Your message dated Wed, 13 May 2009 09:31:05 +1000
with message-id <[email protected]>
has caused the report #527468,
regarding heimdal-kdc: Sends TGS-REP encrypted in session key not authenticator
subkey
to be marked as having been forwarded to the upstream software
author(s) [email protected]
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
527468: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=527468
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Hello,
I received this bug report against Heimdal in Debian.
You can find the referenced bug report at:
<http://bugs.debian.org/527353>.
Thanks.
Brian May
On Thu, May 07, 2009 at 03:07:26PM -0400, Sam Hartman wrote:
> Package: heimdal-kdc
> Version: 1.2.dfsg.1-4
> Severity: important
> Tags: upstream
>
> Hi.As discussed in bug #527353, Heimdal fails to follow the
> requirement at the top of page 35 of RFC 4120 that when an
> authenticator subkey is used in the TGS request, the response needs to
> be encrypted in that subkey, not in the ticket session key.
>
>
> -- System Information:
> Debian Release: squeeze/sid
> APT prefers testing
> APT policy: (500, 'testing'), (500, 'stable'), (40, 'unstable'), (1,
> 'experimental')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 2.6.25-2-amd64 (SMP w/2 CPU cores)
> Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
> Shell: /bin/sh linked to /bin/bash
>
>
--
Brian May <[email protected]>
--- End Message ---
