* [gentoo-dev] Heimdal in danger of being security masked @ 2004-09-15 16:17 Sune Kloppenborg Jeppesen 2004-09-15 16:53 ` Aron Griffis 0 siblings, 1 reply; 5+ messages in thread From: Sune Kloppenborg Jeppesen @ 2004-09-15 16:17 UTC (permalink / raw To: gentoo-dev [-- Attachment #1: Type: text/plain, Size: 434 bytes --] Heimdal has an extremely critical remote vulnerability that may allow a complete system compromise. We need to get this marked stable on x86 ASAP. If you're using Heimdal on x86 please take Heimdal-0.6.3 for a whirl and report back on http://bugs.gentoo.org/show_bug.cgi?id=61412 If we have no stable marking in 24 hours it will be security masked. Thanks -- Sune Kloppenborg Jeppesen Gentoo Linux Security Team [-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-dev] Heimdal in danger of being security masked 2004-09-15 16:17 [gentoo-dev] Heimdal in danger of being security masked Sune Kloppenborg Jeppesen @ 2004-09-15 16:53 ` Aron Griffis 2004-09-15 17:05 ` Carsten Lohrke 0 siblings, 1 reply; 5+ messages in thread From: Aron Griffis @ 2004-09-15 16:53 UTC (permalink / raw To: gentoo-dev [-- Attachment #1: Type: text/plain, Size: 480 bytes --] Sune Kloppenborg Jeppesen wrote: [Wed Sep 15 2004, 12:17:46PM EDT] > We need to get this marked stable on x86 ASAP. If you're using > Heimdal on x86 please take Heimdal-0.6.3 for a whirl and report back There's another problem with heimdal: it presently conflicts with mit-krb5. See bug 47138 It would be good for somebody to look at the Debian mit-krb5 and heimdal packages to see how they manage the conflicting files. Regards, Aron -- Aron Griffis Gentoo Linux Developer [-- Attachment #2: Type: application/pgp-signature, Size: 190 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-dev] Heimdal in danger of being security masked 2004-09-15 16:53 ` Aron Griffis @ 2004-09-15 17:05 ` Carsten Lohrke 2004-09-15 17:51 ` Thierry Carrez 0 siblings, 1 reply; 5+ messages in thread From: Carsten Lohrke @ 2004-09-15 17:05 UTC (permalink / raw To: gentoo-dev [-- Attachment #1: Type: text/plain, Size: 276 bytes --] On Wednesday 15 September 2004 18:53, Aron Griffis wrote: > There's another problem with heimdal: it presently conflicts with > mit-krb5. See bug 47138 I guess this a problem of the past. Both packages provide virtual/krb5 and block each other this way. Carsten [-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-dev] Heimdal in danger of being security masked 2004-09-15 17:05 ` Carsten Lohrke @ 2004-09-15 17:51 ` Thierry Carrez 2004-09-15 18:04 ` Aron Griffis 0 siblings, 1 reply; 5+ messages in thread From: Thierry Carrez @ 2004-09-15 17:51 UTC (permalink / raw To: gentoo-dev -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Carsten Lohrke wrote: > On Wednesday 15 September 2004 18:53, Aron Griffis wrote: > >>There's another problem with heimdal: it presently conflicts with >>mit-krb5. See bug 47138 > > I guess this a problem of the past. Both packages provide virtual/krb5 and > block each other this way. Rule is : if it works at least as well as the current stable version, then the security-fix version should be marked stable. Security stable marking is not the right moment to fix all pending bugs on a package. Only regressions should prevent a package from getting a security stable keyword. - -- Koon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBSIEKvcL1obalX08RAnq6AJ427ehOy7Md92Cyhug5FLeKjONmjgCcCYGg lMuKCYgKP8OQ3nmARFUdef0= =sOgi -----END PGP SIGNATURE----- -- gentoo-dev@gentoo.org mailing list ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-dev] Heimdal in danger of being security masked 2004-09-15 17:51 ` Thierry Carrez @ 2004-09-15 18:04 ` Aron Griffis 0 siblings, 0 replies; 5+ messages in thread From: Aron Griffis @ 2004-09-15 18:04 UTC (permalink / raw To: gentoo-dev [-- Attachment #1: Type: text/plain, Size: 571 bytes --] Carsten Lohrke wrote: [Wed Sep 15 2004, 01:05:05PM EDT] > I guess this a problem of the past. Both packages provide virtual/krb5 and > block each other this way. Ah, good. I didn't realize that had been fixed. Thierry Carrez wrote: [Wed Sep 15 2004, 01:51:06PM EDT] > Rule is : if it works at least as well as the current stable > version, then the security-fix version should be marked stable. Sorry, I didn't mean to imply otherwise. The mention of heimdal just brought the bug to mind. Regards, Aron -- Aron Griffis Gentoo Linux Developer [-- Attachment #2: Type: application/pgp-signature, Size: 190 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2004-09-15 18:05 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2004-09-15 16:17 [gentoo-dev] Heimdal in danger of being security masked Sune Kloppenborg Jeppesen 2004-09-15 16:53 ` Aron Griffis 2004-09-15 17:05 ` Carsten Lohrke 2004-09-15 17:51 ` Thierry Carrez 2004-09-15 18:04 ` Aron Griffis
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox