--On Wednesday, November 08, 2006 3:02 PM -0800 Quanah Gibson-Mount <[EMAIL PROTECTED]> wrote:
Upstream patch available at: <http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/getdn.c> getdn.c 1.124.2.4 -> 1.124.2.5
Just to note, this bug can be brute-forced via any existing SASL mech, if certain conditions are met. I won't post what those conditions are. :P So this is probably a fairly important patch to get put in place.
--Quanah -- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
