[Pkg-openldap-devel] Upcoming 2.4.14 changes
Quanah Gibson-Mount
quanah at zimbra.com
Sat Feb 7 22:15:56 UTC 2009
--On Saturday, February 07, 2009 12:45 PM -0500 Steve Langasek
<vorlon at debian.org> wrote:
> On Mon, Feb 02, 2009 at 10:22:40AM -0800, Quanah Gibson-Mount wrote:
>> Just an FYI, as I know the next debian stable release is being worked
>> on. ;)
>
>> 2.4.14 has a number of modifications over 2.4.13 that would be relevant
>> to Debian:
>
>> (a) TLS support has been broken down to be modular, for OpenSSL, GnuTLS,
>> and NSS.
>> (b) GnuTLS support has been updated for the latest APIs
>> (c) The connection code has been rewritten. Some of this is
>> specifically because of epoll() related isues.
>
>> I figured the GnuTLS bits would be of the most interest. ;)
>
> Thanks for the heads-up; unfortunately we're stuck at 2.4.10 (I think?
2.4.11 actually. ;)
> Don't have it in front of me) due to the requirement to switch database
> versions. Are any of these GnuTLS fixes in 2.4.14 critical enough that we
> should consider backporting them for lenny?
Well, unfortunately, there's a lot broken in 2.4.11 as far as MMR was
concerned, so I'd advise against people using it in lenny.
The GnuTLS changes were more for portability and ongoing support, not
really security fixes.
Hopefully the next Debian release can have 2.4.14 (or later. ;) ).
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
More information about the Pkg-openldap-devel
mailing list