[Date Prev][Date Next]
Re: (ITS#8385) Use After Free of struct ldap_common in slap_client_connect
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#8385) Use After Free of struct ldap_common in slap_client_connect
- From: firstname.lastname@example.org
- Date: Tue, 15 Mar 2016 18:41:46 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
On Mon, Mar 14, 2016 at 8:04 PM, Quanah Gibson-Mount <email@example.com> wrote:
> The Debian/Ubuntu maintainers are quite aware of the problems with using
> GnuTLS, and maintain they cannot use OpenSSL due to licensing issues,
> despite the fact every other major distribution uses OpenSSL (except RHEL,
> which switched to MozNSS which resulted in much disaster, and is likely
> going to switch back to OpenSSL).
> There is no reason you cannot use OpenSSL, regardless of what
> Debian/Ubuntu's broken decisions are.
Quanah, thank you for your reply. However, I do not want to engage in
a political discussion, particularly on the matter that is beyond my
control. It is also out of topic, as the bug discussed here was in
libldap code, and not in GnuTLS. I would like to again thank Howard
for his work on this bug and coming up with a working fix very
quickly. Unless any new issue related to this bug or the fix comes to
light, I think we can consider the matter closed.