All releases prior to 0.6.2 have a possible buffer overrun problem in the Kerberos 4 kadmin compatibility module. It would probably be possible to implement a remote exploit for this, depending on architechture. http://www.pdc.kth.se/heimdal/advisory/2004-05-06/ ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc
CAN-2004-0434 C1 type -> major, target delay 5 days upstream fix available : version 0.6.2 no maintainer solar : you did the last bump, can you do it again ?
v0.6.2 in portage, thanks to aliz arches: please test app-crypt/heimdal-0.6.2 and mark stable
Testing here looks good, though fetchmail's configure script cannot find what it needs for kerberos5 support with heimdal-0.6.2. Not sure if this worked previously or not.
Marked stable on alpha.
Marked stable on hppa.
So do we really care about the fact that fetchmail doesn't work here or not?
*** Bug 51493 has been marked as a duplicate of this bug. ***
Noone is sure it was working before. I would say "mark stable" so that the GLSA can go out. Then someone can enter the bug in case it's a regression... arches : please mark stable or refute :)
Okey dokey. This might be a situation to add into the security policy. Marked stable on sparc.
x86,ppc,mips,amd64,ia64 : please mark stable
stable on amd64
Still missing app-crypt/heimdal-0.6.2 stable on x86, mips and ia64... x86 : we are waiting for you to issue the GLSA.
marked stable on x86.
Heimdal is ready to go
Stable on mips.
GLSA 200405-23