[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1093578: marked as done (release-notes: openldap switches TLS library impacting behavior)



Your message dated Fri, 18 Jul 2025 16:21:39 +0200
with message-id <aHpYc6qTtrMuBJbU@per.namespace.at>
and subject line Re: Bug#1093578: release-notes: openldap switches TLS library impacting behavior
has caused the Debian Bug report #1093578,
regarding release-notes: openldap switches TLS library impacting behavior
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1093578: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093578
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: release-notes
Severity: normal
X-Debbugs-Cc: Ryan Tandy <ryan@nardis.ca>

Hi,

I just saw this on my daily upgrade of my system. Probably worth mentioning in the release notes.

Paul

openldap (2.6.9+dfsg-1~exp2) experimental; urgency=medium

  The TLS library used for the OpenLDAP packages has changed from GnuTLS to
OpenSSL. This affects the set of configuration options available, as well as
  the behaviour of some options.

If no TLS CA certificates are specified, the system default trust store will now be loaded automatically. If you do not want the default CAs to be used,
  you must configure the trusted CAs explicitly.

Previously, the TLS_CIPHER_SUITE option accepted a GnuTLS priority string.
  Now, the option accepts an OpenSSL cipher list. For information about the
  cipher list format, see the openssl-ciphers(1) man page.

The TLS_CRLFILE option is no longer supported; it is accepted, but silently ignored. Use the TLS_CRLCHECK option instead. The TLS_CACERTDIR option must
  also be set.

For more information about the libldap configuration, see the ldap.conf(5)
  man page.

  For more information about the slapd(8) configuration, see
  /usr/share/doc/slapd/README.Debian.gz.

 -- Ryan Tandy <ryan@nardis.ca>  Fri, 10 Jan 2025 18:17:14 -0800

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature


--- End Message ---
--- Begin Message ---
On Sat, May 24, 2025 at 05:45:22PM -0700, Ryan Tandy wrote:
> Control: tag -1 patch
> 
> https://salsa.debian.org/ddp-team/release-notes/-/merge_requests/241

Got merged as https://salsa.debian.org/ddp-team/release-notes/-/commit/7e73b0db4d7aa175c1e5667454de73f0ee7b460b

Closing.

Thanks,
Chris

--- End Message ---

Reply to: