Re: Openldap version (proxy cache)

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Friday, February 25, 2005 12:58 PM -0800 Owen DeLong <owen@delong.com> 
wrote:

> I don't know about FC2, but, FC3 is currently at 2.2.13 and current
> OpenLDAP release is 2.2.23.  As such, you're probably fine with FC3
> openldap as shipped.  I suspect the FC3 RPMs would work on FC2, since
> both use the same kernel and mostly the same libraries.
>
> FWIW, the upgrade from RH9 and FC2 to FC3 has been near painless for me on
> multiple systems (no reinstall, just in-place upgrade by booting FC3
> disks and upgrading existing install).
>
> Issues to watch out for:
> 	Apache goes from 1.* to 2.* -- some changes to suexec and modperl
> 	Changes to SASL
>
> Everything else went pretty smoothly on the systems I've dealt with.

See, I'd argue very differently... OpenLDAP 2.2.13 is *very old*, and many 
many bugs have been fixed since that release, some of which I'd consider 
must-haves, like the memory leak fixes that went in around 2.2.17, and the 
DOS security attack fix that went into 2.2.23.  Unless you were very 
careful with how you constructed your ACL's, I could crash any OL server 
(2.1 or 2.2) prior to OpenLDAP 2.2.23 with a very simple ldap search.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin