Updated slapd_conf.dif to contain basic access
    control
  - Bugzilla #39468: Added missing items to yast.schema
  - fixed strict-aliasing compiler warnings (strict-aliasing.dif)
* Thu Apr 29 2004 coolo@suse.de
  - build with several jobs if available
* Mon Apr 19 2004 rhafer@suse.de
  - ldapi_url.dif: Fixed paths for LDAPI-socket, pid-file and
    args-file (Bugzilla #38790)
  - ldbm_modrdn.dif: Fixed back-ldbm modrdn indexing bug (ITS #3059,
    Bugzilla #38915)
  - modify_check_duplicates.dif: check for duplicate attribute
    values in modify requests (ITS #3066/#3097, Bugzilla #38607)
  - updated and renamed yast2userconfig.schema to yast.schema as it
    contains more that only user configuration now
  - syncrepl.dif: addtional fixes for syncrepl (ITS #3055, #3056)
  - test_syncrepl_timeout: increased sleep timeout in syncrepl
    testsuite
* Thu Apr 01 2004 rhafer@suse.de
  - added "TLS_REQCERT allow" to /etc/openldap/ldap.conf, to make
    START_TLS work without access to the CA Certificate.
    (Bugzilla: #37393)
* Fri Mar 26 2004 rhafer@suse.de
  - fixed filelist
  - check-build.sh (build on kernel >= 2.6.4 hosts only)
  - yast2user.schema / slapd.conf fixed (#37076)
  - don't check for TLS-options is init-script anymore (#33560)
  - fixed various typos in README.update
* Wed Mar 17 2004 rhafer@suse.de
  - fixed build of openldap-2.1-slapcat (using correct db41 include
    files, build backends as on sles8)
  - attempt to update bdb database and reindex ldbm database in %{post}
  - Update notes in README.update
  - better default configuration (including default DB_CONFIG file)
  - misc updates for the YaST schema
  - fixed crasher in syncrepl-code (syncrepl.dif)
* Tue Mar 16 2004 schwab@suse.de
  - Fix type mismatch.
* Tue Mar 02 2004 rhafer@suse.de
  - updated to 2.2.6
  - build a openldap-2.1-slapcat from 2.1.25 sources  to be able to
    migrate from SLES8 and SL 9.0
* Thu Feb 19 2004 ro@suse.de
  - added check-build.sh (build on 2.6 hosts only)
* Thu Feb 05 2004 rhafer@suse.de
  - updated to 2.2.5
  - adjusted rfc2307bis.schema to support UTF-8 values in most
    attributes
  - enabled proxycache-overlay (wiht fix to work with back-ldbm)
* Tue Jan 13 2004 rhafer@suse.de
  - updated to 2.2.4
  - updated Admin Guide to most recent version
* Sat Jan 10 2004 adrian@suse.de
  - add %defattr
  - fix build as user
* Mon Dec 08 2003 rhafer@suse.de
  - updated to 2.1.25
  - small fixes for the YaST user schema
* Tue Nov 11 2003 rhafer@suse.de
  - enabled SLP-support
* Fri Oct 17 2003 kukuk@suse.de
  - Remove unused des from neededforbuild
* Tue Sep 02 2003 mt@suse.de
  - Bugzilla #29859: fixed typo in sysconfig metadata,
    usage of OPENLDAP_LDAPS_INTERFACES in init script
  - added /usr/lib/sasl2/slapd.conf permissions handling
  - added sysconfig variable OPENLDAP_SLAPD_PARAMS=""
    to support additional slapd start parameters
  - added sysconfig variable OPENLDAP_START_LDAPI=NO/yes
    for ldapi:/// (LDAP over IPC) URLs
* Thu Aug 14 2003 rhafer@suse.de
  - added activation metadata to sysconfig template (Bugzilla #28911)
  - removed lint from specfile
* Thu Aug 07 2003 rhafer@suse.de
  - added %stop_on_removal and %restart_on_update calls
  - bdb_addcnt.dif fixes a possible endless loop in id2entry()
  - addonschema.tar.gz: some extra Schema files (YaST, RFC2307bis)
* Wed Jul 16 2003 rhafer@suse.de
  - removed fillup_only and call fillup_and_insserv correctly
  - new Options in sysconfig.openldap: OPENLDAP_LDAP_INTERFACES,
    OPENLDAP_LDAPS_INTERFACES and OPENLDAP_RUN_DB_RECOVER
* Tue Jul 01 2003 rhafer@suse.de
  - updated to 2.1.22
  - updated Admin Guide to most recent version
  - build librewrite with -fPIC
* Mon Jun 16 2003 rhafer@suse.de
  - updated to 2.1.21
* Wed Jun 11 2003 ro@suse.de
  - fixed requires lines
* Mon May 26 2003 rhafer@suse.de
  - don't link back-ldap against librewrite.a, it's already linked
    into slapd (package should build on non-i386 Archs again)
* Fri May 23 2003 rhafer@suse.de
  - fixed dynamic build of back-ldap
  - new subpackage back-ldap
* Tue May 20 2003 rhafer@suse.de
  - updated to version 2.1.20
  - enabled dynamic backend modules
  - new subpackages back-perl, back-meta and back-monitor
  - remove unpacked files from BuildRoot
* Fri May 09 2003 rhafer@suse.de
  - updated to version 2.1.19
* Tue Apr 15 2003 ro@suse.de
  - fixed requires for devel-package ...
* Tue Apr 15 2003 ro@suse.de
  - fixed neededforbuild
* Thu Feb 13 2003 kukuk@suse.de
  - Enable IPv6 again
* Tue Feb 11 2003 rhafer@suse.de
  - added /etc/openldap to filelist
* Mon Feb 03 2003 rhafer@suse.de
  - switch default backend to ldbm
* Sun Feb 02 2003 ro@suse.de
  - fixed requires for devel package (cyrus-sasl2-devel)
* Fri Jan 31 2003 rhafer@suse.de
  - liblber.dif: Fixes two bugs in liblber by which remote attackers
    could crash the LDAP server (Bugzilla #22469, OpenLDAP ITS #2275
    and #2280)
* Tue Jan 14 2003 choeger@suse.de
  - build using sasl2
* Mon Jan 13 2003 rhafer@suse.de
  - updated to version 2.1.12
  - added metadata to sysconfig template (Bug: #22666)
* Thu Nov 28 2002 rhafer@suse.de
  - updated to version 2.1.8
  - added additional fix of 64bit archs
  - added secpatch.dif to fix setuid issues in libldap
* Fri Sep 06 2002 rhafer@suse.de
  - fix for Bugzilla ID #18981, chown to OPENLDAP_USER didn't work
    with multiple database backend directories
* Mon Sep 02 2002 rhafer@suse.de
  - removed damoenstart_ipv6.diff and disabled IPv6 support due to
    massive problems with nss_ldap
* Mon Aug 26 2002 rhafer@suse.de
  - ldap_user.dif: slapd is now run a the user/group ldap (Bugzilla
    ID#17697)
* Fri Aug 23 2002 rhafer@suse.de
  - updated to version 2.1.4, which fixes tons of bugs
  - added damoenstart_ipv6.diff (slapd was not starting when
    configured to listen on IPv4 and IPv6 interfaces, as done by the
    start script)
  - added README.SuSE with some hints about the bdb-backend
  - updated filelist to include only the man pages of the backends,
    that were built
* Thu Aug 15 2002 rhafer@suse.de
  - removed termcap and readline from neededforbuild
* Thu Aug 08 2002 rhafer@suse.de
  - enabled {CRYPT} passwords
  - update filelist (added new manpages)
* Thu Jul 25 2002 rhafer@suse.de
  - patches for 64 bit architectures
* Fri Jul 19 2002 rhafer@suse.de
  - update to 2.1.3
* Fri Jul 05 2002 kukuk@suse.de
  - fix openldap2-devel requires
* Thu Jul 04 2002 rhafer@suse.de
  - switched back from cyrus-sasl2 to cyrus-sasl
* Wed Jul 03 2002 rhafer@suse.de
  - updated to OpenLDAP 2.1.2
  - added the OpenLDAP Administration Guide
  - enabled additional backends (ldap, meta, monitor)
* Mon Jun 10 2002 olh@suse.de
  - hack build/ltconfig to build shared libs on ppc64
* Wed Jun 05 2002 rhafer@suse.de
  - created /etc/sysconfig/openldap and OPENLDAP_START_LDAPS variable
    to enable ldap over ssl support
* Thu Mar 07 2002 rhafer@suse.de
  - Fix for Bugzilla ID#14569 (added cyrus-sasl-devel openssl-devel
    to the "Requires" Section of the -devel subpackage)
* Mon Feb 18 2002 rhafer@suse.de
  - updated to the latest STABLE release (2.0.23) which fixes some
    nasty bugs see ITS #1562,#1582,#1577,#1578
* Thu Feb 07 2002 rhafer@suse.de
  - updated to the latest release (which fixes a index corruption
    bug)
  - cleanup in neededforbuild
  - small fixes for the init-scripts
* Thu Jan 17 2002 rhafer@suse.de
  - updated to the latest stable release (2.0.21)
* Wed Jan 16 2002 egmont@suselinux.hu
  - removed periods and colons from startup/shutdown messages
* Tue Jan 15 2002 rhafer@suse.de
  - updated to v2.0.20 (which fixes a security hole in ACL
