http://thehackernews.com/2017/07/gnupg-libgcrypt-rsa-encryption.html?utm_sou...
I believe most deployments of GnuTLS now use nettle instead of libgcrypt. But if you're on an older Debian or Ubuntu, using their packaged OpenLDAP built with GnuTLS, you should check what version of GnuTLS and libgcrypt you're using.
And you should seriously consider not using their package; rebuild from source with OpenSSL or get a package from LTB or Symas.
On Wed, Jul 05, 2017 at 06:42:12PM +0100, Howard Chu wrote:
I believe most deployments of GnuTLS now use nettle instead of libgcrypt. But if you're on an older Debian or Ubuntu, using their packaged OpenLDAP built with GnuTLS, you should check what version of GnuTLS and libgcrypt you're using.
For the record, "older" means Debian 7 (wheezy) or Ubuntu 14.04 (trusty). Debian 8 (jessie) and Ubuntu 16.04 (xenial) and later are using nettle.
Advisories and patches have been released for both wheezy and trusty,so if you're running either of those, please update.
https://lists.debian.org/debian-lts-announce/2017/07/msg00007.html https://www.ubuntu.com/usn/usn-3347-1/
openldap-technical@openldap.org