[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Heimdal - OpenLDAP - RedHat redux

man, 30.08.2004 kl. 19.51 skrev Quanah Gibson-Mount:

> > OpenSSL 0.9.7a - my build from source.
> This doesn't answer your question, but I'll note that 0.9.7a has security 
> holes, and IIRC, was not recommended for use with OpenLDAP.  Later versions 
> of OpenSSL 0.9.7 series have the security holes fixed, and work fine with 
> OpenLDAP.

RedHat has this habit of issuing back-ported updates of things. The
latest RHAS/RHEL3 Openssl 0.9.7a updates fix the ASN.1 security bug. I
think the philosophy is, that there'd otherwise be rpm dependency
problems. Personally I compile all my own Openldap stuff (including
Openssl) and keep (most of) it separate from the RedHat issued versions.
Sometimes (e.g. Cyrus SASL2) it has to replace the RedHat stuff.


They love us, don't they, They feed us, won't they,
Oh who will think a boy and bear
Could be well accepted everywhere?
It's just amazing how fair people can be

mail: tonye@billy.demon.nl