* [gentoo-dev] Heimdal in danger of being security masked
@ 2004-09-15 16:17 Sune Kloppenborg Jeppesen
2004-09-15 16:53 ` Aron Griffis
0 siblings, 1 reply; 5+ messages in thread
From: Sune Kloppenborg Jeppesen @ 2004-09-15 16:17 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 434 bytes --]
Heimdal has an extremely critical remote vulnerability that may allow a
complete system compromise.
We need to get this marked stable on x86 ASAP. If you're using Heimdal on x86
please take Heimdal-0.6.3 for a whirl and report back on
http://bugs.gentoo.org/show_bug.cgi?id=61412
If we have no stable marking in 24 hours it will be security masked.
Thanks
--
Sune Kloppenborg Jeppesen
Gentoo Linux Security Team
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-dev] Heimdal in danger of being security masked
2004-09-15 16:17 [gentoo-dev] Heimdal in danger of being security masked Sune Kloppenborg Jeppesen
@ 2004-09-15 16:53 ` Aron Griffis
2004-09-15 17:05 ` Carsten Lohrke
0 siblings, 1 reply; 5+ messages in thread
From: Aron Griffis @ 2004-09-15 16:53 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 480 bytes --]
Sune Kloppenborg Jeppesen wrote: [Wed Sep 15 2004, 12:17:46PM EDT]
> We need to get this marked stable on x86 ASAP. If you're using
> Heimdal on x86 please take Heimdal-0.6.3 for a whirl and report back
There's another problem with heimdal: it presently conflicts with
mit-krb5. See bug 47138
It would be good for somebody to look at the Debian mit-krb5 and
heimdal packages to see how they manage the conflicting files.
Regards,
Aron
--
Aron Griffis
Gentoo Linux Developer
[-- Attachment #2: Type: application/pgp-signature, Size: 190 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-dev] Heimdal in danger of being security masked
2004-09-15 16:53 ` Aron Griffis
@ 2004-09-15 17:05 ` Carsten Lohrke
2004-09-15 17:51 ` Thierry Carrez
0 siblings, 1 reply; 5+ messages in thread
From: Carsten Lohrke @ 2004-09-15 17:05 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 276 bytes --]
On Wednesday 15 September 2004 18:53, Aron Griffis wrote:
> There's another problem with heimdal: it presently conflicts with
> mit-krb5. See bug 47138
I guess this a problem of the past. Both packages provide virtual/krb5 and
block each other this way.
Carsten
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-dev] Heimdal in danger of being security masked
2004-09-15 17:05 ` Carsten Lohrke
@ 2004-09-15 17:51 ` Thierry Carrez
2004-09-15 18:04 ` Aron Griffis
0 siblings, 1 reply; 5+ messages in thread
From: Thierry Carrez @ 2004-09-15 17:51 UTC (permalink / raw
To: gentoo-dev
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Carsten Lohrke wrote:
> On Wednesday 15 September 2004 18:53, Aron Griffis wrote:
>
>>There's another problem with heimdal: it presently conflicts with
>>mit-krb5. See bug 47138
>
> I guess this a problem of the past. Both packages provide virtual/krb5
and
> block each other this way.
Rule is : if it works at least as well as the current stable version,
then the security-fix version should be marked stable.
Security stable marking is not the right moment to fix all pending bugs
on a package. Only regressions should prevent a package from getting a
security stable keyword.
- --
Koon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBSIEKvcL1obalX08RAnq6AJ427ehOy7Md92Cyhug5FLeKjONmjgCcCYGg
lMuKCYgKP8OQ3nmARFUdef0=
=sOgi
-----END PGP SIGNATURE-----
--
gentoo-dev@gentoo.org mailing list
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-dev] Heimdal in danger of being security masked
2004-09-15 17:51 ` Thierry Carrez
@ 2004-09-15 18:04 ` Aron Griffis
0 siblings, 0 replies; 5+ messages in thread
From: Aron Griffis @ 2004-09-15 18:04 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 571 bytes --]
Carsten Lohrke wrote: [Wed Sep 15 2004, 01:05:05PM EDT]
> I guess this a problem of the past. Both packages provide virtual/krb5 and
> block each other this way.
Ah, good. I didn't realize that had been fixed.
Thierry Carrez wrote: [Wed Sep 15 2004, 01:51:06PM EDT]
> Rule is : if it works at least as well as the current stable
> version, then the security-fix version should be marked stable.
Sorry, I didn't mean to imply otherwise. The mention of heimdal just
brought the bug to mind.
Regards,
Aron
--
Aron Griffis
Gentoo Linux Developer
[-- Attachment #2: Type: application/pgp-signature, Size: 190 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2004-09-15 18:05 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-09-15 16:17 [gentoo-dev] Heimdal in danger of being security masked Sune Kloppenborg Jeppesen
2004-09-15 16:53 ` Aron Griffis
2004-09-15 17:05 ` Carsten Lohrke
2004-09-15 17:51 ` Thierry Carrez
2004-09-15 18:04 ` Aron Griffis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox