The patch for ITS8529 has been pushed to OpenLDAP master. Generally I'd push something like this to RE24 as well, except for the fact that it results in a behavior change vs prior releases (at least if OpenLDAP is linked to OpenSSL).
On the plus side, the patch reveals potential misconfigurations that were previously not noted.
On the minus side, it could affect someone's existing deployment. (Although that deployment would clearly be in error).
I personally think it would be best to apply it to RE24, particularly given that it has security implications. I know Michael Stroeder already noted he would like to see it in RE24 as well.
Does anyone have some good concrete reasons why it should not go into RE24?
Thanks, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com