diff options
| -rw-r--r-- | debian/changelog | 7 | ||||
| -rw-r--r-- | debian/patches/series | 1 | ||||
| -rw-r--r-- | debian/patches/tests-Drop-extensions-from-openssl-command-if-there-.patch | 45 |
3 files changed, 7 insertions, 46 deletions
diff --git a/debian/changelog b/debian/changelog index edc661d..2d38354 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +sssd (2.9.5-1) unstable; urgency=medium + + * New upstream release. (Closes: #1068063) + - CVE-2023-3758 (Closes: #1070369) + + -- Timo Aaltonen <tjaalton@debian.org> Mon, 20 May 2024 16:36:50 +0300 + sssd (2.9.4-2) unstable; urgency=medium [ Michael Biebl ] diff --git a/debian/patches/series b/debian/patches/series index 566ab08..cf4c5c2 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,4 +1,3 @@ fix-whitespace-test.diff default-to-socket-activated-services.diff fix-shebang-on-sss_analyze.patch -tests-Drop-extensions-from-openssl-command-if-there-.patch diff --git a/debian/patches/tests-Drop-extensions-from-openssl-command-if-there-.patch b/debian/patches/tests-Drop-extensions-from-openssl-command-if-there-.patch deleted file mode 100644 index 407c9d5..0000000 --- a/debian/patches/tests-Drop-extensions-from-openssl-command-if-there-.patch +++ /dev/null @@ -1,45 +0,0 @@ -From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> -Date: Wed, 24 Jan 2024 23:03:04 +0100 -Subject: [PATCH] tests: Drop -extensions from openssl command if there is no - -x509 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The 'openssl req' ignores the '-extensions' option without '-x509'. -OpenSSL versions prior 3.2 simply ignored it. Starting with version 3.2 -an error is generated: - -| /usr/bin/openssl req -batch -config -| ../../../../../src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA.config -| -new -nodes -key -| …/build/../src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_key.pem --sha256 -extensions v3_ca -out SSSD_test_intermediate_CA_req.pem -| Error adding request extensions from section v3_ca -| 003163BAB27F0000:error:11000079:X509 V3 routines:v2i_AUTHORITY_KEYID:no issuer certificate:../crypto/x509/v3_akid.c:156: -| 003163BAB27F0000:error:11000080:X509 V3 routines:X509V3_EXT_nconf_int:error in extension:../crypto/x509/v3_conf.c:48:section=v3_ca, name=authorityKeyIdentifier, value=keyid:always,issuer:always -| - -Remove the '-extensions' option. - -Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> ---- - src/tests/test_CA/intermediate_CA/Makefile.am | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/tests/test_CA/intermediate_CA/Makefile.am b/src/tests/test_CA/intermediate_CA/Makefile.am -index b439f82cb03e5..50fcddb8d2221 100644 ---- a/src/tests/test_CA/intermediate_CA/Makefile.am -+++ b/src/tests/test_CA/intermediate_CA/Makefile.am -@@ -33,7 +33,7 @@ ca_all: clean SSSD_test_intermediate_CA.pem SSSD_test_intermediate_CA_full_db.pe - ln -s $(builddir)/../$@ - - SSSD_test_intermediate_CA_req.pem: $(openssl_intermediate_ca_key) $(openssl_intermediate_ca_config) SSSD_test_CA.pem -- $(OPENSSL) req -batch -config ${openssl_intermediate_ca_config} -new -nodes -key $< -sha256 -extensions v3_ca -out $@ -+ $(OPENSSL) req -batch -config ${openssl_intermediate_ca_config} -new -nodes -key $< -sha256 -out $@ - - SSSD_test_intermediate_CA.pem: SSSD_test_intermediate_CA_req.pem $(openssl_root_ca_config) $(openssl_root_ca_key) - cd .. && $(OPENSSL) ca -config ${openssl_root_ca_config} -batch -notext -keyfile $(openssl_root_ca_key) -in $(abs_builddir)/$< -days 200 -extensions v3_intermediate_ca -out $(abs_builddir)/$@ --- -2.43.0 - |