Date: 05 May 2003 14:59:43 -0500 From: Craig Boston <craig@xfoil.gank.org> To: stable@freebsd.org Subject: Re: HEADS UP! Kerberos5/Heimdal now default! Message-ID: <1052164783.38008.37.camel@owen1492.uf.corelab.com> In-Reply-To: <200305051950.h45Jo5Pu026249@khavrinen.lcs.mit.edu> References: <200305050845.h458j38c069038@grimreaper.grondar.org> <20030505121050.GC21530@madman.celabo.org> <20030505052615.R2996@znfgre.qbhto.arg> <200305051950.h45Jo5Pu026249@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Sorry for the dupe Garrett, forgot to copy the list...... > What ``extremely colorful history of ... vulnerabilities''? I can > think of no more than five times I've had to rebuild my KDC in six > years. ...and nearly every security advisory I've seen for Kerberos 5 in the last year or two was actually for the Kerberos 4 compatibility code. One of the reasons I always build the port with "KRB5_KRB4_COMPAT=NO". The only exception I can think of at the moment was the XDR/RPC buffer overflow, which hit a LOT of software. Craig
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1052164783.38008.37.camel>