50208 2004-05-06 05:18 0000 app-crypt/heimdal : Kerberos 4 buffer overrun in kadmin 2004-09-22 21:32:33 0000 1 1 1 Unclassified Gentoo Security GLSA Errors unspecified All All RESOLVED FIXED http://www.pdc.kth.se/heimdal/advisory/2004-05-06/ P2 major --- 1 carlo@gentoo.org security@gentoo.org tobias@weisserth.de carlo@gentoo.org 2004-05-06 05:18:40 0000 All releases prior to 0.6.2 have a possible buffer overrun problem in the Kerberos 4 kadmin compatibility module. It would probably be possible to implement a remote exploit for this, depending on architechture. http://www.pdc.kth.se/heimdal/advisory/2004-05-06/ ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc koon@gentoo.org 2004-05-06 13:19:03 0000 CAN-2004-0434 C1 type -> major, target delay 5 days upstream fix available : version 0.6.2 no maintainer solar : you did the last bump, can you do it again ? koon@gentoo.org 2004-05-10 05:07:45 0000 v0.6.2 in portage, thanks to aliz arches: please test app-crypt/heimdal-0.6.2 and mark stable weeve@gentoo.org 2004-05-10 19:47:08 0000 Testing here looks good, though fetchmail's configure script cannot find what it needs for kerberos5 support with heimdal-0.6.2. Not sure if this worked previously or not. kloeri@gentoo.org 2004-05-11 17:30:23 0000 Marked stable on alpha. gmsoft@gentoo.org 2004-05-12 15:54:35 0000 Marked stable on hppa. weeve@gentoo.org 2004-05-13 20:02:18 0000 So do we really care about the fact that fetchmail doesn't work here or not? koon@gentoo.org 2004-05-19 12:46:57 0000 *** Bug 51493 has been marked as a duplicate of this bug. *** koon@gentoo.org 2004-05-19 12:49:20 0000 Noone is sure it was working before. I would say "mark stable" so that the GLSA can go out. Then someone can enter the bug in case it's a regression... arches : please mark stable or refute :) weeve@gentoo.org 2004-05-19 15:20:38 0000 Okey dokey. This might be a situation to add into the security policy. Marked stable on sparc. koon@gentoo.org 2004-05-21 01:00:06 0000 x86,ppc,mips,amd64,ia64 : please mark stable jhuebel@gentoo.org 2004-05-25 11:30:12 0000 stable on amd64 koon@gentoo.org 2004-05-26 10:56:35 0000 Still missing app-crypt/heimdal-0.6.2 stable on x86, mips and ia64... x86 : we are waiting for you to issue the GLSA. rphillips@gentoo.org 2004-05-26 16:41:24 0000 marked stable on x86. koon@gentoo.org 2004-05-27 02:03:30 0000 Heimdal is ready to go kumba@gentoo.org 2004-05-27 02:25:38 0000 Stable on mips. koon@gentoo.org 2004-05-27 05:29:02 0000 GLSA 200405-23