Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ It doesn't always do so, but I've seen the behavior that
Russ you've seen before and I'm not sure what the difference is.
Russ When I authenticate with the default Debian krb5.conf
Russ against the stanford.edu realm, I don't
# Automatically generated email from bts, devscripts version 2.10.28
#
# krb5 (1.6.dfsg.4~beta1-2) unstable; urgency=low
#
# * Patch from Bryan Kadzban to look inside spnego union_creds when
#looking for a specific mechanism cred. This allows spnego creds to be
#used when copying out
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Bastian Blank [EMAIL PROTECTED] writes:
The policy mandates that one (or, if no consensus is reached,
both) programs needs to be renamed in such a case (see
§10.1). But in this case the functionality and the
commandline
Yeah, I'm reasonably sure that alternatives are wrong for kadmin.
Editor is intended to be used by a user. Kadmin is often used by
users but is also quite often used by scripts.
Editors also can all work with text files. It's basically not true
that you can use a heimdal kadmin against an MIT
I cannot reproduce this without ldap.
I should go set up an ldap test realm.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
package: wnpp
severity: wishlist
Barnowl can be obtained from http://barnowl.mit.edu/. It is a fork of
owl, which is already in Debian. Barnowl adds Jabber and IRc support
and fixes many bugs providing a new extensibility architecture.
I've discussed my plans to package barnowl with the Owl
package: barnowl
severity: serious
Version: 1.0.1-3
justification: should not enter testing while this unstable.
Several people have been reporting reasonably frequent crashes related
to erros not being handled in calls to Net::XMPP::Connection::process.
The error takes out the entire owl session
From upstream.
I'll apply and upload.
ticket: 5545
If no salt is included with the key data, set the salt length field to 0.
Bug report and patch from Nalin Dahyabhai.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Version: 1.6.dfsg.1-6
Thanks for your report.
This issue will be fixed in the upcoming lenny release and has already been
fixed in testing and unstable.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi. I've added your translations; they are certainly new and
appreciated. However they are slightly out of date. I've attached
sv.po after running dbeconf-updatepo against the latest release in
unstable. If you get a chance to supply additional updates,please do
so on a new bug.
sv.po
package: duplicity
severity: important
tags: security
Version: 0.4.10-1
The boto class in backends.py requires that AWS_ACCESS_KEY_ID and
AWS_SECRET_ACCESS_KEY be set. However python-boto is perfectly happy
to read these values out of ~/.boto.
The process environment is public; setting
Alexander == Alexander Zangerl [EMAIL PROTECTED] writes:
Alexander severity 480417 normal tags 480417 = pending thanks
Alexander On Fri, 09 May 2008 17:25:24 -0400, Sam Hartman writes:
The process environment is public;
Alexander that's not correct. (are you maybe mixing
It seems like either a blank tty name should be allowed or things like
atd should not include common-account.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
tags 291498 pending
thanks
Thanks much.
Fixed in my svn and in the next upload.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Ah, okay, thank you for the information. I didn't realize
Russ that that flag did the equivalent of setting the file
Russ descriptor non-blocking; I thought it only affected the open
Russ itself. That's a good thing to learn.
You sent me a templates.pot not a de.po.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
[EMAIL PROTECTED] has been doing most of the pam maintinance lately.
I'd rather you run your fix by him.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Does turning on fakeroot and fakestat help with this?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Sam, do you know what parts of kadmind use the random number
Russ generator? Is it sufficient for security to seed the random
Russ number generator before the first client connection is
Russ handled, or does it have to be done
package: rdiff-backup
I tried backing up my home directory onta a vfat filesystem.
rdiff-backup seems like it has quoted chararacter support that should
have dealt with this. However there was a file in my home directory
with multiple * characters in the name. Only one of these was quoted.
So
Russ == Russ Allbery [EMAIL PROTECTED] writes:
Russ Ryan Murray [EMAIL PROTECTED] writes:
Russ I'm working on this for unstable right now by converting the
Russ init scripts to use LSB.
Russ Once I finish that, I'll look at producing a new version for
Russ stable.
So, I'd
If this patch works at all, it should be fine.
I'd recommend a minor fix to the security patch if you are doing a stable
update:
r18438 | tlyu | 2006-08-15 15:27:08 -0400 (Tue, 15 Aug 2006) | 6 lines
ticket: 4137
Hi.
Kerberos 1.5 does include support for doing this although it is not
available all the places you would like it to be.
So I'll close this when Debian upgrades to 1.5.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: gnopernicus
Version: 1.0.5-1
Severity: serious
luminous:/usr/lib# srcore
srcore: error while loading shared libraries: libgnome-mag.so.2: cannot open
shared object file: No such file or directory
I think that libgnome-mag2 is too loose of a dependency.
