Micah == Micah Anderson [EMAIL PROTECTED] writes:
Micah Hi,
Micah I'm just sending a ping to find out if there has been any
Micah movement on this issue.
I continue to believe that this is not a security issue and that
openssh is wrong to have applied the patch.
That doesn't
does your platform support weak symbols?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Michael == Michael Banck [EMAIL PROTECTED] writes:
Michael On Thu, Dec 01, 2005 at 05:51:16PM +0100, Michael Banck
Michael wrote:
I am not sure whether all the Makefile.in's should be modified
to have $PTHREAD_LIBS added to the link lines in case the
library uses pthread
Michael == Michael Banck [EMAIL PROTECTED] writes:
Michael On Thu, Dec 01, 2005 at 01:02:29PM -0500, Sam Hartman
Michael wrote:
does your platform support weak symbols?
Michael Yes, it does.
OK.
those references should be weak but were not for some reason.
I'm not going
Brian == Brian May [EMAIL PROTECTED] writes:
Brian My understanding is this should only happen for closed
Brian source modules, and I believe openafs-modules-source is
Brian open source.
This happens for any non-GPL module.
OpenAFS is definitely not GPL although it is open-source.
So, there are local changes having to do with that test. I forget
why, but the sitution is annoying.
I'd recommend buinging the alpha kernel with modversions.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
xsdg == xsdg [EMAIL PROTECTED] writes:
xsdg First, I would appreciate if a warning of some sort showed
xsdg up in debconf -- I tend not to look under /usr/share/doc/
xsdg unless I feel I need information in the first place.
I believe this would be against debconf policy or would at
Hi. I have not been paying attention to this issue as much as I would
like.
Just as an FYI, I'm running 1.3.81 on an SMP powermac g5 with no build
or run problems.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Are you using pam_krb5 for password logins?
If so, pam_krb5 also respects .k5login, so it is a feature not a bug.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Sam Hartman [EMAIL PROTECTED] writes:
So, I agree that we definitely need to support building
targeted at /usr/lib/uml. I also believe you need to set up
the other way.
Russ Ah, now I understand your concerns.
Russ
Russ, how do you feel about the thread on c.p.kerberos about the mutex
lock on debian? That seems rather bothersome.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Christian == Christian Perrier [EMAIL PROTECTED] writes:
Christian Has anyone around an idea about bug #200342. Given its
Christian age, it may be over for a very long time.
Christian However, I'm completely lacking the required skills to
Christian investigate it.
Upstream has
KSRC is not a environment variable, it is a make variable.
So, I'd expect
debian/rules KSRC=foo kdist_image to work
but not
KSRC=foo debian/rules kdist_image.
There's really no harm in making it be an environment variable; I can
replace $(KSRC) with ${KSRC} in debian/rules. Please confirm that
package: cvs
severity: wishlist
Hi. The kerberos libraries are at priority standard and are in a lot
of dependency chains. I don't think there is any good reason not to
enable gssapi support in cvs. It would be very convenient for some of
us.
All that needs to happen is:
* add libkrb-dev to
The part that really does not seem reasonable to me is installing the
modules in /usr/lib/uml.
It seems that for different configurations you want a module to be
installed in the hosted os vs the hosting OS.
It seems that you need to support both and the default is unclear to
me.
--
To
Can you reproduce with kvno?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
That's certainly where uml puts the modules for the uml kernel in
Debian.
It's not in general where the modules would end up if you build your
own kernel.
Also, ultimately, the modules end up needing to be accessed within the
uml image. I don't see why you wouldn't often want to install a
OK. I think we've linked this to an upstream bug. I think we already
have a patch. Let me confirm that.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Sounds like your system thinks it can get tickets for the non-kerberos
host, but some kdc is hanging somewhere.
You could edit your krb5.conf either to add a domain realm mapping so
the non-kerberos machine is in some obviouly bogus realm.
Alternatively you could make sure that the kdc
Hi. I cannot reproduce this. My desktop is a powerpc machine and I
build all my packages (including ones that depend on krb5) on it just
fine.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Martin == Martin Pitt [EMAIL PROTECTED] writes:
Martin Hi Sam! Sam Hartman [2005-10-09 16:56 -0400]:
Hi. I cannot reproduce this. My desktop is a powerpc machine
and I build all my packages (including ones that depend on
krb5) on it just fine.
