[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP security patchs for 2.0 branch

To: Federico Petronio <petrus@activesec.biz>, openldap-software@OpenLDAP.org
Subject: Re: OpenLDAP security patchs for 2.0 branch
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Tue, 07 Sep 2004 06:29:20 -0700
Content-disposition: inline
In-reply-to: <413DB1DE.7040109@activesec.biz>
References: <413DB1DE.7040109@activesec.biz>

--On Tuesday, September 07, 2004 10:04 AM -0300 Federico Petronio <petrus@activesec.biz> wrote:

Hello, we write to you because we currently run OpenLDAP 2.0.27. When we
installed it we read somewhere that security fixes (if any bug is
discovered) will continue to be released, that was some time ago now.

Should we upgrade if we want to stay updated about known security bugs?
or we can trust that patchs will be available in case of a new bug is
discovered en the 2.0 branch?

2.0 was retired a long time ago. No patches or upgrades are released for 2.0 by the OpenLDAP group. If you are using a vendor supplied version of OpenLDAP, then that vendor may provide patches. If you want a secure release of OpenLDAP that comes with support, you should probably look at a company like Symas (http://www.symas.com).

The current supported branch of OpenLDAP is 2.2, with the current release being 2.2.15. It is available from http://www.openldap.org.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

References:
- OpenLDAP security patchs for 2.0 branch
  - From: Federico Petronio <petrus@activesec.biz>

Prev by Date: OpenLDAP security patchs for 2.0 branch
Next by Date: Re: [ERROR 80] Unknown error with multiple databases
Index(es):
- Chronological
- Thread