I have just found that Howard Chu of OpenLDAP team had already uploaded this patch to Launchpad VCS: http://bazaar.launchpad.net/~vcs-imports/openldap/master/revision/20757 Hopefully we will have the package released soon.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: Confirmed Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
