Slapd 2.5.13 for Bullseye, 2nd thread

[Ryan Tandy]

On Wed, Nov 16, 2022 at 08:29:52AM +0100, Stefan G. Weichinger wrote:
>So as far as I understand 2.5 will not become the default package in 
>the main repository soon, but available in backports in the next weeks 
>maybe? Is there any fixed date to wait for (I was asked by my 
>customer)?

We don't make major changes to packages inside a Debian stable release. 
OpenLDAP 2.5 will be included in "bookworm", the next stable release, 
which will probably arrive later in 2023 [1].

I don't have a date for when the backport will be available. Depends 
when ftpmasters happen to review the queue. Usually within a few weeks.

>2.4 should be safe for now, and until 2.5 gets available? (We use it 
>internally only so far, that might be relevant security-wise)

FSVO "safe". We review new CVEs and fix them in stable if possible. 
However other issues (non-security, or otherwise not warranting a CVE) 
will probably not be fixed unless users specifically request them and 
the fixes are harmless.

>To me it sounds best to wait for 2.5 in backports, do the upgrade, 
>then go into production. Although 2.5 then still hasn't got much 
>testing by debian users, so we might be kind of a test setup: my 
>customer doesn't like that aspect.

Right, you will be an "early adopter" of changes going into the next 
release. I should also note that backports do not have the same level of 
support as Debian stable [2]. Except in very urgent cases, issues are 
fixed in unstable and migrate from there to testing (automatically) and 
then backports (manually), which can all take a which or more.

If you require a 2.5 or 2.6 package with full support _today_, you might 
want to look at the packages provided and supported by Symas: 
https://repo.symas.com/soldap2.5/

thanks,
Ryan

[1] https://release.debian.org/
[2] https://backports.debian.org/FAQ/