You are viewing a plain text version of this content. The canonical link for it is here.
Posted to announce@apache.org by Emmanuel Lecharny <el...@apache.org> on 2023/10/21 22:35:54 UTC
[ANNOUNCE] Apache DS 2.0.0.AM27 released
The Apache Directory team is pleased to announce the release of ApacheDS
2.0.0.AM27, the 27th milestone towards a 2.0 version, which fixes some issue
in the 2.0.0.AM26 release.
ApacheDS is an extensible and embeddable directory server entirely written
in Java, which has been certified LDAPv3 compatible by the Open Group.
Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It
has been designed to introduce triggers, stored procedures, queues and
views to the world of LDAP which has lacked these rich constructs.
This is a major and long expected release of ApacheDS. It brings many
bug fixes (29). We focused on fixing issues on newer versions of Java
(11 and 17 are now supported), migrating Junit tests to version 5,
mitigating the Log4j security vulnerability.
The Kerberos subsystem has been removed from the server, as Apache
Kerby is already providing a maintained and updated Kerberos server.
It uses the Apache LDAP API 2.1.5 release, and TLS 1.3 is now supported.
It fixes 29 issues, many of them being major or critical bugs.
Here are the fixed issues :
Bugs :
------
* DIRSERVER-1670 - DIGEST-MD5 authentication mechanism must support encryption
* DIRSERVER-1091 - not Support multiple resource record answers caused
by ResourceRecordImpl's error equals method
* DIRSERVER-1632 - Setting SASL QoP to 'auth-int' or 'auth-conf' while
connecting using the LDAP API fails and throws a decoder exception
* DIRSERVER-1951 - Maven build on windows is flakey
* DIRSERVER-2162 - Searching for users using ObjectClass=person takes long
* DIRSERVER-2176 - Thread leak from LdapServer Unassigned Resolved
* DIRSERVER-2223 - JDK 9 ldaps does not work
* DIRSERVER-2252 - Controls are not properly passed back to the client
* DIRSERVER-2286 - Apacheds service will not start if kerberos is enable
* DIRSERVER-2301 - Apache DS 2.0.0.AM26 Maven install fails with
Unkown JVM/keysize
* DIRSERVER-2302 - Doing a search with a filter containing
(objectClass=top) fails
* DIRSERVER-2303 - ApplyLdifs treats entries with case sensitivity
* DIRSERVER-2308 - Moddn overrides existing entry
* DIRSERVER-2309 - DefaultDirectoryService#addAfter adds interceptor
before the given one
* DIRSERVER-2322 - ApacheDS default server instance not starting - Error 1067
* DIRSERVER-2326 - LDAP server doesn't start on IBM JDK 8 (NoClassDefFound)
* DIRSERVER-2332 - Unexpected Session Termination (nslcd - libpam-ldapd
* DIRSERVER-2347 - Incorrect Password Modify response (extended response)
* DIRSERVER-2359 - Search request results in OPERATIONS_ERROR due NPE
* DIRSERVER-2362 - ApacheDS 2.0.0-M17 references older log4j that has
security vulnerabilities
Improvements :
--------------
* DIRSERVER-2327 - Add possibility to use custom ReplayCache implementation
* DIRSERVER-2338 - Using a static IV in symmetric encryption with CBC mode
* DIRSERVER-2370 - Error under java17
* DIRSERVER-2305 - Delete Control seen as support in the RootDSE
Tasks :
-------
* DIRSERVER-1223 - @Ignore annotation on both core and server integ
causes tests to stop
* DIRSERVER-2328 - CreateAuthenticator annotation trust manager improvements
* DIRSERVER-2329 - Replication trust manager improvements
* DIRSERVER-2330 - StartTlsHandler and LdapsInitializer use
NoVerificationTrustManager
* DIRSERVER-2372 - Remove the Kerberos server from the Directory Server
Tests :
-------
* DIRSERVER-1847 - Introduce time provider for time dependent tests
The sources and installation packages can be downloaded at:
http://directory.apache.org/apacheds/downloads.html
User's Guide :
http://directory.apache.org/apacheds/basic-users-guide.html
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
Re: [ANNOUNCE] Apache DS 2.0.0.AM27 released
Posted by Emmanuel Lécharny <el...@gmail.com>.
Indeed.
The problem is that the packages are now created by a jenkins task, and
I wasn't aware that it was using a 28-SNAPSHOT instead of 27.
I'm going to get that fixed for the next release.
In the mean time, be assured that the packages are correct.
On 29/10/2023 14:21, Thilo-Alexander Ginkel wrote:
> Hi there,
>
> just an observation: The apacheds Debian packages for 2.0.0.AM27 [1] seem
> to contain 2.0.0.AM28-SNAPSHOT1:
>
>> Unpacking apacheds (2.0.0.AM28-SNAPSHOT1) ...
>> Setting up apacheds (2.0.0.AM28-SNAPSHOT1) ...
>
> Any ideas?
