Public bug reported: Binary package hint: slapd
More information in this thread : http://www.openldap.org/lists /openldap-software/200806/msg00065.html The ssf matching is broken on gnutls with openldap 2.4 (http://www.openldap.org/lists/openldap-devel/200802/msg00072.html). At the highest cypher the reported ssf is 32 which seems a stark contrast to the 256 that is reported by the same cypher at the same bit strength using openssl. The debian project has made its stance on linking to gnutls for openldap. Ubuntu is not so strict with the purity of the tree (some gpl code is linked to bsd code a few random places), is there any way the Ubuntu team could link this to openssl - or better yet ask Canonical to get a ruling from their lawyers as to the validity of the Debian project's choice on the matter? I am half tempted to check security on this as it breaks a large piece of the encryption enforcement, but since it breaks it in an obvious way and provides the user no false sense of security I will forgo it. ** Affects: openldap2.3 (Ubuntu) Importance: Undecided Status: New -- slapd reports wrong ssf using gnutls https://bugs.launchpad.net/bugs/244925 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs