HEADS UP! Kerberos5/Heimdal now default!
Craig Boston
craig at xfoil.gank.org
Mon May 5 13:01:26 PDT 2003
Man, I am losing my mind today. Please disregard, stable -- meant to
send to current@
Sorry for the noise
On Mon, 2003-05-05 at 14:59, Craig Boston wrote:
> Sorry for the dupe Garrett, forgot to copy the list......
>
> > What ``extremely colorful history of ... vulnerabilities''? I can
> > think of no more than five times I've had to rebuild my KDC in six
> > years.
>
> ...and nearly every security advisory I've seen for Kerberos 5 in the
> last year or two was actually for the Kerberos 4 compatibility code.
> One of the reasons I always build the port with "KRB5_KRB4_COMPAT=NO".
>
> The only exception I can think of at the moment was the XDR/RPC buffer
> overflow, which hit a LOT of software.
>
> Craig
More information about the freebsd-current
mailing list