Re: CVE-2018-14624 - testing 389-ds-base update

To: Antoine Beaupré <anarcat@orangeseeds.org>
Cc: debian-lts@lists.debian.org
Subject: Re: CVE-2018-14624 - testing 389-ds-base update
From: Hugo Lefeuvre <hle@debian.org>
Date: Fri, 28 Sep 2018 10:17:39 -0400
Message-id: <[🔎] 20180928141739.GA1672@hle-laptop.local>
In-reply-to: <[🔎] 87sh1wnrgr.fsf@curie.anarc.at>
References: <[🔎] 20180915160402.GA2082@hle-laptop.local> <[🔎] 87sh1wnrgr.fsf@curie.anarc.at>

Hi Antoine,

> > I have just prepared a Jessie security update for 389-ds-base, addressing
> > CVE-2018-14624. I will go through the test procedure myself, however I am
> > not a 389-ds user, so it might be good if someone more experienced with
> > this LDAP server could double check the update before upload.
> 
> I have no experience with that LDAP server either - I have only used
> OpenLDAP in the past. But that experience did allow me to smoke-test
> your packages and they can live through an upgrade without crashing on
> restart and ldapsearch still works.
> 
> So I would say it's good enough for now.

Thanks ! I'll proceed to upload then.

cheers,
 Hugo

-- 
                Hugo Lefeuvre (hle)    |    www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- CVE-2018-14624 - testing 389-ds-base update
  - From: Hugo Lefeuvre <hle@debian.org>
- Re: CVE-2018-14624 - testing 389-ds-base update
  - From: Antoine Beaupré <anarcat@orangeseeds.org>

Prev by Date: Re: monit/CVE-2016-7067: call for testing
Next by Date: Re: removing enigmail from jessie?
Previous by thread: Re: CVE-2018-14624 - testing 389-ds-base update
Next by thread: Switch CVE triaging week?
Index(es):
- Date
- Thread