The 389 Directory Server project has announced new releases of versions 2.3.1, 2.2.4, and 2.1.6. From the release announcements, it appears that the most significant changes include:
- Fixed a potential vulnerability in the UI (all three versions)
- Fixed potential memory management issues (all three versions)
- Made database compaction more robust (all three versions)
- Fixed an issue with an inconsistency with tombstone entries between LMDB and Berkeley DB (version 2.3.1)
- Increased the default number of file descriptors to avoid problems resulting from exhaustion (version 2.3.1)
- Fixed an issue that prevented enabling replication with a mixed-case suffix (all three versions)
- Fixed a performance issue with the memberof attribute (all three versions)
- Fixed issues with migration from OpenLDAP (all three versions)
- Fixed an issue in which changelog trimming was not performed at the expected interval (all three versions)
- Fixed various issues with the access log analysis script (all three versions)
- Fixed an issue that could cause the server to crash during shutdown (versions 2.3.1 and 2.2.4)
- Fixed an issue that could cause the entryuuid fixup task to fail in a replicated environment (all three versions)
- Fixed a performance issue due to lock contention under mixed load (all three versions)
- Fixed a performance issue when using pam_passthrough (all three versions)
- Fixed an issue in which some releases didn not include the cockpit web application (version 2.3.1)
- Fixed an issue that could prevent the UI from working properly if you change the root DN (all three versions)
- Fixed a performance issue with smart referral entries (all three versions)
- Fixed an issue with dscreate when using a custom dir_path with SELinux enabled (all three verisons)
- Added a default ACI that could help avoid problems with searches targeting group membership (version 2.3.1)
- Updated the server to only allow a single memberof fixup task to run at a time (all three versions)
- Updated healthcheck to ensure that all group attributes referenced by memberof are indexed (all three versions)
- Improved import performance with LMDB (version 2.3.1)
- Added default indexes for uidnumber, gidnumber, and memberuid (versions 2.3.1 and 2.1.6)
- Improved access logging for operation statistics (versions 2.3.1 and 2.2.4)
- Added the ability to always include a specified set of attributes in the audit log (all three versions)
- Improved debug logging support for password policy processing (all three versions)
- Updated the CLI to add support for adding CA certificate bundles (all three versions)
- Improved UI support for binary attributes like jpegPhoto (all three versions)