[Pkg-openldap-devel] Bug#725153: openldap, nss, and gnutls
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed May 20 16:58:08 UTC 2015
https://bugs.debian.org/725153 suggests moving openldap's TLS backend in
debian from gnutls to nss.
The reasons given appear to be the older gnutls/gcrypt suid problem
(which is quite a serious concern, particularly for libpam_ldap), and
that newer gnutls/nettle introduces some licensing issues.
The licensing issues have been resolved by nettle relicensing to LGPL 3+
or GPL 2+, effective in nettle 3.0:
http://mid.gmane.org/nnd2el5d8h.fsf@bacon.lysator.liu.se
If the work to switch openldap to NSS is strictly because of licensing
concerns that have been resolved since the bug was opened, please
reconsider the switch.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20150520/20fd37a1/attachment.sig>
More information about the Pkg-openldap-devel
mailing list