Also, I cannot find which version
severity 395015 normal
thanks
Other people are not seeing this; I seriously doubt it is grave.
Make sure your openafs kernel module and openafs-client package are
both upgraded to 1.4.2-2
Try that.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
: #477296
# -- Sam Hartman hartm...@debian.org Wed, 22 Apr 2009 09:53:15 -0400
#
package krb5-user libkrb5-dbg krb5-kdc krb5-rsh-server krb5-ftpd krb5-doc
libkadm5srv6 krb5 krb5-admin-server libk5crypto3 krb5-kdc-ldap libkrb5-dev
krb5-pkinit libkadm5clnt6 krb5-clients libkdb5-4 krb5-telnetd
# Automatically generated email from bts, devscripts version 2.10.35lenny1
# via tagpending
#
# krb5 (1.7~beta1+dfsg-1) experimental; urgency=low
#
# * New upstream release
#- kadmin and related commands moved to /usr/bin, Closes: #477296
#- Kadmin headers are Public: Closes: #191616
#
Can you try turning off delegated credentials? GSSAPIDelegateCreds no
in your client config? This is a shot in the dark, but I don't think
I've ever seen a problem with the authenticator path once the ticket is
decrypted. There is a first for everything, but the delegation path is
more fragile.
There's a #kerberos?
Who knew!
So, I'd like to confirm.
You have a Mac OS Open Directory KDC and a lenny client.
When you authenticate to a squeeze server you get authdata verification
failure?
Have you failed to try authentication from squeeze to squeeze or does
that also fail?
--
To
Hi. At today's release meeting, MIT indicated that they are going to
set up an OSX X test environment to reproduce this problem. They will
also look into whether we can ignore the PAC and remove it from the
authdata if it fails to verify rather than failing the authentication.
There was
This patch looks reasonable. I have not confirmed that successfully
makes the PAC disappear, but if you've examined the logic there I'm
happy to assume it does.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Hi.
I believe this has been fixed and is no longer a bug in squeeze.
I'd appreciate any comments you have about whether this is still an
issue in squeeze.
I'm skeptical that this issue is something that should be fixed in lenny
this close to the squeeze release. I do agree it's a bug and a
Russ == Russ Allbery r...@debian.org writes:
Russ Ferenc Wagner wf...@niif.hu writes:
It looks like our squeeze branch misses the merge of
bug/unlink-pidfile. Nor was upstream/2.3.1+dfsg merged into that
bugfix branch... As things stand, our master branch has the fix
Can you give me tcpdumhp capture of the entire DNS packets for both a
working and non-working case?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi. I'm just wondering what plans are for buildbot 0.8 packaging? It
would be really nice to get better git support. I can point to specific
upstream patches to be backported, or if there's going to be movement on this
bug now that squeeze has released, perhaps that's unnecessary.
P.S.
OK, thanks for the confirmation.
I'll now work on squeeze.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
package: sbuild
version: 0.60.7-1
severity: normal
When --setup-hook was implemented in terms of --chroot-setup-commands,
the user it is run as changed. Previously it was run as root; now it is
run as the build user.
That's problematic because there no longer seems to be a way a to run
commands
severity 616429 serious
thanks
I'll definitely apply this to stable.
I do not plan to update oldstable for this although would not object if
someone wanted to do the work to make that possible.
(I suspect there's not actually a process for doing so though)
--Sam
pgpKQ4SIHt1UX.pgp
Package: krb5
Version: 1.8.3+dfsg-4
Severity: serious
Justification: justification of maintainer
-- System Information:
Debian Release: squeeze/sid
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'testing'), (101, 'unstable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Package: apt
Version: 0.8.8
Severity: normal
Hi.
The apt-get man page points out that users should use a frontend and lists
several, starting with dselect.
A friend was asking me to help clean up the mess that resulted because he
followed that recommendation.
It's way to easy to convince
Hi. One of the things I like about Debian is that you can report bugs
and over time they actually get fixed. I like the power as a user of
being able to say hey this isn't working for me, and to actually
believe that eventually there's a good chance you'll make a difference.
(Obviously it's great
package: libk5crypto3
severity: serious
version: 1.8+dfsg~alpha1-1
justification: huge mess for lenny-squeeze
Adrian Zaugg noticed that if you install libk5crypto3 from unstable with
libkrb53 from lenny, nothing works. In particular, the internal symbol
krb5_hmac disappeared.
The obvious and
Hi. Hi, I don't have enough time to dig into the Samba code, but I'm
happy to help interface with the MIT Kerberos team on this issue.
A couple of points. First, 1.8 is in alpha test. Etienne's assumption
that upstream is aware of the consequences of their changes is false.
Upstream
Andreas == Andreas Barth a...@not.so.argh.org writes:
Andreas About the bug itself: How about e.g. adding an transition
Andreas package libkrb53 to unstable which depends on libk5crypto
Andreas and also libk5crypto breaks the lenny libkrb53. That
Andreas together would makes sure
reassign 557929 libkrb5-3
found 557929 libkrb5-3/1.8+dfsg~alpha1-1
severity 557929 serious
retitle 557929 set_default_enctype_var should filter weak enctypes not reject
on weak enctype
tags 557929 upstream, confirmed
thanks
Steve pointed out that libkrb5-3 does not act as I describe In
reassign 566977 libkrb5-3
found 566977 libkrb5-3/1.8+dfsg~alpha1-1
severity 566977 serious
retitle 566977 set_default_enctype_var should filter weak enctypes not reject
on weak enctype
tags 566977 upstream, confirmed
thanks
Steve pointed out that libkrb5-3 does not act as I describe In
reassign 557929 libk5crypto3
retitle 557929 libk5crypto3 - Replaces libkrb53 but nothing depends on
it
tags 557929 -upstream
thanks
Aaargh.
sent to wrong bug.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
So, something has changed in dpkg-gensymbols. encrypted_challenge.so
is a plugin, not a library. Previously, it was not listed nor
expected in the symbols file.
I think that's the correct behavior.
I do not think it would be desirable to move this plugin into another package.
I realize it's not
Actually, I suspect that the shared library build command is coming
from src/config/lib.in and is being substutited into the Makefile. I don't see
anything specific to shared library builds .
I'm honestly not sure that what upstream is doing is *wrong*. It's
*strange* and I can probably change
Zahari == Zahari Zahariev zahari.zahar...@gmail.com writes:
Zahari Hello, I am trying to set up Kerberos server on Debian in
Zahari VirtualBox. When I am trying to run krb5_newrealm and it
Zahari hangs!
Getting sufficient random data for virtualization software is tricky.
I'd
) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Implement heimdal-multidev package to provide set of headers and
+libraries that can be installed along-side MIT Kerberos Development
+files
+
+ -- Sam Hartman hartm...@debian.org Sat, 25 Jul 2009 13:35:51 -0400
+
heimdal (1.2.e1
Sorry, I broke the last patch fixing a cosmetic issue reported by Russ.
I will retest and fix.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
severity: serious
tags: security
package: libpam-runtime
Version: 1.0.1-6
Even with the changes committed for 1.0.1-10, enabling only profiles
like consolekit that provide no authentication option leave the system
accepting any password.
I realize this is messy in the code, but I think we need
Honestly I'd rather think about fixing it than argue about bug
severities. I would probably have treated all of these as
grave/critical, but I don't care much.
As far as I can tell, the bug severity doesn't matter much:
1) They are all in testing already
2) We agree they want to be fixed
3) We
Luca == Luca Monducci luca...@tiscali.it writes:
Luca Hello, I received a late feedback from one of proofreader.
Luca Could you please add the attache translation instead of
Luca previuops one?
Sure thing, done.
--
To UNSUBSCRIBE, email to
This is a known problem.
Unfortunately, it looks like neither upstream nor I will have time to
investigate it. As krb524d has been removed from current krb5 releases,
it is unlikely to be resolved.
A There seems to be a related, much slower leak having to do with
krb5-kdc and ldap. That does
I'll add a conflicts for now. Are you running into a case where you'd
actually like to have both libraries installed at the same time?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Russ == Russ Allbery r...@debian.org writes:
Russ Sam Hartman hartm...@debian.org writes:
I'll add a conflicts for now. Are you running into a case where
you'd actually like to have both libraries installed at the same
time?
Russ I will definitely need to be able
Hi. I'm going to add a conflicts for now, although it sounds like this
needs an upstream fix.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Can I get you to try adding allow_weak_crypto = true to the libdefaults
sections of /etc/krb5.conf? If that fixes your problem, then this is
not a bug.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Russ == Russ Allbery r...@debian.org writes:
Russ Vasilis Vasaitis v.vasai...@sms.ed.ac.uk writes:
However, IMHO this is an unsatisfactory solution. Packages should
ideally work correctly with their default settings, and therefore
having each person that needs openafs-krb5
For AS requests it definitely is a security issue.
For TGS it is less of an issue and may not be an issue at all. The case
I'm still pondering is the cross-realm case.
