I'll talk to upstream about this.
It does seem that man pages like .netrc etc are without the leading dot.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Excellent.
I was waiting for that to go out before talking to SRM about an upload.
I'll include the patch into -6 and talk to debian-release.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Wagner == Wagner Bruna wbr...@yahoo.com writes:
Wagner Could you please add the fix for 611906 to stable? I saw
Wagner http://lists.debian.org/debian-release/2011/03/msg00380.html
Wagner but no further follow-ups.
I'm sorry, I've been swamped.
I'll try to push this up the stack
OK, so your concern is that in lenny, kadmin didn't even try v6, so the
record didn't break anything but in squeeze, you're seeing a
problem because it's trying to use the record?
If so that's really annoying, but is something we can look into fixing.
Both lenny and squeeze should
I don't have time to review the patch but I can talk about anonymous and
fast.
Remember that for 1.9, anonymous requires you have a trust anchor and
can verify the KDC's certificate. RFc 6112 does talk about a mode where
neither side has a key, but that's not implemented yet and will require
package: libgssglue-dev
severity: serious
justification: package breaks nfs-utils build
version: 0.2-2
Hi, Kevin and Debian maintainers:
In an upcoming release, MIT has started adopting the new GSS-API type
names at the top of page 12 of RFC 5587.
For a variety of reasons, I pulled this
Luk == Luk Claes l...@debian.org writes:
Luk On 06/06/2011 05:37 PM, Alberto Gonzalez Iniesta wrote:
Adding the following line in the [libdefaults] section of
/etc/krb5.conf fixed the problem for me (tm), probably not the
best solution, but works: permitted_enctypes =
reassign 629692 libgssglue-dev
merge 629692 629553
thanks
This is a libgssglue-dev bug; it's incompatible with RFC 5587 and
partially replaces one of libkrb5-dev's headers.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Hi.
I was missing some context here.
My suspicion is that things will work
if you add
permitted_enctypes = des-cbc-crc
default_tgs_enctypes = des-cbc-crc
to the configuration of the nfs server
And make sure that the nfs principal on the NFS server has nothing but a
des-cbc-crc key in the KDC
OK, I have no clue nor really any interest in debugging DES.
There is a real bug here introduced in krb5 1.7 which added enctype
negotiation . I'd expect that to create some problems for sid clients
talking to squeeze servers. There's a solution to that which involves
backporting the nfs-utils
Here's the MIT diff that introduces the types:
commit 21479bb4df589793a4fc25aedb59d599043eb95b
Author: lhoward lhoward@dc483132-0cff-0310-8789-dd5450dbe970
Date: Sun Apr 3 08:02:53 2011 +
Use RFC 5587 const types for draft-josefsson-gss-capsulate APIs
git-svn-id:
Hi.
Current KDCs actually support a better option than DNS-based referrals.
A KDC can issue a referral indicating what realm a host lives in. The
MIT and microsoft KDCs definitely support this. I believe this was
added to MIt in 1.8 or possible 1.7; Microsoft has always had it.
The client
One significant issue I have is that I believe with the dns-based
option, the less secure DNS-based approach is preferred to the
referrals. Automating the process of populating the referrals data on
the KDCs would give you a much more secure result.
There's a lot to be said for having all code
tags 621726 confirmed security upstream
thanks
I guess it's good that I'm in the middle of a patch release for krb5
denial of service issues or something.
Thanks for the report and sorry about the embarrassment.
Reported upstream
--
To UNSUBSCRIBE, email to
Any reason to keep the entry around at all?
We could just drop it and depend on SRV records.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
tags 613487 security
severity 613487 serious
thanks
Security team, I believe I forwarded these to you on January 10. These
are relatively low priority. Are you going to issue a DSA or do you just
want me to prepare a stable update and go through debian-release? Both
of these affect non-default
OK, I'll go ahead and prepare a point update.
Thanks for the response.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
How many requests do port 88 do you see?
Are most of them tgs requests?
I think you may have given a clue to what's going on.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Jelmer == Jelmer Vernooij jel...@debian.org writes:
Jelmer Package: krb5-multidev Version: 1.9.1+dfsg-1ubuntu1
Jelmer Severity: wishlist
Jelmer Please include krb5-config in krb5-multidev (with a
Jelmer different name to prevent conflicts, perhaps
Jelmer
Hi.
I'm planning on getting to this issue Sunday.
If someone wants to NMU before then they are welcome.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi.
I'm reallly sorry for uploading this directly.
