app-crypt/heimdal needs to be update to heimdal 0.6.1
Steps to Reproduce:
1. see http://www.pdc.kth.se/heimdal/advisory/2004-04-01/
Aron - would you create an ebuild for 0.6.1? Thanks.
heimdal-0.6.1 added to portage as
KEYWORDS="~x86 ~sparc ~ppc ~alpha ~ia64 ~amd64 ~hppa ~mips"
Every version below 0.6(currently stable) has been removed from the tree.
I don't have krb setup so I have no way of verifying if this package
runtime environment works. One patch conflicted and seemed unneeded for
gcc-3.3.x and was thus commented out.
From reading the .ebuild I fail to understand what this sed statement is
doing other than wasting a few cpu cycles.
(Maybe it should be sed -i -e)
sed -i "s:LIB_crypt = @LIB_crypt@:LIB_crypt = -lssl @LIB_crypt@:g" Makefile.in || die
Arch maintainers please test and mark stable if/when
ready. Please try test/verify the rumtime as well if you can.
From the sed info page:
"If no `-e', `-f', `--expression', or `--file' options are given on
the command-line, then the first non-option argument on the command
line is taken to be the SCRIPT to be executed."
I prefer to see the -e there myself, but the sed line probably works as intended
without the -e.
Marked stable on mips.
Marked stable on Alpha.
Stable on amd64
Stable on ppc
Stable on sparc
Mr Bones (thanks)
Still waiting on x86 and a report that the runtime has been tested.
I don't think we're going to get a report on the runtime -- not many individual devs use kerberos for authentication. Also, agriffis hasn't been responsive at all regarding this issue, so I recommend we bump to stable on x86.
We've given folks the opportunity to test -- we need to get this security fix out.
pushed to stable on x86.
"agriffis hasn't been responsive at all regarding this issue, so I recommend we bump to stable on x86"
klieber, I don't use or maintain heimdal. You asked me about it on IRC, I said, yeah, go ahead and bump it since we don't know anybody to test... so I don't understand your comment. :-(
sorry -- came across wrong. that's what I get for trying to respond to bugs too quickly. my apologies.