Martin Odd. Then why
Does the krb524 functionality disappear from the KDC if you turn off
krb4?
If so, that will be a problem for current openafs, although probably
not for future openafs.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Be aware that there is special code to try and disable the replay
cache in mod-auth-kerb; it may interact badly with changes in krb5.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Sam Hartman [EMAIL PROTECTED] writes:
Be aware that there is special code to try and disable the
replay cache in mod-auth-kerb; it may interact badly with
changes in krb5.
Russ I must say that it's tempting to just set
tags 394519 moreinfo
severity 394519 normal
thanks
Hi. Can I get you to try upgrading your openafs-client? Also, can I
see the messages displayed in dmesg when openafs loads?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
package: libsasl2-modules-gssapi-mit
severity: grave
justification: package seems not to work at all
I get a base64 error authenticating to a system that works fine with a
previous version of sasl.
To reproduce:
apt-get install krb5-user
kinit [EMAIL PROTECTED]
password: foobarbaz
apt-get
Fabian == Fabian Fagerholm [EMAIL PROTECTED] writes:
Fabian On Wed, 2006-11-29 at 15:08 -0500, Sam Hartman wrote:
I get a base64 error authenticating to a system that works fine
with a previous version of sasl.
To reproduce:
Fabian [...]
You get a base64
# Automatically generated email from bts, devscripts version 2.10.35
# via tagpending
#
# krb5 (1.6.dfsg.4~beta1-4) UNRELEASED; urgency=low
#
# * Translation updates:
#- Swedish, thanks Martin Bagge. (Closes: #487669, #491774)
#- Italian, thanks Luca Monducci. (Closes: #493962)
#
Package: gnome-orca
Version: 2.22.2-1
Severity: normal
Hi. Feel free to reassign to openoffice.org-writer or to jointly assign to
gnome-orca and the other package.
Upstmream at least seems to have a number of bugs about accessibility of
various packages, but I can't tell how you want to
Package: gnome-orca
Version: 2.22.2-1
Severity: normal
A lot of terminal applications have interesting things going on around the
cursor.
However there's no way once you have moved away from the cursor to ask Orca to
get back.
Every other screen reader I've used had this feature.
-- System
Package: gnome-orca
Version: 2.22.2-1
Severity: normal
When a Gnome application segfaults and causes gnome-segv to be lunched, orca
hangs until gnome-segv is killed.
It's particularly bad because it hangs for all applications, not just the one
the segfaulted.
This is a fairly serious usability
so, I had openoffice.org open today and noticed that it actually seems
to be trying to read the styles and formatting panel now. I thought I
had tried it on another system after doing a full upgrade to lenny a
few days ago. However, it's definitely working on my laptop better
than it has been
Ah, I understand now.
Thanks so much for the bug.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
# Automatically generated email from bts, devscripts version 2.10.35
# via tagpending
#
# krb5 (1.6.dfsg.4~beta1-4) unstable; urgency=low
#
# * Translation Updates:
# - Dutch, Thanks Vincent Zweije, Closes: #495733
#
package krb5 krb5-admin-server krb5-user libkrb5-dbg krb5-pkinit
package barnowl
severity 487113 important
thanks
It turns out this bug is only effecting two users, and happens fairly rarely so
it is not RC.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: emacspeak
Version: 26.0-1
Severity: serious
emacs21 -batch -q -no-site-file -eval '(setq vc-handled-backends nil)' -l
/usr/share/emacs21/site-lisp/emacspeak/lisp/emacspeak-load-path.el -l
/usr/share/emacs21/site-lisp/emacspeak/lisp/emacspeak-loaddefs.el -l
I'm not really sure either side is at fault here. It seems like
you're failing to get credentials for host/[EMAIL PROTECTED] for some
reason.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
I will do this. Thanks for the report.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
That's certainly not how it should work
Are you sure you are not using the audit option to pam_unix? Without
that option I see:
Jun 3 13:59:06 cz login[4777]: (pam_unix) check pass; user unknown
Jun 3 13:59:06 cz login[4777]: (pam_unix) authentication failure;
logname=hartmans uid=0 euid=0
I'm happy to move to db4 post-sarge if the upgrade issues are dealt
with.
