UnboundID LDAP SDK for Java 6.0.3

UnboundID LDAP SDK for Java is a Java-based API for interacting with LDAP directory servers and performing other LDAP-related processing. The project has just released version 6.0.3, which includes the following changes:

  • Fixed a round-robin server set issue that could cause uneven balancing if servers became unavailable
  • Fixed a rare race condition if a connection was closed while waiting for a response to an asynchronous operation
  • Fixed an in-memory directory server issue with a matched DN in bind response messages
  • Improved SSL/TLS debugging for SSLUtil operations
  • Added a mechanism for encoding entries, search references, and LDAP results to JSON objects
  • Added a method to infer the key store type for JKS, PKCS #12 and BCFKS key store files
  • Added convenience methods for generating random data
  • Updated the documentation for LDAP-related specifications
  • Fixed a manage-account issue when receiving a response with an unknown operation type
  • Added client-side support for new extended operations for certificate management
  • Added authentication failure reason values for pass-through authentication
  • Updated the task manager to make it easier to use with connection pools and Server SDK internal connections

    LdapRecord 2.9.0

    LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 2.9.0, which appears to include the following changes:

    • Added a $model->setRawAttribute method
    • Added setDNAttribute and setDistinguishedNameAttribute mutators on Model
    • Added a Model::make method for creating model instances
    • Fixed an issue that could prevent DNs from being properly set when using $model->fill or updating $model->dn

    389 Directory Server 2.0.11

    The 389 Directory Server project has released version 2.0.11. Changes in this release appear to include:

    • Fixed an issue in which promoting or demoting a replica could crash the server
    • Fixed an issue in which a replica could encounter a deadlock
    • Fixed a memory leak in ldap-agent
    • Updated the CSN generator to limit time skew drift
    • Fixed an issue with PBKDF2 password encoding in FIPS 140-2-compliant mode
    • Fixed an issue in which max_failure_count could be reached too soon on a slow machine
    • Improved targetfilter ACI evaluation performance
    • Fixed an uninitialized variable issue in the logconv.pl script
    • Improved validation for automember configuration
    • Fixed an issue that arise if the /etc/hosts file had an invalid entry
    • Fixed a compatibility issue resulting from an attribute syntax change
    • Added the ability to create groups in the LDAP editor
    • Fixed an issue in which the editor tree was not being properly updated

    Symas OpenLDAP 2.6

    Symas has released version version 2.6 of their pre-built version of OpenLDAP. Their announcement lists the following changes:

    • Added the ability to log to a file as an alternative to syslog
    • Retired support for the back-ndb backend
    • Deprecated support for the back-sql and back-perl backends
    • Added additional load-balancing strategies
    • Improved support for certain controls and extended operations through the LDAP load balancer

    OpenLDAP 2.6 and 2.5.9

    The OpenLDAP project has announced the release of versions 2.6 and 2.5.8 of their LDAP directory server. Changes included in these releases include:

    • Added support for logging to a file as an alternative to syslog (version 2.6)
    • Added support for new load-balancing strategies (version 2.6)
    • Improved support for certain controls and extended operations through the LDAP load balancer (version 2.6)
    • Fixed an issue that could prevent importing an access log database from an OpenLDAP 2.4 server (version 2.5.9)

    LdapRecord 2.8.0

    LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 2.8.0, which appears to include the following changes:

    • Added the ability to specify a lockout duration in minutes, without a time zone
    • Added the ability to rename a user with a provided string as an alternative to an RDN
    • Added the ability to save a model without firing any events
    • Added the ability to execute callbacks for each object in a chunked query
    • Added the ability to abort chunk processing
    • Added the ability to execute a callback for a query with no results
    • Added a convenience method to obtain the matching entry from a query when exactly one is expected
    • Added a convenience methods to determine whether a query contains any results
    • Added methods to determine if a DN is valid or empty

    OpenLDAP 2.5.8

    The OpenLDAP project has announced the release of version 2.5.8 of their LDAP directory server. Changes in this release include:

    • Fixed a memory leak in syncrepl processing
    • Fixed a memory leak in client code used to obtain a peer certificate
    • Fixed a TLS-related issue introduced when converting configuration from slapd.conf to cn=config
    • Fixed a potential crash in password quality checking
    • Fixed an issue preventing attribute values from being deleted
    • Fixed an issue preventing users from setting a custom password policy
    • Fixed an issue with the equality matching rule for the namingContexts attribute
    • Fixed an issue with excessive logging for password policy processing
    • Fixed an issue affecting the ability to set up MySQL for use as a backend database
    • Fixed issues with the WiredTiger backend

    LDAP Tool Box slapd-cli 2.8

    The LDAP Tool Box project provides a set of LDAP-related applications, administrative tools, and other utilities. They have just released version 2.8 of their slapd-cli tools (formerly called openldap-initscript), which provide a set of command-line tools for OpenLDAP. This release includes the following changes:

    • Fixed a potential privilege escalation vulnerability that could be exploited by manipulating the PID file
    • Fixed a potential privilege escalation vulnerability that could result from recursive file ownership changes
    • Fixed a checksync tool issue with multiple suffixes
    • Fixed an issue when the OpenLDAP service used a name other than “slapd”
    • Migrated away from deprecated memberOf configuration
    • Migrated away from init.d references in favor of systemd
    • Added support for command-line autocomplete
    • Updated the status output to include the OpenLDAP version
    • Provide an option to use a default configuration and sample data
    • Updated documentation