>
> Thanks,
> Thilo
>
> [1]
> https://archive.apache.org/dist/directory/apacheds/dist/2.0.0.AM27/apacheds-2.0.0.AM27-amd64.deb
>
> On Sun, Oct 22, 2023 at 12:36 AM Emmanuel Lecharny <el...@apache.org>
> wrote:
>
>> The Apache Directory team is pleased to announce the release of ApacheDS
>> 2.0.0.AM27, the 27th milestone towards a 2.0 version, which fixes some
>> issue
>> in the 2.0.0.AM26 release.
>>
>> ApacheDS is an extensible and embeddable directory server entirely written
>> in Java, which has been certified LDAPv3 compatible by the Open Group.
>> Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It
>> has been designed to introduce triggers, stored procedures, queues and
>> views to the world of LDAP which has lacked these rich constructs.
>>
>> This is a major and long expected release of ApacheDS. It brings many
>> bug fixes (29). We focused on fixing issues on newer versions of Java
>> (11 and 17 are now supported), migrating Junit tests to version 5,
>> mitigating the Log4j security vulnerability.
>>
>> The Kerberos subsystem has been removed from the server, as Apache
>> Kerby is already providing a maintained and updated Kerberos server.
>>
>> It uses the Apache LDAP API 2.1.5 release, and TLS 1.3 is now supported.
>>
>> It fixes 29 issues, many of them being major or critical bugs.
>>
>>
>> Here are the fixed issues :
>>
>> Bugs :
>> ------
>>
>> * DIRSERVER-1670 - DIGEST-MD5 authentication mechanism must support
>> encryption
>> * DIRSERVER-1091 - not Support multiple resource record answers caused
>> by ResourceRecordImpl's error equals method
>> * DIRSERVER-1632 - Setting SASL QoP to 'auth-int' or 'auth-conf' while
>> connecting using the LDAP API fails and throws a decoder exception
>> * DIRSERVER-1951 - Maven build on windows is flakey
>> * DIRSERVER-2162 - Searching for users using ObjectClass=person takes long
>> * DIRSERVER-2176 - Thread leak from LdapServer Unassigned Resolved
>> * DIRSERVER-2223 - JDK 9 ldaps does not work
>> * DIRSERVER-2252 - Controls are not properly passed back to the client
>> * DIRSERVER-2286 - Apacheds service will not start if kerberos is enable
>> * DIRSERVER-2301 - Apache DS 2.0.0.AM26 Maven install fails with
>> Unkown JVM/keysize
>> * DIRSERVER-2302 - Doing a search with a filter containing
>> (objectClass=top) fails
>> * DIRSERVER-2303 - ApplyLdifs treats entries with case sensitivity
>> * DIRSERVER-2308 - Moddn overrides existing entry
>> * DIRSERVER-2309 - DefaultDirectoryService#addAfter adds interceptor
>> before the given one
>> * DIRSERVER-2322 - ApacheDS default server instance not starting - Error
>> 1067
>> * DIRSERVER-2326 - LDAP server doesn't start on IBM JDK 8 (NoClassDefFound)
>> * DIRSERVER-2332 - Unexpected Session Termination (nslcd - libpam-ldapd
>> * DIRSERVER-2347 - Incorrect Password Modify response (extended response)
>> * DIRSERVER-2359 - Search request results in OPERATIONS_ERROR due NPE
>> * DIRSERVER-2362 - ApacheDS 2.0.0-M17 references older log4j that has
>> security vulnerabilities
>>
>>
>> Improvements :
>> --------------
>>
>> * DIRSERVER-2327 - Add possibility to use custom ReplayCache implementation
>> * DIRSERVER-2338 - Using a static IV in symmetric encryption with CBC mode
>> * DIRSERVER-2370 - Error under java17
>> * DIRSERVER-2305 - Delete Control seen as support in the RootDSE
>>
>>
>> Tasks :
>> -------
>>
>> * DIRSERVER-1223 - @Ignore annotation on both core and server integ
>> causes tests to stop
>> * DIRSERVER-2328 - CreateAuthenticator annotation trust manager
>> improvements
>> * DIRSERVER-2329 - Replication trust manager improvements
>> * DIRSERVER-2330 - StartTlsHandler and LdapsInitializer use
>> NoVerificationTrustManager
>> * DIRSERVER-2372 - Remove the Kerberos server from the Directory Server
>>
>>
>> Tests :
>> -------
>> * DIRSERVER-1847 - Introduce time provider for time dependent tests
>>
>> The sources and installation packages can be downloaded at:
>> http://directory.apache.org/apacheds/downloads.html
>>
>> User's Guide :
>> http://directory.apache.org/apacheds/basic-users-guide.html
>>
>>
>>
>> --
>> Regards,
>> Cordialement,
>> Emmanuel Lécharny
>> www.iktek.com
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
>> For additional commands, e-mail: users-help@directory.apache.org
>>
>>
>
--
*Emmanuel Lécharny* P. +33 (0)6 08 33 32 61
elecharny@apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org
Re: [ANNOUNCE] Apache DS 2.0.0.AM27 released
Posted by Thilo-Alexander Ginkel <th...@ginkel.com>.
Hi there,
just an observation: The apacheds Debian packages for 2.0.0.AM27 [1] seem
to contain 2.0.0.AM28-SNAPSHOT1:
> Unpacking apacheds (2.0.0.AM28-SNAPSHOT1) ...
> Setting up apacheds (2.0.0.AM28-SNAPSHOT1) ...
Any ideas?
Thanks,
Thilo
[1]
https://archive.apache.org/dist/directory/apacheds/dist/2.0.0.AM27/apacheds-2.0.0.AM27-amd64.deb
On Sun, Oct 22, 2023 at 12:36 AM Emmanuel Lecharny <el...@apache.org>
wrote:
> The Apache Directory team is pleased to announce the release of ApacheDS
> 2.0.0.AM27, the 27th milestone towards a 2.0 version, which fixes some
> issue
> in the 2.0.0.AM26 release.
>
> ApacheDS is an extensible and embeddable directory server entirely written
> in Java, which has been certified LDAPv3 compatible by the Open Group.
> Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It
> has been designed to introduce triggers, stored procedures, queues and
> views to the world of LDAP which has lacked these rich constructs.
>
> This is a major and long expected release of ApacheDS. It brings many
> bug fixes (29). We focused on fixing issues on newer versions of Java
> (11 and 17 are now supported), migrating Junit tests to version 5,
> mitigating the Log4j security vulnerability.
>
> The Kerberos subsystem has been removed from the server, as Apache
> Kerby is already providing a maintained and updated Kerberos server.
>
> It uses the Apache LDAP API 2.1.5 release, and TLS 1.3 is now supported.
>
> It fixes 29 issues, many of them being major or critical bugs.
>
>
> Here are the fixed issues :
>
> Bugs :
> ------
>
> * DIRSERVER-1670 - DIGEST-MD5 authentication mechanism must support
> encryption
> * DIRSERVER-1091 - not Support multiple resource record answers caused
> by ResourceRecordImpl's error equals method
> * DIRSERVER-1632 - Setting SASL QoP to 'auth-int' or 'auth-conf' while
> connecting using the LDAP API fails and throws a decoder exception
> * DIRSERVER-1951 - Maven build on windows is flakey
> * DIRSERVER-2162 - Searching for users using ObjectClass=person takes long
> * DIRSERVER-2176 - Thread leak from LdapServer Unassigned Resolved
> * DIRSERVER-2223 - JDK 9 ldaps does not work
> * DIRSERVER-2252 - Controls are not properly passed back to the client
> * DIRSERVER-2286 - Apacheds service will not start if kerberos is enable
> * DIRSERVER-2301 - Apache DS 2.0.0.AM26 Maven install fails with
> Unkown JVM/keysize
> * DIRSERVER-2302 - Doing a search with a filter containing
> (objectClass=top) fails
> * DIRSERVER-2303 - ApplyLdifs treats entries with case sensitivity
> * DIRSERVER-2308 - Moddn overrides existing entry
> * DIRSERVER-2309 - DefaultDirectoryService#addAfter adds interceptor
> before the given one
> * DIRSERVER-2322 - ApacheDS default server instance not starting - Error
> 1067
> * DIRSERVER-2326 - LDAP server doesn't start on IBM JDK 8 (NoClassDefFound)
> * DIRSERVER-2332 - Unexpected Session Termination (nslcd - libpam-ldapd
> * DIRSERVER-2347 - Incorrect Password Modify response (extended response)
> * DIRSERVER-2359 - Search request results in OPERATIONS_ERROR due NPE
> * DIRSERVER-2362 - ApacheDS 2.0.0-M17 references older log4j that has
> security vulnerabilities
>
>
> Improvements :
> --------------
>
> * DIRSERVER-2327 - Add possibility to use custom ReplayCache implementation
> * DIRSERVER-2338 - Using a static IV in symmetric encryption with CBC mode
> * DIRSERVER-2370 - Error under java17
> * DIRSERVER-2305 - Delete Control seen as support in the RootDSE
>
>
> Tasks :
> -------
>
> * DIRSERVER-1223 - @Ignore annotation on both core and server integ
> causes tests to stop
> * DIRSERVER-2328 - CreateAuthenticator annotation trust manager
> improvements
> * DIRSERVER-2329 - Replication trust manager improvements
> * DIRSERVER-2330 - StartTlsHandler and LdapsInitializer use
> NoVerificationTrustManager
> * DIRSERVER-2372 - Remove the Kerberos server from the Directory Server
>
>
> Tests :
> -------
> * DIRSERVER-1847 - Introduce time provider for time dependent tests
>
> The sources and installation packages can be downloaded at:
> http://directory.apache.org/apacheds/downloads.html
>
> User's Guide :
> http://directory.apache.org/apacheds/basic-users-guide.html
>
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
> For additional commands, e-mail: users-help@directory.apache.org
>
>