I attempted and apparently failed to upload to delayed.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi. I was at a bug squashing party this week and Geoff and I spent some time
with this bug.
As best we can tell pam_authenticate is called by /usr/bin/kdm not
some slave as in gdm3.
kdm does support a reload target.
However we were not able to get kdm to work correctly when we logged
out of
Adam == Adam D Barratt a...@adam-barratt.org.uk writes:
Adam The krb5 package was uploaded and I've (somewhat belatedly)
Adam marked it for acceptance at the next dinstall. What's the
Adam status of the nfs-utils upload?
My guess is they were waiting for krb5.
Remember they have
Hi. I'm sorry.
I've been busier than expected.
As mentioned, a 0-day NMU would be fine with me.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
I uploaded Geoff's patch to delayed/4
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
package: krb5
source-version: 1.9+dfsg-2
The multiarch patch causes krb5-config to omit -L/usr/lib/x86_64-linux-gnu etc.
That's wrong.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
force-merge 643027 642229
thanks
Steve, I noticed this the other day too.
Will fix.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
If I get an ack from SRM i'll do the krb5 upload.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Philipp == Philipp Kern pk...@debian.org writes:
Philipp On Mon, Aug 01, 2011 at 01:34:34AM -0700, Steve Langasek wrote:
On Tue, Jul 19, 2011 at 05:42:34PM -0400, Sam Hartman wrote:
I don't have checkouts handy, but my strong suspicion is that if
someone is now passing
I expect to get to the krb5 package in a day or so. I expect nfs-utils
will want to up its build-depends on krb5 to 1.8.3+dfsg-4squeeze2
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
What's the ticket lifetime on krbtgt/REALM@REALM?
I think that may also limit things.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
It should be fixed in unstable by actually supporting the new enctypes.
While ncice, that rather misses the point.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi. Thanks for all your great work on multi-arch. This looks good and
I will apply and upload in my next upload.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Yes! When that build-depends was added, I don't think linux-any was an
option.
I'm definitely happy to move to a saner model and will bring this along.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Steve == Steve Langasek vor...@debian.org writes:
Steve Hi Sam, I've also run into this bug, in the context of
Steve preparing to update nfs-utils in Ubuntu for IPv6 support. My
Steve NFS server is running squeeze, and updating causes the client
Steve and server to fail to
I don't have checkouts handy, but my strong suspicion is that if someone
is now passing in GSS_C_NT_HOSTBASED_SERVICE into gssd_acquire_cred and
there isn't an argument slot, you can leave it off.
gss_c_nt_hostbased_service has always been the default for gssd.
--
To UNSUBSCRIBE, email to
package: live-build
severity: normal
version: 3.0~a47-1
I'm building an image with --debian-installer=live
If my d-i distribution is daily and my main distribution is wheezy then
it fails to have a package list in
config/package-lists/*.lists{.binary}.
elHere's what seems to happen
package: live-installer
severity: normal
If the live system includes the freeradius package, it fails to start
freeradius because /var/log/freeradius fails to exist. As best I can
tell something in the installer is clobbering /var/log because it's
missing a lot of directories and files present
OK. This is a bit of a long-shot and I apologize if the descriptino is
insufficient.
There's a package krb5-gss-samples which includes a gss-client and
gss-server program.
you start gss-server like
KRB5_KTNAME=/etc/krb5.keytab gss-server service@hostname
where service is something like host
package: libgssapi-krb5-2
severity: important
version: 1.8
There's no useful way to package up GSS-API mechanisms. The mechglue
reads a config file /usr/etc/gss/mech. This is bogus on the face because
it's not FHS-compatible. (This is non-RC because the file is not shipped
with the package)
Honestly, the conditions involved are rare enough I don't think this is
worth fixing for squeeze. If you want to prepare a fix it's a fairly
easy patch linked from the MIT advisory. However I'd suggest that we
wait until a single user running squeeze comes forward and confirms they
are running
Joao == Joao Ricardo Sares Teles de Matos joao.ma...@rnl.ist.utl.pt
writes:
Joao Package: krb5-user Version: 1.8.3+dfsg-4squeeze1 Severity:
Joao normal Tags: upstream
Joao kinit seems to completely ignore the appdefaults section in
Joao krb5.conf None of the following
Rob == Rob Naccarato r...@naccy.org writes:
Rob This doesn't appear to be fixed to me. I get the same
Rob problems. I have even installed backported kernel
Rob (2.6.39-bpo.2-amd64) and nfs-utils (1:1.2.4-1~bpo60+1) and I
Rob still get these:
This requires fixes in krb5 and
I'm still confused why recommends doesn't work for everyone.
