Bug#405495: libsasl2-modules-ldap: libldapdb segfaults

Russ Allbery rra at debian.org
Fri Jan 18 19:43:28 UTC 2008


Torsten Schlabach <tschlabach at gmx.net> writes:

> Just checked; interesting enough the package libsasl2-modules-ldap 
> depends on the package libldap2, which is the ancient version 2.1.17 of 
> OpenLDAP.
>
> There is a package libldap-2.3-0 in Debian Etch. It does not replace
> libldap2 but installs next to it, with seperate filenames. So installing
> that will not make anything depending on libldap2 use 2.3 instead of 2.1
> stuff, which I guess is by design.
>
> So I wonder if the package libsasl2-modules-ldap should rather have a 
> dependency to libldap-2.3-0 instead of libldap2?

The OpenLDAP library situation is what it is because of licensing
problems, which have now been resolved (by way of adding GnuTLS support to
OpenLDAP) in OpenLDAP 2.4.  OpenLDAP 2.4 will take over the dev packages
and will eventually obsolete the old 2.1 libraries, and will be uploaded
probably within a week or so.  So just hang in there for a bit and then
you'll be able to switch to a newer version.

> Bonus question: I cannot find a libldap-2.3-dev or libldap-2.3-0-dev. Is
> that a mistake. Is that a bug which should be filed against the
> openldap-2.3 source package?

No, it was intentional for as long as those libraries had to be linked
with OpenSSL, since linking them into other Debian packages would create
licensing problems with GPL code.

-- 
Russ Allbery (rra at debian.org)               <http://www.eyrie.org/~eagle/>





More information about the Pkg-cyrus-sasl2-debian-devel mailing list