[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP and DH parameter size / LogJam vulnerability



> On 15 Jul 2015, at 18:07 , Howard Chu <hyc@symas.com> wrote:
> 
> Jens Vagelpohl wrote:
>> 
>> Since that ITS is several years old I guess the fix is not in OPENLDAP_REL_ENG_2_4?
> 
> Surely you can read the ITS yourself.
> 
> https://www.openldap.org/its/index.cgi/Software Bugs?id=7506
> 
> The fix is in 2.5.

Hi Howard,

Yes, I read the ITS but was looking for confirmation because I was surprised this fix was not considered for inclusion in the 2.4 branch.

The issue might have appeared less important back in 2013, but now we have LogJam and DH groups have received proper attention. It would be great if the current release branch of software as important as OpenLDAP would handle those better.

jens


Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail