turnkey-openldap-16.0 (1) turnkey; urgency=low * Updated all relevant Debian packages to Buster/10 versions; including OpenLDAP (slapd) to 2.4.47 & PHP 7.3 (for phpldapadmin). * Update phpldapadmin to latest upstream version - 1.2.5. Plus also add cookie encryption (via setting blowfish seed) and disable anonymous access. * Explcitly disable TLS<1.2 (i.e. SSLv3, TLSv1, TLSv1.1) for webserver/ phpldapadmin. (v15.x TurnKey releases supported TLS 1.2, but could fallback as low as TLSv1). * Update webserver SSL/TLS cyphers to provide "Intermediate" browser/client support (suitable for "General-purpose servers with a variety of clients, recommended for almost all systems"). As provided by Mozilla via https://ssl-config.mozilla.org/. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Thu, 02 Jul 2020 15:54:14 +1000 turnkey-openldap-15.1 (1) turnkey; urgency=low * Include a sleep in the OpenLDAP inithook which resolves intermittant initialisation issues, including a TLS/SSL issue. Closes #1176 & #1337. [ Stefan Davis ] -- Jeremy Davis Mon, 24 Jun 2019 15:22:34 +1000 turnkey-openldap-15.0 (1) turnkey; urgency=low * Includes PHP7.0 (installed from Debian repos) * Updated PHP default settings * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Vlad Kuzmenko Fri, 29 Jun 2018 01:39:42 +0200 turnkey-openldap-14.2 (1) turnkey; urgency=low * Installed security updates * Added nsspam account with access to authenticate and change users in order to support using LDAP as authentication from NSS/PAM - Changes come from https://github.com/jstruebel/openldap-nsspam.git * Changed the default group populated in the database to support using it as the auth backend for NSS/PAM from other TKL appliances - Changes come from https://github.com/jstruebel/openldap-nsspam.git * Added custom templates to phpLDAPAdmin to support user/group management for the NSS/PAM changes above - Changes come from https://github.com/jstruebel/openldap-pla.git * Added Samba schema to ldap database and corresponding custom templates to phpLDAPAdmin - Changes come from https://github.com/jstruebel/openldap-samba.git * Added OpenSSH public key schema to ldap database - Changes come from https://github.com/jstruebel/openldap-sshlpk.git * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance.i -- Jonathan Struebel Tue, 02 May 2017 14:37:40 -0700 turnkey-openldap-14.1 (1) turnkey; urgency=low * Fix LigHTTPd bug in 15regen-sllcert (#512). * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Thu, 18 Feb 2016 15:19:03 +1100 turnkey-openldap-14.0 (1) turnkey; urgency=low * Latest Debian Jessie package version of OpenLDAP. * Lastest phpldap installed from upstream git * Other maintence work performed by Jonathan Struebel https://github.com/jstruebel * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance.i -- Jeremy Davis Fri, 14 Aug 2015 19:59:21 +1000 turnkey-openldap-13.0 (1) turnkey; urgency=low * Latest Debian Wheezy package version of OpenLDAP. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Thu, 10 Oct 2013 18:38:30 +0300 turnkey-openldap-12.1 (1) turnkey; urgency=low * Upgraded to latest version of phpLDAPadmin. * Upstream source component versions: phpldapadmin 1.2.3 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Fri, 05 Apr 2013 08:00:00 +0200 turnkey-openldap-12.0 (1) turnkey; urgency=low * Initial public release of TurnKey OpenLDAP, based on TKLPatch submitted by Adrian Moya. * Set LDAP domain and admin password on firstboot (convenience, security). * Regenerates all secrets during installation / firstboot (security). * TLS support for ldaps out of the box (security). * Includes phpLDAPadmin for web based LDAP administration, with SSL support out of the box (convenience, security). * Includes Users/Groups OU and default PosixGroup (convenience). * Major component versions slapd 2.4.23-7.2 ldap-utils 2.4.23-7.2 gnutls-bin 2.8.6-1+squeeze2 lighttpd 1.4.28-2+squeeze1 php5-ldap 5.3.3-7+squeeze13 phpldapadmin 1.2.2 (upstream archive) * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Wed, 01 Aug 2012 08:00:00 +0200