The rshd server in Heimdal has a privilege escalation bug when storing forwarded credentials. The code allowes a user to overwrite a file with its credential cache, and get ownership of the file.
0.7.2 and 0.6.6 fixes this problem.
The only workaround for this bug is to disable the rshd server program.
kerberos herd please bump, thank you.
blah, forget to accept my own bug ...
guys, any progress?
Try the following and report back (it compiles for me fine):
cp heimdal-0.7.1-r1.ebuild heimdal-0.7.2.ebuild
ebuild heimdal-0.7.2.ebuild digest
emerge -u heimdal && echo "<app-crypt/heimdal-0.7.2" >>
Bumped 0.7.2. Arches please test and mark stable.
bumped to stable on ppc64 (ebuild was somehow missing ~ppc64)
stable on amd64
Here a SPARC, there a SPARC, everywhere a SPARC SPARC
Stable on hppa. Forgot to remove CC.
ready for glsa
Thanks everybody, other arches dont forget to stable to benefit from the GLSA ;)
0.7.2-r3 was marked stable on mips, thus retro-fixing this.