    processing)
* Fri Jan 11 2002 rhafer@suse.de
  - converted archive to bzip2
  - makes use of %{_libdir} now
  - set CFLAGS to -O0 for archs ia64, s390(x) and alpha otherwise
    the test suite fails on these archs
  - changed slapd.conf to store the database under /var/lib/ldap
    (this patch was missing in the last versions by accident)
* Mon Jan 07 2002 rhafer@suse.de
  - update to v2.0.19
* Thu Dec 06 2001 rhafer@suse.de
  - eliminated START_LDAP, START_SLURPD variables in rc.config
  - created separate init script for slurpd
  - moved init scripts from dif to separate source tgz
* Fri Oct 26 2001 choeger@suse.de
  - update to v2.0.18
* Mon Oct 15 2001 choeger@suse.de
  - update to v2.0.17
    added a sleep to the restart section
    moved some manpages to the client package
* Mon Oct 01 2001 choeger@suse.de
  - update to v2.0.15
* Wed Sep 12 2001 choeger@suse.de
  - backported the full bugfix from openldap-2.0.14
* Tue Sep 11 2001 choeger@suse.de
  - Bugfix for slurpd millionth second bug (ITS#1323)
* Mon Sep 10 2001 choeger@suse.de
  - moved ldapfilter.conf ldaptemplates.conf ldapsearchprefs.conf
    to openldap2-client package
* Mon Sep 03 2001 choeger@suse.de
  - update to version 2.0.12
* Mon Jul 02 2001 choeger@suse.de
  - bugfix: init script was not LSB compliant, Bugzilla ID#9072
* Tue Jun 19 2001 ro@suse.de
  - fixed for autoconf again
* Fri Jun 15 2001 choeger@suse.de
  - update to 2.0.11
  - removed autoconf in specfile, because it doesn't work
* Wed May 23 2001 choeger@suse.de
  - update to version 2.0.10 (minor fixes)
* Tue May 22 2001 choeger@suse.de
  - update to version 2.0.9
* Mon Apr 23 2001 choeger@suse.de
  - removed kerberos support
  - added aci support
* Fri Apr 20 2001 choeger@suse.de
  - added kerberos support
* Thu Apr 05 2001 choeger@suse.de
  - moved section 5 and 8 manpages to the server part of package
* Wed Mar 14 2001 kukuk@suse.de
  - Move *.so links into -devel package
  - -devel requires -client
* Thu Mar 08 2001 choeger@suse.de
  - split up into openldap2-client and -devel
* Tue Feb 27 2001 ro@suse.de
  - changed neededforbuild <cyrus-sasl> to <cyrus-sasl cyrus-sasl-devel>
* Thu Feb 22 2001 ro@suse.de
  - added readline/readline-devel to neededforbuild (split from bash)
* Thu Jan 04 2001 choeger@suse.de
  - bugfix: slapd.conf rename /var/lib/openldap-ldbm to
      /var/lib/ldap
      init script: use $remote_fs
* Tue Jan 02 2001 olh@suse.de
  - use script name in %post
* Thu Dec 07 2000 choeger@suse.de
  - bugfix from Andreas Jaeger:
    workaround for glibc2.2, detach
* Fri Dec 01 2000 ro@suse.de
  - hacked configure for apparently broken pthread
* Fri Dec 01 2000 ro@suse.de
  - fixed spec
* Thu Nov 23 2000 choeger@suse.de
  - made configs %config(noreplace) (Bug 4112)
  - fixed neededforbuild
* Wed Nov 22 2000 choeger@suse.de
  - adopted new init scheme
* Wed Nov 15 2000 choeger@suse.de
  - fixed neededforbuild
* Fri Nov 10 2000 choeger@suse.de
  - added buildroot
* Tue Nov 07 2000 choeger@suse.de
  - long package name
  - new version, 2.0.7
* Fri Oct 06 2000 choeger@suse.de
  - first package of openldap2 (v2.0.6)

Files

/usr/lib64/liblber.a
/usr/lib64/libldap.a


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Nov 9 00:36:49 2024