Slapd 2.5.13 for Bullseye, 2nd thread

Stefan G. Weichinger lists at xunil.at
Wed Nov 16 07:29:52 GMT 2022


Am 15.11.22 um 18:32 schrieb Ryan Tandy:
> Hi Stefan,
> 
> On Tue, Nov 15, 2022 at 12:03:06PM +0100, Stefan G. Weichinger wrote:
>> An external LDAP guru told me not to use 2.4 so I have to check options.
> 
> Your choice. OpenLDAP 2.4 is no longer supported by upstream (the 
> OpenLDAP project), they recommend everyone move to the newer releases. 
> The 2.4 package in Debian stable can still receive security support and 
> select high-impact bug fixes, but on a best-effort, do-no-harm basis.
> 
>> I would appreciate getting 2.5 in backports, is there any information 
>> on when those will be available etc?
> 
> It was uploaded on the weekend and is currently waiting in backports-NEW 
> for ftpmaster to review and accept it:
> 
> https://ftp-master.debian.org/backports-new.html
> 
>> My customer waits for feedback how hard it will be to get 2.5.x 
>> deployed. 2.4.x runs OK so far, we have only around 30 users in there 
>> so the upgrade/migration should be rather easy.
> 
> I wrote a short upgrade notes for backports users: 
> https://lists.debian.org/debian-backports/2022/11/msg00030.html
> 
>> Pulling packages from "testing" or so: I was told to avoid this ... no 
>> mixed systems .. I can't tell if or if not ...
> 
> Would not recommend it.

Thanks, Ryan.

So as far as I understand 2.5 will not become the default package in the 
main repository soon, but available in backports in the next weeks 
maybe? Is there any fixed date to wait for (I was asked by my customer)?

2.4 should be safe for now, and until 2.5 gets available? (We use it 
internally only so far, that might be relevant security-wise)

I get pressure to put my current slapd-cluster based on 2.4 into 
production and we have to decide on how to proceed.

To me it sounds best to wait for 2.5 in backports, do the upgrade, then 
go into production. Although 2.5 then still hasn't got much testing by 
debian users, so we might be kind of a test setup: my customer doesn't 
like that aspect.

I hope the replication config doesn't break or I hit other surprises.

Thanks for now, Stefan



More information about the Pkg-openldap-devel mailing list