[Pkg-openldap-devel] Upload OpenLDAP 2.3 to the archive.

Matthijs Mohlmann matthijs at cacholong.nl
Fri May 12 19:18:03 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Quanah Gibson-Mount wrote:
> 
> 
> --On Friday, May 12, 2006 7:50 PM +0200 Matthijs Mohlmann
> <matthijs at cacholong.nl> wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Quanah Gibson-Mount wrote:
>>>
>>>
>>> --On Friday, May 12, 2006 10:02 AM +0200 Matthijs Mohlmann
>>> <matthijs at cacholong.nl> wrote:
>>>
>>>> Hi,
>>>>
>>>> I think OpenLDAP 2.3 is ready to go into the Debian archive, I've
>>>> tested
>>>> the following things with succes:
>>>>
>>>> - Initial installation of openldap 2.3.
>>>> - Upgrade from OpenLDAP 2.2 with the BDB backend to OpenLDAP 2.3 works.
>>>> - Upgrade from OpenLDAP 2.2 with the LDBM backend to OpenLDAP 2.3 with
>>>> the BDB backend.
>>>>    When the user disagrees with the upgrade from LDBM to BDB, then the
>>>> installation will break with 'exit 1'. And if the user agrees it
>>>> upgrades nicely to the BDB backend.
>>>> - Removal of slapd works. (Tested it pretty often ;))
>>>
>>> Very cool.
>>>
>>> OpenLDAP 2.3.22 is supposed to come out in the next day or two, if you
>>> want to wait on it.  A current list of bugs fixed since 2.3.21 can be
>>> found at:
>>>
>>> <http://www.openldap.org/devel/cvsweb.cgi/~checkout~/Attic/CHANGES?rev=1
>>> .5.8.208&hideattic=1&sortbydate=0>
>>>
>>
>> We have currently 2.3.20 in the svn repository, which is listed as
>> stable on the website, comments on that ?
> 
> <http://www.openldap.org/faq/data/cache/226.html>
> 
> Particularly, the last sentence.   All that stable indicates is that it
> was better than previous releases, and makes no claims as to its
> worthiness about subsequent releases.  And of course all the bugs fixed
> since the current stable release are still present in it.
> 
> I have a few reasons I'd wait for 2.3.22:
> 
> (a) back-config doesn't properly honor ACL's in all cases in < 2.3.22,
> which means people could inadvertently expose their data
> (b) There's a security exploit if someone runs "make test", particularly
> if they run it as root, that will be closed out with 2.3.22.
> 
> --Quanah
> 
Ok, that are reasonable arguments, I'll wait for the 2.3.22 release.

Regards,

Matthijs Mohlmann

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEZN9r2n1ROIkXqbARArLjAJ9kKYMGIoVlpd7u3V3bCZdLg7wbLACfXCKS
2wkcfvL7/M5ztM57OQh3Ofg=
=4SF5
-----END PGP SIGNATURE-----




More information about the Pkg-openldap-devel mailing list