Bug#368297: About the libgcrypt and OpenLDAP issue
Carlos Alberto Lopez Perez
clopez at igalia.com
Fri Apr 19 16:54:25 UTC 2013
On 19/04/13 10:22, Werner Koch wrote:
> On Fri, 19 Apr 2013 02:52, mgilbert at debian.org said:
>>>> >>> 1.a) Patch libgcrypt to revert commit
>>>> >>> d769529a71ccda4e833f919f3c5693d25b005ff0
>>> >>
>>> >> Urgs. That is a short sighted fix.
>> >
>> > That seems to be the solution the rest of the open source community is
>> > converging toward. Short sighted is an odd categorization since it
>> > seems to have taken 8 years to come to this conclusion.
> Misunderstanding? With "a short sighted fix" I mean 1.a; that is the
> proposal to _revert_ commit d769529.
>
> Anyway, this commit is there for a good reason; I can't remember any
> details but for sure Moritz had a valid reason to do this. Those who
> are interested may want to do dig the gnupg/gcrypt/poldi archives.
I couldn't find anything relevant on the archives.
Saying that there is a good reason for this commit to be there and at
the same time saying that such good reason is unknown... won't help.
It would be good to know which good reason is that. Not only for the
sake of getting this bug fixed, but also because the Ubuntu guys went
the way of reverting d769529. So, if reverting this commit could cause
some security issue or any other kind of problem it will be good to know
it before the harm is done.
I'm CC'ing Moritz, perhaps he can throw a bit of light here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20130419/5d12284a/attachment.pgp>
More information about the Pkg-gnutls-maint
mailing list