The problem is that if you are using userdb (which I don't think is
used often), logins will fail until your database is converted. Your
database will not be in a particularly standard place so postinst will
not be able to
Typically this means your kernel sources do not match the kernel you
are actually running. OTher possible problems include a mismatch in
module utilities, compilers etc.
--Sam
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
This patch looks broken. Are you sure you actually have the openafs
client enabled on your system?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
severity 300775 wishlist
tags 300775 -security
thanks
Hi. I've explicitly decided not to upgrade PAM for sarge. I had also
decided when 0.77 came out that I didn't see a good reason to take it.
Taking a new pam release is a painful process.
That said, I'm looking for people to help with PAM.
Interesting. I don't see this at all.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Matt == Matt Johnston [EMAIL PROTECTED] writes:
Matt The pam_mail module attempts to perform stat() of the mail
Matt location. If the mail location is NFS mounted and that
Matt server is unavailable, logins as any user (root included)
Matt will hang indefinitely (hampering
Steve == Steve Langasek [EMAIL PROTECTED] writes:
Steve On Sat, Mar 26, 2005 at 08:34:59PM -0500, Sam Hartman
Steve wrote:
Matt == Matt Johnston [EMAIL PROTECTED] writes:
Steve It seems to me that it would be better to fix this in the
Steve mount options for the NFS mount
I have 1.3.79 packages at svn://ia.mit.edu/openafs/branches/experimental
I need to work out some last details and upload.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
tags 297585 woody
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Jeroen == Jeroen van Wolffelaar [EMAIL PROTECTED] writes:
Jeroen On Thu, Mar 10, 2005 at 12:50:35PM -0500, Chip Salzenberg
Jeroen wrote:
Package: ftp.debian.org Severity: normal
The current unstable nfs-utils (1.0.7-1) builds nfs-common to
depend on libkrb53 for
Jan-Benedict == Jan-Benedict Glaw [EMAIL PROTECTED] writes:
Jan-Benedict If you're not keen with that, maybe doing it like
Jan-Benedict postgres would do: debconf there asks if you want to
Jan-Benedict keep the database files even at real purge time...
That works for me.
--
To
Javier == Javier Fernández-Sanguino Peña [EMAIL PROTECTED] writes:
Javier On Thu, Mar 24, 2005 at 08:49:01PM -0500, Sam Hartman
Javier wrote:
severity 300775 wishlist tags 300775 -security
Javier ^ Why this? PAM 0.76 is indeed
Javier vulnerable
Matt == Matt Johnston [EMAIL PROTECTED] writes:
Matt On Mon, Mar 28, 2005 at 06:30:28PM -0500, Sam Hartman wrote:
Steve == Steve Langasek [EMAIL PROTECTED] writes:
Steve It seems to me that it would be better to fix this in the
Steve mount options for the NFS mount in question
Chip == Chip Salzenberg [EMAIL PROTECTED] writes:
Chip According to Sam Hartman:
However I think it is generally a good idea to talk to a
maintainer before depending on unpublished internal interfaces
of their package that have been known to change frequently.
Chip I
I hate to be a pain in the ass, but it is going to be very difficult
for me to take a huge .diff.gz that applies all the debian patches.
That's hard to audit, hard to understand and not well documented. I'm
happy to give you access to the repository so you can work on a branch
and try to get
The upstream rc file and config file actually auto-detect a reasonable
configuration. It would be neat if someone merged those changes back
to the debian packages. I can't just use the upstream rc script
because it tries to load the kernel module manually rather than using
modprobe and found
Hi. Again, it works for me. Hopefully we'll find some more people
that have this problem and we can start to understand why it works on
some machines and not others.
My machine is a ppc64 box; I see you are running i686.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
I'd certainly expect pam to be used for all password validation. If
that's not true please give me info on how to reproduce.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
I'm thinking this may be a csail-specific lossage.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
No, there is not a limits.conf manpage in pam upstream; there is a
readme that could become a manpage. If that happened, dropping
limits.conf from shadow would be useful.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Understood. I am sorry that NIS is so broken. I just don't have time
to support NIS.
