Release Notes - Heimdal - Version Heimdal 1.3.3 Bugs fixes - Check the GSS-API checksum exists before trying to use it [CVE-2010-1321] - Check NULL pointers before dereference them [kdc] - Bug fixes Two of the fixes are security related bugs and upgrade is in order. Reproducible: Always
Created attachment 234069 [details] heimdal and sys-libs/db-5.0 compatibility patch
Created attachment 234071 [details] heimdal_testsuite.patch
Created attachment 234073 [details] heimdal_testsuite_extra.patch
Created attachment 234075 [details] heimdal_disable-check-iprop.patch
Created attachment 234077 [details] heimdal-1.3.3.ebuild Changelog: Version bump - bug #322709. Berkeley DB-5.0 compatibility - bug #319673. Working FEATURES=test. Ldap schema name changed to hdb.schema to follow upstream. eautoreconf not necessary.
Created attachment 234163 [details] new and improved (not really, but still this one feels better)
Created attachment 234275 [details] heimdal-1.3.3.ebuild ewarn added for schema name change.
As an improvement for next time, please name patches in the ${P}-<function>.patch syntax. :) +*heimdal-1.3.3 (11 Jun 2010) + + 11 Jun 2010; Jeremy Olexa <darkside@gentoo.org> +files/heimdal_db5.patch, + +heimdal-1.3.3.ebuild, +files/heimdal_disable-check-iprop.patch, + +files/heimdal_testsuite.patch, +files/heimdal_testsuite_extra.patch: + Version bump - security bug #322709. Berkeley DB-5.0 compatibility - bug + #319673. Working FEATURES=test. Ldap schema name changed to hdb.schema to + follow upstream. eautoreconf not necessary. Leaving open for security team to handle.
arches, please test the following ebuilds and mark stable if possible: =app-crypt/heimdal-1.3.3 TARGET KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86"
x86 stable
Nice to see the test suite is finally working. Stable for HPPA.
amd64 stable
Stable on alpha.
(cleaning my bug queue, Eray can add me to CC for future requests)
arm/ia64/m68k/s390/sh/sparc stable
Already stable on ppc/ppc64.
GLSA Vote: Yes.
Vote: NO, just DoS according to http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txt
DoS only according to URL above so GLSA Vote: no -> Closing. Feel free to reopen if you disagree.