Thank you for your detailed investigation into this. I appreciate the
time you've spent on this.
Marking as medium importance, since a workaround is available (which I
believe is to fix the cipher suite string to something valid, right?)
> If the Ubuntu OpenLDAP developers and users can confirm the bug, and
that this patch fixes the issue, it would be easier to push the patch
upstream.
This is reasonable, although I'm not sure there are enough Ubuntu
OpenLDAP developers to make this likely. Until then this bug may sit
unattended, but your writeup will at least help others so I appreciate
it being here.
For anyone else who comes across this: please mark it as "affects me
too". If you can spare time to work on it, please confirm that it
affects Ubuntu, check to see if the upstream non-packaged release is
affected, look towards getting this reported upstream and note any new
information or progress here. We can certainly patch the Ubuntu package
if the bug and patch can be verified. But if upstream commit it and/or
acknowledge the bug, that really makes things easier. Thanks!
** Changed in: openldap (Ubuntu)
Status: New => Triaged
** Changed in: openldap (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1103353
Title:
Invalid GnuTLS cipher suite strings causes libldap to crash
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1103353/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