I do believe upgrading to 0.78 post-sarge is important.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Andreas == Andreas Jochens [EMAIL PROTECTED] writes:
Andreas This bug can now be reproduced in a current i386/testing
Andreas environment (openafs version 1.3.81-3 is now in sarge).
Oops yeah.
This is not so good. I will need to deal with this post haste. I
should get to it in the
I'm expecting Karl to deal with this bug. He has a strong interest in
making this work.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Russ, I'm fairly sure this hasn't been fixed. It was discussed
recently on zephyr.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
I don't understand why this is needed. That's fairly clearly the
default keytab that sshd will use.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
I'd like to ask that you not enable gssapi support for the ssh
package. The problem is that there is a key exchange method that has
not yet been accepted upstream that you probably want if you want
Kerberos support. Having the ssh package do some but not all of the
desired Kerberos support would
Brian == Brian Sammon [EMAIL PROTECTED] writes:
Brian The bug reported in #248133 appears to have resurfaced, and
Brian since I'm too late to reopen it, here goes: When I try to
Brian ssh into the machine as root when root has no password (and
Brian shadow passwords are
package: libsvn0
severity: serious
justification: breaks other software
version: 1.1.1-2
Please conflict with the 1.0.9 libsvn-core-perl. In practice it does
not work with this version of the library.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble?
svn://ia.mit.edu/svn-debian/openafs/branches/experimental
contains packages that work against 2.6.10. I'm not happy with the
server packages; there is a horrible bug that tends to take out
windows clients in sufficiently large cells. I'm not sure whether I'm
going to upload these packages.
-
Andrew == Andrew Gray [EMAIL PROTECTED] writes:
Andrew Package: libkrb5-dev Version: 1.6.dfsg.1-6 Severity:
Andrew important
Andrew The 1.6 versions of libkrb5-dev do not include libkrb5.a.
Yes. It's going to be really challenging to fix this. Upstream
basically does not support
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Package: krb5-config Version: 1.17 Severity: normal
Russ With MIT Kerberos 1.6, sometimes odd things happen if one
Russ doesn't have a domain_realm mapping for the local realm in
Russ places where things previously worked. We
OK. A lot of this looks like issues finding the right key for a
service key. It seems like fixing the library code there is a better
fix than including a domain_realm entry. In particular how much of
r19598 would help?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
Yeah. I'm expecting the upstream 1.6.3 release today or tomorrow. I
can upload that with a new package for pkinit and that will close this
bug.
--Sam
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
package: libkrb53
severity: serious
version: 1.6.dfsg.3~beta1-1
This version should not move into testing until pkinit.so moves into a
package other than libkrb53. Probably the README needs to be updated
as well.
I expect to make an upload in a week or so that moves pkinit into its
own package;
Hi. I just wanted to acknowledge that I had received your mail and
will reproduce on current i386 or close the bug.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Steve == Steve Langasek [EMAIL PROTECTED] writes:
Steve Package: krb5-config Version: 1.17 Severity: minor
Steve The krb5-config package chooses a default value for the
Steve host's default realm based on the output of the
Steve dnsdomainname command.
Steve This is not
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ SRV records can pose similar problems, but people don't seem
Russ as worried about them. I'm not sure if that's because the
Russ analysis of what an attacker can do with a SRV record is
Russ less confusing or just because SRV
Again, do you know how to do this with essential packages?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Sam Hartman [EMAIL PROTECTED] writes:
Again, do you know how to do this with essential packages?
Russ I'm fairly sure that you can't without something really
Russ scary like a compiled preinst. I expect you'd need to
Russ
Interesting. Do you end up getting tickets for the host service or
just a tgt?
Is any error logged on the Kerberos KDC?