I understand that the Gnome maintainers want N-M installed by default.
Except I think recommends gets you that.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Don, in your option 4B, I wonder if it would be a good idea to have the
depend be something like g-n-m|wicd|no-network-manager
ANd have an empty extra package that users can install if they really
want neither n-m or wicd?
While I don't get a vote, I think that would be a reasonable option if
package: wnpp
severity: wishlist
URL: https://fedorahosted.org/libverto/
Description: libverto provides a common interface on top of libev, libevent,
glib, tevent.
The goal is to allow development of asynchronous libraries that will work
with whatever event loop an application happens to be
package: wnpp
severity: wishlist
URL: libradsec branch of http://www.project-moonshot.org/gitweb/radsecproxy.git
URL2: http://software.uninett.no/radsecproxy/
Description: libradsec is a library for RADIUS clients and servers
This library features support for RADSEC (RADIUS over TLS/DTLS) as
Faidon == Faidon Liambotis parav...@debian.org writes:
Faidon Hi Sam, Hope you're well.
Faidon Are you planning on putting the packaging efforts for this
Faidon on git somewhere (e.g. collab-maint?). If so, I'd be happy
Faidon to contribute, if help is needed, either now or when
OK, so I had not looked at what this does on win32. I think any
criticism you have of the libverto win32 interface is probably valid.
Fortunately I don't think that's being used.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble?
source: krb5
source-version: 1.8.3+dfsg-4squeeze6
I expect the security team will be issuing a DSA within a couple of
days.
Also, for unstable, fixed in 1.10.1+dfsg-2
The uploads happened before you opened the bug so they are not reflected
in the changelog.
Note that squeeze is vulnerable only
Ian, I consider myself an uninvolved party in this matter; I don't
really want network-manager installed on my systems, but I'm not
particularly keyed up about it.
I'm not on the TC.
I have been following the issue enough to have an opinion.
I'm reasonably good at process issues, and think I
Ian == Ian Jackson ijack...@chiark.greenend.org.uk writes:
Hi.
I'm very pleased that you took the time to write a thoughtful response
to my message.
I appreciate that you're trying to work with me even though the
situation is frustrating and you feel under pressure to work towards the
solution
package: libgssapi-krb5-2
severity: grave
version: 1.7
justification: breaks unrelated packages
During process exit, the gss-api library dlcloses each plugin it has
loaded.
Unfortunately, many of those plugins have a link-time dependency on the
gss-api library.
This means there is a cycle in the
severity 687647 serious
thanks
justification: In my opinion as maintainer it would be strongly
desirable to release with this security fix in place
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
, Closes: #693741
-- Sam Hartman hartm...@debian.org Mon, 19 Nov 2012 17:35:04 -0500
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
tags 684597 moreinfo
severity 684597 importantthanks
I don't see this and don't know how to reproduce.
It would be valuable to understand where it's failing creating the TCP
endpoint. So, for example seeing the last thing it's doing from strace
or alternatively doing a noopt nostrip build and
OK.
Can you check whether upgrading libgssrpc4 fixes your problem?
If so, then the fix for wheezy is probably to have a more strict
dependency.
We'll obviously want to talk to upstream about what's going on here.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a
Hi. I'll fix the bug. I'll be taking a different approach. The
debian/rules is intended to work with or without a new dpkg-buildflags.
Your patch removes that support (which is actually broken in the current
debian/rules)
-D_Reentrant is no longer needed.
But thanks for letting me know I broke
Hi. I believe the next upload fixes this.
I do have a question though.
Is there a way to change hardening config with dpkg-buildflags style
rules files?
Say I want to enable pie for some of the krb5 executables.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a
tags 658514 confirmed
thanks
OK. This change appears to have been introduced in 1.10.
Obviously we'll fix.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi.
Your pointer wasn't very useful.
It was a pointer to examples of circular dependencies, not what breaks
on upgrades, so it was not useful for me in trying to balance problems
potentially created by the circular dependency against potential
solutions.
Do you have any suggestions on how to
Bill == Bill Allombert bill.allomb...@math.u-bordeaux1.fr writes:
Bill On Tue, Nov 29, 2011 at 10:42:13AM -0500, Sam Hartman wrote:
Do you have any suggestions on how to deal with it in this case?
libverto-glib1 and libverto-libev1 are basically plugins into
libverto
reassign 650541 libsmbclient
retitle 650541 libsmbclient uses internal symbol krb5_locate_kdc
found 650541 libsmbclient/2:3.6.1-2
thanks
Hi.
krb5_locate_kdc was not a public symbol.
