[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remote vulnerability in kadmind

On Fri, Oct 25, 2002 at 12:51:03AM +0200, Måns Nilsson wrote:
>  If you are running a version older than 0.5.1 AND have Kerberos 4 support
>  enabled in kadmind you should disable it until you have time to upgrade."

...unless of course you are running an older version that has been
patched with the fixes...

This has always been Debian's policy to patch the old version rather
then to upgrade to the latest version, in case the new version
breaks stuff.

While all versions of Heimdal have at least some security
bugs already fixed, we are currently working on fixing other
security problems.
Brian May <bam@snoopy.apana.org.au>