Documentation

Installation and configuration

image1

Packaged versions

These versions are maintained under distribution umbrella following their policy.

Debian

Tip

Following Debian Policy, LLNG packages are never upgraded in published distributions. However, security patches are backported by maintenance teams (except some inor ones).

Debian dist   LLNG version Secured Maintenance LTS Limit Extended LTS Limit
6 Squeeze 0.9.4.1 maybe No known vulnerability None February 2016 April 2019
7 Wheezy 1.1.2 maybe No known vulnerability None [1] May 2018 Probably 2021
8 Jessie 1.3.3 clean CVE-2019-19791 tagged as minor None [1] June 2020 Probably 2023
9 Stretch 1.9.7 clean CVE-2019-19791 tagged as minor Debian LTS Team June 2022  
Stretch-backports 2.0.2 bad CVE-2019-12046, CVE-2019-13031, CVE-2019-15941 None June 2019  
Stretch-backports-sloppy 2.0.11 maybe Maybe none, “best effort” [3] Until Debian 11 release [4]  
10 Buster 2.0.2 clean CVE-2019-19791 tagged as minor Debian Security Team Probably July 2024  
Buster-backports 2.0.11 clean LLNG Team </team>, “best effort” [3] Until Debian 11 release [4]  
Bullseye 2.0.11 clean Debian Security Team Probably July 2026  
Next Testing Latest [5] clean LLNG Team    

See Debian Security Tracker and Debian Package Tracker for more.

Ubuntu

Attention

Ubuntu version are included in “universe” branch [8], so not really security maintained. Prefer to use our repositories or Debian ones

Ubuntu dist   LLNG version Secured Maintenance
12.04 Precise 1.1.2 maybe No known vulnerability None
14.04 Trusty 1.2.5 maybe No known vulnerability None
16.04 Xenial [9] 1.4.6 bad CVE-2019-12046, CVE-2019-13031 None
18.04 Bionic [9] 1.9.16 bad CVE-2019-12046, CVE-2019-13031, CVE-2020-24660 None
20.04 Focal [9] 2.0.7 bad CVE-2020-24660 None
20.10 Groovy 2.0.8 bad CVE-2020-24660 None
21.04 Hirsute 2.0.11 clean None

Bug report

See Reporting a bug.

Development

image13

git clone https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng.git

Other

image14

[1](1, 2) Possible Extended LTS
[3](1, 2) updated by LLNG Team until dependencies are compatible. Don’t use backports unless you plan to update your system because backports are not covered by Debian Security Policy
[4](1, 2) around September 2021
[5]few days after release
[8]Ubuntu universe/multiverse branches are community maintained (so not maintained by Canonical), but in fact nobody considers LLNG security issues. See this issue for example
[9](1, 2, 3) LTS