[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP security patchs for 2.0 branch

--On Tuesday, September 07, 2004 10:04 AM -0300 Federico Petronio <petrus@activesec.biz> wrote:

Hello, we write to you because we currently run OpenLDAP 2.0.27. When we
installed it we read somewhere that security fixes (if any bug is
discovered) will continue to be released, that was some time ago now.

Should we upgrade if we want to stay updated about known security bugs?
or we can trust that patchs will be available in case of a new bug is
discovered en the 2.0 branch?

2.0 was retired a long time ago. No patches or upgrades are released for 2.0 by the OpenLDAP group. If you are using a vendor supplied version of OpenLDAP, then that vendor may provide patches. If you want a secure release of OpenLDAP that comes with support, you should probably look at a company like Symas (http://www.symas.com).

The current supported branch of OpenLDAP is 2.2, with the current release being 2.2.15. It is available from http://www.openldap.org.


Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html