[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8385) Use After Free of struct ldap_common in slap_client_connect

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8385) Use After Free of struct ldap_common in slap_client_connect
From: mkp37215@gmail.com
Date: Tue, 15 Mar 2016 18:41:46 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

On Mon, Mar 14, 2016 at 8:04 PM, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
>
> The Debian/Ubuntu maintainers are quite aware of the problems with using
> GnuTLS, and maintain they cannot use OpenSSL due to licensing issues,
> despite the fact every other major distribution uses OpenSSL (except RHEL,
> which switched to MozNSS which resulted in much disaster, and is likely
> going to switch back to OpenSSL).
>
> There is no reason you cannot use OpenSSL, regardless of what
> Debian/Ubuntu's broken decisions are.
>
> --Quanah

Quanah, thank you for your reply. However, I do not want to engage in
a political discussion, particularly on the matter that is beyond my
control. It is also out of topic, as the bug discussed here was in
libldap code, and not in GnuTLS. I would like to again thank Howard
for his work on this bug and coming up with a working fix very
quickly. Unless any new issue related to this bug or the fix comes to
light, I think we can consider the matter closed.

Maciej Puzio

Prev by Date: Re: (ITS#8384) LDAP Servers in Multi-master configuration locked up and unresponsive
Next by Date: Re: (ITS#8384) LDAP Servers in Multi-master configuration locked up and unresponsive
Index(es):
- Chronological
- Thread