[Bug 1103353] Re: Invalid GnuTLS cipher suite strings causes libldap to crash
Harry Coin
hcoin at quietfountain.com
Sat Mar 21 01:50:54 UTC 2015
If this were a library used in a game or a bug in a screensaver I could
see letting a formatting error in a string crash abort any program using
the library sit for a year. I'm staggered really to experience this for
a package as widely touted as gnutls, contending to be a replacement for
openssl, and especially in a business supporting group like ubuntu that
aims for site installs.
I think this 11-month 'maintainers have higher priorities' event is a
strong sign gnutls just is so not ready for mission critical deployment
that whatever priority it may have on launchpad--- in the maintainers
minds this is a 'might fix, won't deploy'.
I've compiled it against openssl, and it's solid. Though I've stuck
with ubuntu for many years now I have to agree with the sentiment
upstream: this is a confidence buster.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1103353
Title:
Invalid GnuTLS cipher suite strings causes libldap to crash
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1103353/+subscriptions
More information about the Ubuntu-server-bugs
mailing list