[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Heimdal - OpenLDAP - RedHat redux

To: Openldap list <openldap-software@OpenLDAP.org>
Subject: Re: Heimdal - OpenLDAP - RedHat redux
From: Tony Earnshaw <tonye@billy.demon.nl>
Date: Tue, 31 Aug 2004 07:06:09 +0200
In-reply-to: <F466FFD8E3A0455407D683B9@cadabra.stanford.edu>
Organization: Billy
References: <1093886705.20812.19.camel@boreal.netel.rpi.edu> <F466FFD8E3A0455407D683B9@cadabra.stanford.edu>

man, 30.08.2004 kl. 19.51 skrev Quanah Gibson-Mount:

> > OpenSSL 0.9.7a - my build from source.
> 
> This doesn't answer your question, but I'll note that 0.9.7a has security 
> holes, and IIRC, was not recommended for use with OpenLDAP.  Later versions 
> of OpenSSL 0.9.7 series have the security holes fixed, and work fine with 
> OpenLDAP.

RedHat has this habit of issuing back-ported updates of things. The
latest RHAS/RHEL3 Openssl 0.9.7a updates fix the ASN.1 security bug. I
think the philosophy is, that there'd otherwise be rpm dependency
problems. Personally I compile all my own Openldap stuff (including
Openssl) and keep (most of) it separate from the RedHat issued versions.
Sometimes (e.g. Cyrus SASL2) it has to replace the RedHat stuff.

--Tonni

-- 
They love us, don't they, They feed us, won't they,
Oh who will think a boy and bear
Could be well accepted everywhere?
It's just amazing how fair people can be

mail: tonye@billy.demon.nl
http://www.billy.demon.nl

References:
- Heimdal - OpenLDAP - RedHat redux
  - From: Andrew Bacchi <bacchi@rpi.edu>
- Re: Heimdal - OpenLDAP - RedHat redux
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: how to make email address as unique in openldap database
Next by Date: Re: how to make email address as unique in openldap database
Index(es):
- Chronological
- Thread