fusiondirectory (1.2.3-4+deb10u2) buster-security; urgency=medium

  If you are using CAS for authentication:
  To address CVE-2022-39369 in php-cas - the library used for CAS - had
  to introduce an API breaking change which requires some additional
  configuration in fusiondirectory.

  The php-cas package introducing the fix for buster is version
  1.3.6-1+deb10u1. After installing the php-cas update, a CAS enabled
  fusiondirectory installation will no longer work until those steps are
  done:

  - make sure to install the updated fusiondirectory-schema package for
    buster.

  - update the fusiondirectory core schema in LDAP by running
    fusiondirectory-insert-schema -m

  - switch to using the new php-cas API by running
    fusiondirectory-setup --set-config-CasLibraryBool=TRUE

  - set the CAS ClientServiceName to the base URL of the fusiondirectory
    installation, for example:
    fusiondirectory-setup --set-config-CasClientServiceName="https://fusiondirectory.example.org/"

  To troubleshoot php-cas problems, the property CasVerbose can be activated for
  additional diagnostics:
    fusiondirectory-setup --set-config-CasVerbose=TRUE

 -- Tobias Frost <tobi@debian.org>  Fri, 07 Jul 2023 15:20:21 +0200
