[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8385) Use After Free of struct ldap_common in slap_client_connect

--On Tuesday, March 15, 2016 1:34 AM +0000 mkp37215@gmail.com wrote:

> --089e0139fc98189d9d052e0b902f
> Content-Type: text/plain; charset=UTF-8
> Howard, thank you very much for quickly fixing this issue. My tests show
> that the replication is now working fine.
> Regarding your recommendation of OpenSSL, that should rather go to
> OpenLDAP package maintainers at Ubuntu and Debian. I use what they build
> and the choice of the TLS library is not mine.

The Debian/Ubuntu maintainers are quite aware of the problems with using 
GnuTLS, and maintain they cannot use OpenSSL due to licensing issues, 
despite the fact every other major distribution uses OpenSSL (except RHEL, 
which switched to MozNSS which resulted in much disaster, and is likely 
going to switch back to OpenSSL).

There is no reason you cannot use OpenSSL, regardless of what 
Debian/Ubuntu's broken decisions are.



Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
Zimbra ::  the leader in open source messaging and collaboration
A division of Synacor, Inc