[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Heimdal - OpenLDAP - RedHat redux



man, 30.08.2004 kl. 19.51 skrev Quanah Gibson-Mount:

> > OpenSSL 0.9.7a - my build from source.
> 
> This doesn't answer your question, but I'll note that 0.9.7a has security 
> holes, and IIRC, was not recommended for use with OpenLDAP.  Later versions 
> of OpenSSL 0.9.7 series have the security holes fixed, and work fine with 
> OpenLDAP.

RedHat has this habit of issuing back-ported updates of things. The
latest RHAS/RHEL3 Openssl 0.9.7a updates fix the ASN.1 security bug. I
think the philosophy is, that there'd otherwise be rpm dependency
problems. Personally I compile all my own Openldap stuff (including
Openssl) and keep (most of) it separate from the RedHat issued versions.
Sometimes (e.g. Cyrus SASL2) it has to replace the RedHat stuff.

--Tonni

-- 
They love us, don't they, They feed us, won't they,
Oh who will think a boy and bear
Could be well accepted everywhere?
It's just amazing how fair people can be

mail: tonye@billy.demon.nl
http://www.billy.demon.nl