[Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

I created patched openldap packages for xenial, available on the same PPA as above. I tested amd64 packages on xenial beta 2. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248

[Bug 1547927] Re: LDAP_OPT_X_TLS_REQUIRE_CERT handling differences between ldaps:// and STARTTLS

I created a PPA with patched openldap packages for wily and xenial. If you would like to test them, there is more information in bug 1557248. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu.

[Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

I have just found that Howard Chu of OpenLDAP team had already uploaded this patch to Launchpad VCS: http://bazaar.launchpad.net/~vcs-imports/openldap/master/revision/20757 Hopefully we will have the package released soon. -- You received this bug notification because you are a member of Ubuntu

[Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

** Tags added: patch-accepted-upstream -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code To manage

[Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

I created a PPA with patched deb packages, available at: https://launchpad.net/~maciej-puzio/+archive/ubuntu/openldap Currently it contains openldap-2.4.41 source package with the above patch applied, as well as binary debs built from it, for amd64 and i386. These packages are for Ubuntu 15.10

[Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

Patch created by OpenLDAP team applies cleanly to openldap 2.4.41+dfsg- 1ubuntu2 (wily). ** Patch added: "tls_g.patch" https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+attachment/4607004/+files/tls_g.patch -- You received this bug notification because you are a member of

[Bug 1547927] Re: LDAP_OPT_X_TLS_REQUIRE_CERT handling differences between ldaps:// and STARTTLS

A bug has been found in libldap code that interferes with the value of "require cert" option. It affects libldap built with GnuTLS, as is done in packages supplied by Ubuntu and Debian. The bug causes the value to be read from previously freed memory, often resulting in incorrect or random value

[Bug 1537762] Re: syncrepl does not work when using tls

Perhaps the issue is that your certificates have too short RSA keys. In GnuTLS SECURE256 requires at least 3072-bit public key. Unfortunately, this is not clearly documented. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in

[Bug 1557248] [NEW] OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code

Public bug reported: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link:

[Bug 592434] Re: ssh -X user@machine hangs when using exit to terminate

I can confirm the issue still occurring in 12.04. openssh-client and openssh-server version 1:5.9p1-5ubuntu1 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/592434 Title: ssh -X

[Bug 569757] Re: NIS upstart dependancy broken for lucid

On my mail server postfix and dovecot depend on nis. Currently this particular dependency is handled properly, because all three daemons are started by means of /etc/rc?.d in the correct order. Please correct me if I am wrong, but I worry that the solution suggested by Clint Byrum in #18 might

[Bug 573919] Re: autofs doesn't work with lucid

Further investigation revealed that in my case autofs was not racing with statd, but rather with nis (client daemon): bug 569757 and bug 570513. The workaround #15 appeared to work in some cases, because it introduced a small delay into autofs init script, which gave time for the nis daemon to

[Bug 573919] Re: autofs doesn't work with lucid

On yet another machine autofs would not start correctly neither with the workaround from comment #15, nor without it. My efforts to convince Upstart to run startup scripts in a correct sequence ended in an utter failure. What I did instead is to modify /etc/init/autofs.conf so that Upstart doesn't

[Bug 573919] Re: autofs doesn't work with lucid

For me workaround given in comment #8 in bug 525154 worked on four systems, but on the fifth it was not enough, and I had to combine it with #15 from this bug report. I have to admit that number of problems caused by Upstart is astoundingly high, and they crop up unexpectedly in a random fashion.

[Bug 592434] Re: ssh -X u...@machine hangs when using exit to terminate

I am also experiencing this problem on Ubuntu 10.04, openssh-server 1:5.3p1-3ubuntu4, as well as on Ubuntu 9.10. I would like to clarify that the problem appears to lie within the server, not the client. My client is running CentOS 5.5 and the problem occurs when connecting to Ubuntu servers, but