Summary: | <app-crypt/heimdal-1.5.1-r1 : telnetd Buffer Overflow Vulnerability (CVE-2011-4862) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | kerberos |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/47399/ | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2011-12-26 17:36:30 UTC
+*heimdal-1.5.1-r1 (27 Dec 2011) + + 27 Dec 2011; Eray Aslan <eras@gentoo.org> +heimdal-1.5.1-r1.ebuild, + +files/CVE-2011-4862.patch, +files/heimdal_missing-include.patch: + security bump - bug #396105 + @security: Please stabilize =app-crypt/heimdal-1.5.1-r1. Thank you. Thanks Arches, please test and mark stable: =app-crypt/heimdal-1.5.1-r1 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" @Eras: /etc/init.d/heimdal-kpasswdd returns crashed status after start, I guess is not expected, Please tell me if you prefer take a look if it works on a way different to other bug( e.g. irc ) Missing anyway the following rdep: sys-libs/ncurses-5.9 sys-libs/readline-6.2_p1 x11-libs/libX11-1.4.4 x11-libs/libXau-1.0.6 x11-libs/libXt-1.1.1 (In reply to comment #3) > /etc/init.d/heimdal-kpasswdd returns crashed status after start, I guess is not > expected, Eras said on irc that is expected if kerberos is not configured properly amd64 stable rdeps added. Thanks. For the record, kpasswdd will crash if kerberos is not configured. Known problem/bug. ppc/ppc64 done x86 stable alpha/arm/ia64/m68k/s390/sh/sparc stable Stable for HPPA (bug #396105 will be solved later, and can be worked around with USE=-X, which should not be a huge problem since most HPPA users won't be using X much anyway). New glsa draft filed. Thanks everyone. This issue was resolved and addressed in GLSA 201202-05 at http://security.gentoo.org/glsa/glsa-201202-05.xml by GLSA coordinator Sean Amoss (ackle). |