Perhaps we should backport the API from Heimdal.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with
Sadly, given the MIT implementation porting that API for 1.8 would be
kind of tricky. The bit about whether something is weak is not stored
per-context.
I guess we should discuss on krbdev.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe.
Ralf == Ralf Treinen trei...@free.fr writes:
Ralf Hi, sorry for the double submission (I should just have
Ralf reopenend the old bug report Bug#564666). I thought that I had
Ralf seen that bug before but couldn't find it since it was
Ralf assigned to a different package, and
Thomas == Thomas Bushnell BSG t...@becket.net writes:
Thomas This bug was propagated to the *stable* release because of
Thomas the recent (minor) security issue.
Thomas, I'm having a hard time substantiating this claim.
According to my rmadison:
krb5 | 1.6.dfsg.4~beta1-5lenny2 |
No, I'm not entirely sure what's going on there, but conflicts or breaks
is the right relationship.
I'd expect that libkadm5srv6 would go away and be replaced by
libkadm5srv7.
Try explicitly installing that.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject
Here are my thoughts.
1) There are things we could choose to do in krb5-config to make things
better for Debian.
I made one proposal. It's not clear that's necessary though.
2) Either upstream or in a Debian-specific API to be removed in the
future--I.E. something not in a public header--we
This issue was a major focus of discussion at today's release meeting
for MIT Kerberos upstream.
The consortium plans to:
1) Introduce a new API to enable weak crypto for a given context.
This API will not be the same as the Heimdal API for implementation
complexity reasons.
2) Look into
severity 566223 normal
thanks
The problem is your config file is wrong.
Remove the enctype lines you added and add
allow_weak_crypto = true
as described in /usr/share/doc/libkrb5-3/NEWS.debian.gz
There is a bug that if one of the enctype lists is empty, kinit
segfaults. We'll get that fixed,
package: wnpp
severity: wishlist
owner: hartm...@debian.org
name: krb5-appl
URL: http://web.mit.edu/kerberos/dist/krb5-appl
License: MIT Kerberos license
(roughly MIT license plus a requirement that if you modify the
software you must mark it as modified)
description: Contains fairly
I guess the question is whether there are any significant changes in
common-password that need to be merged in or whether it is OK for new
systems to get the new file and old systems not to.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe.
Are you using LDAP for nss in /etc/nsswitch.conf?
This sounds more like an NSS or Kerberos issue than a PAM issue.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi. I wanted to give an update here. It turns out that you don't
want to install the .la files in heimdal-multidev because libtool
really doesn't deal at all well with the .la and .so.x.y living in
different directories.
So, I'm leaving the .la files in heimdal-dev and the .so and .a files
in
Thanks. Sloppiness on my part in dealing with build-depends; will
update and re-upload.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Another area the patch needs to cover is repointing the .so symlinks
to /usr/lib instead of /usr/lib/heimdal.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Marc == Marc Dequènes (Duck) d...@duckcorp.org writes:
Marc Coin, In fact, the patch is mostly identical to the previous
Marc one, just added 3 very small chunks to solve the same thing
Marc as the previous patch. It is a fix because PATH_MAX,
Marc MAXHOSTNAMELEN, and MAXPATHLEN
Aleksandar == Aleksandar Kostadinov ava...@friendofpooh.com writes:
Aleksandar It is in the form kdc = host:port just like the
Aleksandar standard entries in the file. This is the same as on
Aleksandar the fedora system which is actually a virtualbox VM
Aleksandar (with vbox nat
Thanks for the updated patch. I noticed you dropped the pthread hunk;
I'm assuming that is either not needed or you'll open a separate bug
on that issue.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Can I get you to make sure you have krb5-user installed,
kinit -c KEYRING:blah principal_name_goes_here
and start firefox with the KRB5CCNAME environment variable set to KEYRING:blah
(to confirm you're using the keyring cache, probably doing a kdestroy
on your normal tickets would be good)
What
I've forwarded your latest message to upstream.
One advantage of the keyring cache is that it completely isolates the
file system for ticket caching.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
package: owl
Version: 2.1.11-2
severity: grave
Tags: security
Justification: cve-2009-0363
zwrite.c and zcrypt.c contain multiple buffer overflows in calls to sprintf
that appear to be remotely exploitable.
Please see the patch to barnowl 1.0.1-4 for a minimal set of changes that we
needs PERL_SYS_INIT3()
It has been closed by Sam Hartman hartm...@debian.org.
