Bug#368297: About the libgcrypt and OpenLDAP issue
Werner Koch
wk at gnupg.org
Fri Apr 19 17:07:02 UTC 2013
On Fri, 19 Apr 2013 18:54, clopez at igalia.com said:
> I couldn't find anything relevant on the archives.
Next step would be to check the repos and all packages using Libgcrypt.
> Saying that there is a good reason for this commit to be there and at
> the same time saying that such good reason is unknown... won't help.
I can't see that there is anything wrong with that patch. We need to
initialize Libgcrypt as early as possible to avoid subtle bugs by
software not using Libgcrypt correctly.
> the way of reverting d769529. So, if reverting this commit could cause
> some security issue or any other kind of problem it will be good to know
At least in FIPS mode Libgcrypt should detect such a problem itself.
But well, who is abale to use FIPS mode.
> I'm CC'ing Moritz, perhaps he can throw a bit of light here.
He is dropped his job at g10 Code many years ago, thus don't put too
much hope into it.
What about my suggestion on how to solve the problem?
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Pkg-gnutls-maint
mailing list