Does the sasl sample pass the hostname into the sasl library? Many
mechanisms such as digest-md5 and cram-md5 will mostly work without a
hostname passed in, but gssapi
package: miredo
severity: important
version: 1.0.4-1
Tags: upstream
justification: Debian's Teredo implementation does not particularly work with
Debian's NAT implementation
[I've copied the Miredo author because this really seems more an
upstream issue than an Debian issue. I've copied
Anthony == Anthony Towns aj@azure.humbug.org.au writes:
Anthony Dividing by years gives:
Anthony CVEs Earliest Years CVEs/Year
Anthony 43 2004 3 14.3 wordpress 63 2002 5 12.6 phpbb2 37 2004
Anthony 3 12.3 moodle 46 2002 5 9.2 bugzilla 45 2001 6 7.5
Anthony phpmyadmin
package: keyutils-lib
severity: serious
version: 1.2-1
justification: policy 8.1
Policy 8.1 requires that the shared library soname be in the package.
keyutils-lib should be renamed libkeyutils1
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
package: openafs-krb5
Version: 1.4.2-3
Kerberos in experimental will return null realm names for
krb5_get_realm_of_host when no domain_realm mapping exists. That's
fine but aklog assumes that it knows the realm. You actually want to
try afs/cell@ (null realm) because if your kdc has referrals
tags 422687 help
thanks
This is most strange. The input_token to that call should be a
pointer, not 0x1.
I definitely cannot reproduce the problem you are seeing either using
password auth, kerberos auth or a combination.
I've tried both on amd64 and i386.
Can I get you to try running sshd
thanks
Date: Tue, 08 May 2007 10:37:38 -0400
In-Reply-To: [EMAIL PROTECTED] (Jon DeVree's message of
Tue, 8 May 2007 03:20:41 -0400)
Message-ID: [EMAIL PROTECTED]
User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Package: dpkg-dev
Version: 1.13.25
Severity: normal
I have an i386 system with both i386 and amd64 libraries in
/etc/ld.so.conf. This is useful because it makes it easier to run
amd64 binaries. Modern ld.so will just skip libraries of architecture
that conflict with the executable. However,
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Christian Perrier [EMAIL PROTECTED] writes:
Template: krb5-admin-server/newrealm Type: note _Description:
Setting up a Kerberos Realm This package contains the
administrative tools required to run the Kerberos master
Hi. gss_set_allowable_enctypes does correctly set the fields in the
krb5_context that should control which enctypes are requested. The
problem though is that krb5_get_credentials gets a ticket with session
keys outside this restriction. so, something broke in respecting
enctype restrictions.
severity 413838 important
retitle 413838 krb5_set_default_tgs_enctypes fail to work
tags 413838 upstream
thanks
This is not RC. There is a workaround: configure the nfs server
correctly.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
I don't think cyrus-sasl2-mit is still in the distribution.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Mark Eichin [EMAIL PROTECTED] writes:
Package: krb5-clients Version: 1.4.4-7etch1 Severity: normal
According to http://web.mit.edu/kerberos/mail-lists.html krb5
bugs should be submitted with krb5-send-pr. I suggest either
Based on the bug report, what seems to be happening is that the client
is managing to negotiate an AES context even though the code calls
set_allowable_enctypes to limit the context to only supporting des.
So you get a CFX context on the server, which doesn't actually support
CFX, so things
package: libflite1, eflite
severity: wishlist
I notice that both eflite and flite open /dev/dsp directly (as a
hard-coded string in the sources).
That makes it challenging to use eflite as a speech server for screen
reading with one sound card and to use /dev/dsp for music or other
sound
Thanks for reporting this. I will try and reproduce and debug but
would love it if someone else gets to this before I do. I'm
definitely busy this evening and will try to get to this tomorrow.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
Micah == Micah Anderson [EMAIL PROTECTED] writes:
Micah Package: openssh-krb5 Severity: important Tags: security
Micah CAN-2005-2798[1] reads:
Micah sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials
Micah is enabled, allows GSSAPI credentials to be delegated to
Thanks for the report.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
I'm not at all sure what to do about this bug. I understand the
problem but have no idea where it can be fixed.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Looking through this bug log I noticed a question from Russ about
using alternatives for basically all of krb5-user.
I'm certainly open to exploring it. The options are rather different
beyond the really basic commands, so people might sometimes get
unexpected behavior, but I think that's not
What does -DFOURTIFY_SOURCE=2 actually do?
I'll definitely look into stack protection.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bastian == Bastian Blank [EMAIL PROTECTED] writes:
Bastian On Sat, May 24, 2008 at 10:05:26AM -0700, Russ Allbery
Bastian wrote:
NEWS.Debian is correct. The documentation predates referral
support. Thanks, I'll work on getting this fixed, hopefully
for the next upstream
1 - 100 of 1318 matches
Mail list logo
