The rshd server in Heimdal has a privilege escalation bug when storing forwarded credentials. The code allowes a user to overwrite a file with its credential cache, and get ownership of the file. 0.7.2 and 0.6.6 fixes this problem. The only workaround for this bug is to disable the rshd server program.
kerberos herd please bump, thank you.
blah, forget to accept my own bug ...
guys, any progress?
Try the following and report back (it compiles for me fine): cd /usr/portage/app-crypt/heimdal/ cp heimdal-0.7.1-r1.ebuild heimdal-0.7.2.ebuild cp /usr/portage/distfiles/heimdal-0.7.1-gentoo-patches-0.1.tar.bz2 /usr/portage/distfiles/heimdal-0.7.2-gentoo-patches-0.1.tar.bz2 ebuild heimdal-0.7.2.ebuild digest emerge -u heimdal && echo "<app-crypt/heimdal-0.7.2" >> /etc/portage/package.mask
Bumped 0.7.2. Arches please test and mark stable.
bumped to stable on ppc64 (ebuild was somehow missing ~ppc64)
x86 done
Alpha done
stable on amd64
Here a SPARC, there a SPARC, everywhere a SPARC SPARC
ppc stable
Stable on hppa. Forgot to remove CC.
ready for glsa
GLSA 200603-14 Thanks everybody, other arches dont forget to stable to benefit from the GLSA ;)
0.7.2-r3 was marked stable on mips, thus retro-fixing this.