Dear backporters, I'm currently in the process of building+testing+sponsoring a shiny new openldap backport, courtesy of Ryan Tandy. As the backport queue is now under manual policing, I'd like to drop here a couple of notes for reviewers regarding this package: * it's NEW, but it has been requested by several users, either via BTS (#685748) or on ML[0]. * it is the same version which is going to be shipped in Jessie. We think it is a good way to have more people testing the upgrade path to the same version in Jessie. * it uses newer crypto libraries (gnutls28/nettle). This is because there are some known issues with wheezy ones, see BTS #368297. * it uses older libdb5.1. Unfortunately libdb5.3 has not been backported, and I'm not confident in doing it at this point. I am not aware of any known issue with it, though. * it embeds liblmdb. This is a known issue also in jessie/sid (BTS #750023), and the security team has been notified about this[1]. * it has a weird version: "2.4.31+really2.4.40-3~bpo70+1". This had to be done in order to avoid screwing the pre/postinst db-upgrading mechanisms in Jessie, which rely on package version to detect DB to be upgraded. I know it is a bit hackish, I'm sorry for that. Pending package is currently at http://mentors.debian.net/package/openldap That said, I hope it can get quickly out of the queue. [0] http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/2014-November/005962.html [1] https://anonscm.debian.org/viewvc/secure-testing/data/embedded-code-copies?r1=30023&r2=30405 Cheers, Luca -- .''`. ** Debian GNU/Linux ** | Luca Bruno (kaeso) : :' : The Universal O.S. | lucab (AT) debian.org `. `'` | GPG Key ID: 0x4F3BBEBF `- http://www.debian.org | Debian GNU/Linux Developer
Attachment:
signature.asc
Description: This is a digitally signed message part.