Comment 5 for bug 1103353

Thank you for your detailed investigation into this. I appreciate the time you've spent on this.

Marking as medium importance, since a workaround is available (which I believe is to fix the cipher suite string to something valid, right?)

> If the Ubuntu OpenLDAP developers and users can confirm the bug, and that this patch fixes the issue, it would be easier to push the patch upstream.

This is reasonable, although I'm not sure there are enough Ubuntu OpenLDAP developers to make this likely. Until then this bug may sit unattended, but your writeup will at least help others so I appreciate it being here.

For anyone else who comes across this: please mark it as "affects me too". If you can spare time to work on it, please confirm that it affects Ubuntu, check to see if the upstream non-packaged release is affected, look towards getting this reported upstream and note any new information or progress here. We can certainly patch the Ubuntu package if the bug and patch can be verified. But if upstream commit it and/or acknowledge the bug, that really makes things easier. Thanks!