It was not available in krb5.h without defining KRB5_PRIVATE.
I'm not sure whether it was available with
Hi.
It looks like a simple rebuild of samba will fix this; see the ongoing
discussion on
http://bugs.debian.org/650541
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
It looks like there is already a configure test. So, if we up the
dependency on libkrb5-dev to make sure that we get a version that will
not contain the symbol and rebuild, it looks like it will all be fine.
Assuming that when I try that it works, shall I NMU? If so, do you want
it to delayed or
Please install libkrb5-dbg and gdb.
Then, run something like
gdb --args ssh hostname
at the gdb prompt
type run
when it segfaults
run
bt full
and include all the output that produces in this bug.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of
package: krb5-kdc
severity: important
version: 1.9.1+dfsg-1
tags: security
---BeginMessage---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
MITKRB5-SA-2011-007
MIT krb5 Security Advisory 2011-007
Original release: 2011-12-06
Last update: 2011-12-06
Topic: KDC null pointer dereference in TGS
Add to the list xmltooling.
Strace looks like
access(/build/hartmans-xmltooling_1.5+dfsg~moonshot1-2-amd64-ZxBtbA/xmltooling-
1.5+dfsg~moonshot1/typeinfo, F_OK) = -1 ENOENT (No such file or directory)
access(., F_OK) = 0
lstat(., {st_mode=S_IFDIR|0755, st_size=4096,
Well, I've taken a bit of a look at python-event. Unfortunately, it
looks like it simply doesn't support libevent2. It seems to dig into
the bufferevent structs a lot in ways that have changed between libevent
1.x and 2.x. There was a release this year after a several year gap,
but as far as I
1) As you guess sessions schroots don't work because you always try to begin a
session.
2) --add-depends is great if I want to add a dependency. In my case
though I'm building a set of related packages triggered by buildbot
and I want to make previous build results available to other sbuild
package: curl
severity: grave
version: 7.23.1-2
curl: relocation error: curl: symbol curl_dostrdup, version CURL_OPENSSL_3 not d
efined in file libcurl.so.4 with link time reference
I have libcurl3 Version: 7.21.3-1
Upgrading libcurl3 fixes things, but the shlibs
So far it sounds like this affects one user and is hard for others to reproduce.
I'm wondering if this is really RC? (I'd like to see the new krb5 get into
testing and samba has to migrate first. I'm not sure what besides this bug is
holding it back, possibly it's moot because of transition
Package: dpkg-dev
Version: 1.16.1.2
Severity: normal
based on the man page if I run dpkg-source --commit . patch_name foo.patch
I'd expect that the original tarball would not be needed.
As far as I can tell the program seems to actually ignore the third argument
and tries to build the diff
Sure.
After looking at this more, it appears to be a doc bug.
1) I had assumed that the third argument to dpkg-source --comit was
relative to the current directory.
It seems not to be and unless I give an absolute path it doesn't work
2) If the patch is not found rather than giving an error
Moritz == Moritz Mühlenhoff j...@inutil.org writes:
Moritz On Thu, Dec 29, 2011 at 01:03:51AM +0100, Moritz Muehlenhoff wrote:
Package: barnowl Version: 1.6.2-1.1 Severity: important Tags:
patch
Please enable hardened build flags for barnowl. dh does inject
them
If you or someone else wants to NMU a solution to this, be my guest.
I'd recommend uploading without delay.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
package: libespeak1
version: 1.43.03-2
tags: patch, upstream
severity: important
Hi. I noticed that espeak as an emacspeak speech server is basically
unusable if you're using pulse, which is kind of the default
configuration in wheezy.
This made my accessibility experience quite difficult.
You
Here's what is going on here.
1) if pulseaudio is started as a given user then only that user will be
able to access the audio device.
2) by default if an application tries to use pulse and it's not running,
then pulse will start as that user.
3) If something starts speech-dispatcher at
package: speech-dispatcher
version: 0.7.1-6.2
severity: important
tags: upstream
The espeak module of speech-dispatcher leaves the audio open the entire
time the module is running.
This has amazingly bad consequences for accessibility situations
especially with gnome and gdm, although I suspect
Hi.
I'm no longer convinced my patch helps things, nor that I understood the
root cause of the problem.
I'm quite convinced that under pulseaudio, speech is getting chopped.
But, I'm noticing that it's actually using alsa (presumably via
portaudio) and pulse via that, rather than the direct pulse
There are reasons that the krb5 upstream build does not include static
libs.
