patches that still haven't been applied

[Sam Hartman]

First note that 1.2.4 was not a general patch release, but was a
release specifically designed to correct significant problems
introduced in 1.2.3.


As far as I can tell your krb524d memory leak fix was applied for 1.2.3; do
you see a problem with the fix in that code?


I see no request in our bugs database to build krb524d for Windows.
would you mind giving me the bug number so I can go look it up?  


The telnet problem you point out actually is related to the
credentials for other users discussion.  If telnetd does not write out
the ccache, no problem would exist.  However you are correct that our
handling of telnet has been rather bad over the last few years.  We
are evaluating a particular external source of Kerberos telnet in the
hope that we can recommend people use that telnet build and drop our
own.  If someone else is doing a better job of maintaining something
and we are clearly not doing a good job, it seems more reasonable to
point people at the working implementation than to duplicate effort.



Note also that we are in the middle of reorganizing bug track and our
release process.  One goal of that effort is to make bug status and
contents available over a website.