This bit us on trial upgrades to Squeeze, and as this has not yet been fixed I would strongly recommend a section in the release notes on "Possible issues during upgrade" or "Issues to be aware of for squeeze", perhaps along the following lines:
"libnss-ldap and libpam-ldap: updates to the cryptography libraries mean that any programs which attempt to change their effective privileges, including sudo(8), may fail when libnss-ldap is configured to use an LDAP server using TLS or SSL. To work around this problem, you can replace libnss-ldap with libnss-ldapd, a newer library which uses separate daemon (nslcd) for all LDAP lookups. The replacement for libpam-ldap is libpam-ldapd. Note that libnss-ldapd recommends the NSS caching daemon, nscd, which you should evaluate for suitability in your environment before installing. Further information is available in bugs #566351 and #545414." David Adam UCC Wheel Member zanc...@ucc.gu.uwa.edu.au -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org