The main problem is that more and more krb5 depends on plugins for
various things.
As an example, preauthentication, KDC location,' GSS-API mechanisms all
support plugins.
In the krb5 in wheezy, you cannot request FAST
I assume this goes back to squeeze as well.
Shouldn't the severity be higher? This seems probably worth a DSA
because such ping-pong attacks can really be bad for a network/server.
Or am I missing mittigations?
I'd be happy to work on packages.
--
To UNSUBSCRIBE, email to
severity 708267 serious
tags 708267 security
found 708267 krb5-admin-server/1.8.3+dfsg-4
thanks
Yeah, sounds like an advisory to me.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Benjamin == Benjamin Kaduk ka...@mit.edu writes:
Benjamin I have a patch staged in my local checkout of the
Benjamin packaging, but need to settle out some (apparent)
Benjamin multiarch issues on my jessie machine before I can install
Benjamin the resulting binaries for testing.
I don't think there's a way to make any changes for this issue in
wheezy.
I understand that you are disappointed because you'd like to use your
local packages.
Debian's policy is to support transitions for one release. That's why
libkrb53 is a dummy package in squeeze; it does nothing there.
control: affects -1 krb5
Hi.
I'm trying to get a security update of krb5 into sid, and this issue is
breaking that build.
I'm not thrilled at the concept of making significant documentation changes to
the upstream docs in order to get this to build.
--Sam
--
To UNSUBSCRIBE, email to
My recommendation is that we talk to the security team.
The biggest disadvantage of all these static libs running around is the
number of packages they need to do security updates for.
We could ask them about whether it's better to have:
1) no static aide
2) a static libcurl with less
I'd strongly recommend making this bug sevirity serious.
I don't think we want to be unable to build a bunch of stuff in testing.
--Sam
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
The concern I have is that I'd like to upload a very small patch that
fixes a security issue to the krb5 package in sid and get it into
testing quickly.
I am nervous when I think about including that patch along with a bunch
of doc changes.
In general, when we're going to break a bunch of
Well, krb5 really isn't that hard to rebuild.
Other than rebuilding for security I wouldn't feel very uncomfortable
about building a local krb5.
And note that if you have a php 5.2 that you haven't touched since
lenny, well, clearly you're willing to deal with not rebuilding some
things for
Alessandro == Alessandro Ghedini gh...@debian.org writes:
3) A static aide with libcurl and somewhat crippled Kerberos
meaning that aide needs to get libcurl and krb5 updates. In
addition libcurl might potentially need to get rebuilt on
Kerberos security updates.
This was intentional at the time it was introduced because the policy
and build maintainers were in a pissing match and i lost a lot of
respect for everyone involved.
however I suppose at this point going and enabling build-arch support
for real is in the best interest of the project.
--Sam
--
Florian == Florian Weimer f...@deneb.enyo.de writes:
Florian Yes, packet loops can be annoying. I think we should issue
Florian a DSA for this.
OK, do you want me to prepare patches and builds for squeeze and wheezy?
--
To UNSUBSCRIBE, email to
I'll try to get it done by tomorrow morning east coast time.
If it doesn't happen by then it will be a while and it would be great if
someone else would step forward.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
so, i'll be uploading to oldstable-security shortly.
i have tested those patches.
i have a package ready to build at the wheezy branch of the debian krb5
git (debcheckout krb5)
I have not built that. I apparently don't have a wheezy environment and
am not going to have chance to set up chroot
Raphael == Raphael Hertzog hert...@debian.org writes:
Raphael On Fri, 17 May 2013, Russ Allbery wrote:
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707195 for
the discussion.
Raphael Looks like neither upstream nor the Debian maintainers want
Raphael to revert this
Actually, it's probably easier if I make the updates.
rationale:
You have your repo mixed in with something else.
It makes a bit harder to construct the initial dpm state.
but I can take what you have and the 1.11.2 tarball and prepsource
myself and then rsync the repo into place on alioth.
It
As I recall 1.11 includes a verto update.
how critical is that?
do I need to update debian libverto befor krb5?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
retitle 647742 ITP: libradsec -- RADIUS over TLS/DTLS/UDP/TCP library
owner 647742 !
thanks
Lucas, thanks for the prod.
my apologies for not keeping the bug updated.
The current packaging status of libradsec can be found at
git://git.project-moonshot.org/libradsec.git in the debian and
Well, is there any reason you're not using the full name for the
principal in the keytab?
in AD, i'd expect that to work too.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
301 - 400 of 1322 matches
Mail list logo
