First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 50208
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Carsten Lohrke <carlo@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 50208 depends on: Show dependency tree
Show dependency graph
Bug 50208 blocks:

Additional Comments: (this is where you put emerge --info)







View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2004-05-06 05:18 0000 
All releases prior to 0.6.2 have a possible buffer overrun problem in the
Kerberos 4 kadmin compatibility module. It would probably be possible to
implement a remote exploit for this, depending on architechture.

http://www.pdc.kth.se/heimdal/advisory/2004-05-06/
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc

------- Comment #1 From Thierry Carrez (RETIRED) 2004-05-06 13:19:03 0000 ------- 
CAN-2004-0434
C1 type -> major, target delay 5 days
upstream fix available : version 0.6.2
no maintainer

solar : you did the last bump, can you do it again ?

------- Comment #2 From Thierry Carrez (RETIRED) 2004-05-10 05:07:45 0000 ------- 
v0.6.2 in portage, thanks to aliz
arches: please test app-crypt/heimdal-0.6.2 and mark stable

------- Comment #3 From Jason Wever (RETIRED) 2004-05-10 19:47:08 0000 ------- 
Testing here looks good, though fetchmail's configure script cannot find what
it needs for kerberos5 support with heimdal-0.6.2.  Not sure if this worked
previously or not.

------- Comment #4 From Bryan Østergaard (RETIRED) 2004-05-11 17:30:23 0000 ------- 
Marked stable on alpha.

------- Comment #5 From Guy Martin 2004-05-12 15:54:35 0000 ------- 
Marked stable on hppa.

------- Comment #6 From Jason Wever (RETIRED) 2004-05-13 20:02:18 0000 ------- 
So do we really care about the fact that fetchmail doesn't work here or not?

------- Comment #7 From Thierry Carrez (RETIRED) 2004-05-19 12:46:57 0000 ------- 
*** Bug 51493 has been marked as a duplicate of this bug. ***

------- Comment #8 From Thierry Carrez (RETIRED) 2004-05-19 12:49:20 0000 ------- 
Noone is sure it was working before. I would say "mark stable" so that the GLSA
can go out. Then someone can enter the bug in case it's a regression...

arches : please mark stable or refute :)

------- Comment #9 From Jason Wever (RETIRED) 2004-05-19 15:20:38 0000 ------- 
Okey dokey.  This might be a situation to add into the security policy.  Marked
stable on sparc.

------- Comment #10 From Thierry Carrez (RETIRED) 2004-05-21 01:00:06 0000 ------- 
x86,ppc,mips,amd64,ia64 : please mark stable

------- Comment #11 From Jason Huebel 2004-05-25 11:30:12 0000 ------- 
stable on amd64

------- Comment #12 From Thierry Carrez (RETIRED) 2004-05-26 10:56:35 0000 ------- 
Still missing app-crypt/heimdal-0.6.2 stable on x86, mips and ia64...
x86 : we are waiting for you to issue the GLSA.

------- Comment #13 From Ryan Phillips (RETIRED) 2004-05-26 16:41:24 0000 ------- 
marked stable on x86.

------- Comment #14 From Thierry Carrez (RETIRED) 2004-05-27 02:03:30 0000 ------- 
Heimdal is ready to go

------- Comment #15 From Joshua Kinard 2004-05-27 02:25:38 0000 ------- 
Stable on mips.

------- Comment #16 From Thierry Carrez (RETIRED) 2004-05-27 05:29:02 0000 ------- 
GLSA 200405-23
First Last Prev Next    No search results available      Search page      Enter new bug