Operating Systems & Kerbros
Sam Hartman
hartmans at MIT.EDU
Mon Feb 17 12:44:47 EST 2003
>>>>> "Jose" == Jose Marques <noway at nohow.demon.co.uk> writes:
Jose> On Fri, 14 Feb 2003, Sam Hartman wrote:
>> The reason this security decrease is necessary is a rather
>> unfortunate bug in both the MIT KDC and the MIT client
>> codebase. It's bug 1006 in our database.
>>
>> The only good news about this issue is that once the bug is
>> fixed, upgrading either the KDC or the client should be
>> sufficient to work around the problem.
Jose> Can you tell me which version to update to? At work we've
I thought my statement was fairly clear that the bug was still open.
Since then I have committed a patch to resolve the issue and this
patch should appear in Kerberos 1.3. And before you ask, we have no
public statement on 1.3 release timelines.
I have enclosed the patch; please let us know if you find any
problems.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: patch.kdc_enctypes
Url: http://mailman.mit.edu/pipermail/kerberos/attachments/20030217/ebeece09/attachment.bat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 258 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20030217/ebeece09/attachment.bin
More information about the Kerberos
mailing list