[Pkg-openldap-devel] Bug#368297: [PATCH] Fix dropping privileges issue on setuid programs on systems with PAM/LDAP and GnuTLS/libgcrypt
Thijs Kinkhorst
thijs at debian.org
Sat Mar 2 16:58:39 UTC 2013
> So, for the moment (Wheezy) I think the best approach to solve this bug
> is to apply the small patch for OpenLDAP that I'm attaching.
> It is the less intrusive approach to fix this bug. It don't needs to
> touch anything on GnuTLS or libgcrypt. It is really fixing the problem
> where is: OpenLDAP is not setting DISABLE_SECMEM when initializing
> libgcrypt.
So, is there a reason not to go with Carlos' patch for openldap?
Cheers,
Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20130302/815e13f0/attachment.pgp>
More information about the Pkg-openldap-devel
mailing list