Bump unboundid-ldapsdk from 5.1.1 to 6.0.7

[dependabot]

Bumps unboundid-ldapsdk from 5.1.1 to 6.0.7.

Release notes

Sourced from unboundid-ldapsdk's releases.

UnboundID LDAP SDK for Java 6.0.6

We have just released version 6.0.6 of the UnboundID LDAP SDK for Java. It is available for download from GitHub and SourceForge, and it is available in the Maven Central Repository. You can find the release notes at https://docs.ldap.com/ldap-sdk/docs/release-notes.html, but here’s a summary of the changes included in this version:

General Updates

• We fixed an issue that could cause request failures when closing a connection operating in asynchronous mode with outstanding operations.

• We fixed an issue that could interfere with the ability to get a default SSLContext on Java 17 when running in FIPS 140-2-compliant mode.

• We updated LDAPConnectionOptions to add support for a new system property that can enable certificate hostname verification by default without any code changes.

• We updated the LDAP command-line tool framework to add a new --verifyCertificateHostnames argument to enable hostname verification when performing TLS negotiation.

• We improved the class-level Javadoc documentation for the SSLUtil class to provide a better overview of TLS protocol versions, TLS cipher suites, key managers, trust managers, and certificate hostname verification, and to provide better examples that illustrate best practices for establishing secure connections.

• We fixed an issue in the JNDI compatibility support for controls, as well as extended requests and responses. Even though the implementation was based on the JNDI documentation, it appears that at least OpenJDK implementations do not abide by that documentation. The LDAP SDK is now compatible with the observed behavior rather than the documentation, although a system property can be used to revert to the former behavior.

• We updated the SearchRequest class to add constructors that allow you to provide the search base DN with a DN object (as an alternative to existing constructors that allow you to specify it as a String).

• We fixed an issue in the command-line tool framework in which an Error (for example, OutOfMemoryError) could cause the tool to report a NullPointerException rather than information about the underlying error.

• We fixed an issue in the IA5 argument value validator that could allow it to accept argument values with non-ASCII characters.

• We fixed an issue in the DNS hostname argument value validator that could prevent it from properly validating the last component of a fully qualified domain name, or the only component of an unqualified name.

• We updated the identify-references-to-missing-entries tool to provide an option to generate an LDIF file with changes that can be used to remove identified references.

• We updated the SelfSignedCertificateGenerator class to perform better validation for the subject alternative DNS names that it includes in a certificate.

• We updated the manage-certificates generate-self-signed-certificate command to rename the --replace-existing-certificate argument to be --use-existing-key-pair. The former argument name still works, but it is hidden from the usage.

• We included a native-image/resource-config.json file in the LDAP SDK jar file manifest, which can be used by the GraalVM native-image tool to ensure that appropriate resource files are included in the resulting image.

Updates Specific to Use With the Ping Identity Directory Server

• We updated the summarize-access-log tool to report on many more things, including the most common IP addresses for failed bind attempts, the most consecutive failed binds, information about work queue wait times, information about request and response controls, the number of components in search filters, and search filters that may indicate injection attempts.

• We updated support for the audit data security administrative task to make it possible to specify the number and/or age of previous reports to retain.

• We fixed issues that prevented specifying the criticality of the administrative operation and join request controls.

UnboundID LDAP SDK for Java 6.0.5

We have just released version 6.0.5 of the UnboundID LDAP SDK for Java. It is available for download from GitHub and SourceForge, and it is available in the Maven Central Repository. You can find the release notes at https://docs.ldap.com/ldap-sdk/docs/release-notes.html, but here’s a summary of the changes included in this version:

General Updates:

• We fixed an issue that could occasionally cause the LDAP SDK to hide the actual cause of a StartTLS failure by using information from a second, less useful exception.

• We fixed an issue that could cause the ldifsearch tool to display a malformed message when the first unnamed trailing argument was expected to be a search filter but could not be parsed as a valid filter.

... (truncated)

Changelog

Sourced from unboundid-ldapsdk's changelog.

          <div align="right">

${TARGET="offline"} LDAP SDK Home Page ${TARGET="offline"} Product Information

          <h2>Release Notes</h2>
      &lt;h3&gt;Version 6.0.7&lt;/h3&gt;
  &amp;lt;p&amp;gt;
    The following changes were made between the 6.0.6 and 6.0.7 releases:
  &amp;lt;/p&amp;gt;

  &amp;lt;ul&amp;gt;
    &amp;lt;li&amp;gt;
      Fixed a bug in the SearchResultEntry.equals method that could prevent a
      SearchResultEntry object (which is a subclass of Entry) from being considered
      equal to an Entry that is not a SearchResultEntry.
      &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
    &amp;lt;/li&amp;gt;

    &amp;lt;li&amp;gt;
      Fixed an issue with the Entry.applyModifications method in which it could fail
      with a NOT_ALLOWED_ON_RDN result if the provided entry was missing one or more
      attribute values used in its RDN.
      &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
    &amp;lt;/li&amp;gt;

    &amp;lt;li&amp;gt;
      Fixed a bug in the argument parser's support for mutually dependent arguments.
      In a mutually dependent argument set, if any one of the arguments is provided,
      then all of the other arguments in the set must also be provided, but there was
      a problem with support for sets containing three or more elements.  In such
      cases, the argument parser would only enforce that at least two arguments from
      the set were present.
      &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
    &amp;lt;/li&amp;gt;

    &amp;lt;li&amp;gt;
      Added JSONObject methods for retrieving fields by name using case-insensitive
      matching.  By default, JSON field names are treated in a case-sensitive manner,
      but new methods allow them to be retrieved in a case-insensitive manner.
      Because a JSON object may have multiple fields with names differing only by
      case, there are a few options for handling the possibility of conflicts,
      including returning only the first match found and ignoring subsequent matches,
      throwing an exception if multiple matches are found, or returning a map
      containing all matching name-value pairs.
      &amp;lt;br&amp;gt;&amp;lt;br&amp;gt;
    &amp;lt;/li&amp;gt;

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

The following labels could not be found: ready-for-review.