Changes: barnowl (1.0.5-1) unstable; urgency=high . * New
upstream release * Fix use of sprintf in zwrite.c and zcrypt.c
that is likely to be exploitable * Enable fortify_source and
stack
Does the code fail if you dpkg-reconfigure and tell krb5-config that
you are using DNS? My view is that the authoritative state for
whether you are using DNS (or more precisely whether you want your
kdcs in krb5.conf) lives in debconf and if you change that state, you
should run dpkg-reconfigure.
severity 510419 normal
thanks
Please write up an explanation of what you think is wrong and why with
explicit citations to policy.
Once you provide enough detail, I'll consider whether this is RC or
not. I understand you've already convinced Russ, but it is entirely
non-obvious to me.
--
As best I can tell these symbols were only ever available with the
KRB5_PRIVATE preprocessor define set in the compilation environment.
Symbols made available by the KRB5_PRIVATE symbol are not part of the
public ABI/API of the krb5 libraries. They may be renamed, removed,
arguments changed
This is strange. So, the reverse resolution behavior is intentional
(and highly broken--it's a long story) but can be disable by setting
rdns=true in the libdefaults section of krb5.conf.
Gss calls gss_import_name (lib/gssapi/krb5/import_name.c) and that
calls krb5_sname_to_principal
package: krb5-config
Version: 1.23
severity: wishlist
MIT Kerberos 1.7 and some recent version of Heimdal support a consistent config
file option to disable weak encryption types like des and rc4-56.
Please implement this option for Debian.
--
To UNSUBSCRIBE, email to
package: tzc
severity: grave
version: 2.6.15-5
Hi. tzc depends on libzephyr3 which is no longer present in unstable.
This is blocking the zephyr transition, which is blocking the removal
of libkrb53 from testing.
I plan to schedule an NMU for 4 days from now using the delayed queue.
I'll attach
Package: owl
Version: 2.2.2-1
Severity: grave
Justification: renders package unusable
Hi. Owl depends on libzephyr3 which is no longer in unstable. This
is blocking the zephyr transition which is blocking the removal of
libkrb53 from testing. I'll schedule an NMU through the delayed queue
I will send a diff when I schedule the NMU.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
-2.6.15/debian/changelog
@@ -1,3 +1,11 @@
+tzc (2.6.15-5.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Build depend on zephyr 3.0, indicating a transition from krb4 to krb5
+zephyr, Closes: #538052
+
+ -- Sam Hartman hartm...@debian.org Thu, 23 Jul 2009 07:42:27 -0400
+
tzc
=low
+
+ * Non-maintainer upload.
+ * Build depend on libzephyr-dev = 3.0; this indicates a transition from
+krb4-based zephyr to krb5-based zephyr, Closes: #538053
+
+ -- Sam Hartman hartm...@debian.org Thu, 23 Jul 2009 07:37:06 -0400
+
owl (2.2.2-1) unstable; urgency=low
* New upstream
Package: devscripts
Version: 2.10.52
Severity: normal
File: /usr/bin/nmudiff
I filed two nmudiffs; despite DEB_EMAIL being set, it was not used for my from
address.
I had mutt installed.
-- Package-specific info:
--- /etc/devscripts.conf ---
--- ~/.devscripts ---
Not present
-- System
I'm terribly sorry.
hartm...@live:sid(140) env |grep -i email
debemail=hartm...@debian.org
However I was using mutt not sendmail.
Is DEBEMAIL expected to be ignored in the mutt case?
If so, why?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of
Ah. I specifically installed mutt only because nmudiff seemed to
imply I'd be happy with it than without.
I don't use mutt.
This may be a doc issue.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
source: krb5
source-version: 1.8.1+dfsg-2
Quoting /usr/share/doc/libkrb5-3/NEWS.debian.gz:
krb5 (1.8+dfsg~alpha1-1) unstable; urgency=low
This version of MIT Kerberos disables DES and 56-bit RC4 by default.
These encryption types are generally regarded as weak; defeating them
is well
Andreas == Andreas B Mundt andi.mu...@web.de writes:
Andreas If, for some reason, it is not desired to change the boot
Andreas ordering for kdc in general, there should be a correct
Andreas ordering as soon as you install krb5-kdc-ldap.
This is messy. The problem is that you might
OK.
This sounds good.
Will get to it in my next upload if Russ doesn't get there first.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi. I had totally missed this bug being opened. I definitely think we
can address it in the next update. I'm really sorry about this.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
It would be very interesting to see whether this happens with the kdc in
testing (1.8~alpha1-7). There is a particular change introduced in
1.8+dfsg-1.1 that might be the problem (although I doubt it).
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of
101 - 200 of 1322 matches
Mail list logo