2005-04-20: telnet vulnerabilities
The telnet client program in Heimdal has buffer overflows in the functions slc_add_reply() and env_opt_add(), which may lead to remote code execution.
0.6.4 fixes this problem.
The only workaround for this bug is to not use the telnet client.
See also CAN-2005-0469
kerberos please bump.
I pinged seemant on that one... he'll have a look.
it'll be in portage in about 30 minutes, sorry for the delay, everyone.
bumped to 0.6.4 in portage, and stabled on amd64. I will also test and stable on x86, but the rest of the arch teams need to do it respectively.
Stable on ppc.
Stable on mips.
Stable on alpha + ia64.
stable on x86 -- hppa and sparc still outstanding
Stable on hppa.