Chaskiel Grundman <[EMAIL PROTECTED]> writes: > Package: libkrb53 > Version: 1.4.3-4 > Severity: important
> After the last krb53 update, attempting to authenticate to a host that > has no key (or has once in a realm I can't authenticate to) breaks > badly. glibc detects a double-free, and the ticket cache is > corrupted. when libkrb53 subsuquently tries to use the corrupt ticket > cache, it crashes. I first noticed the problem with ssh-krb5, but it > can be reproduced with the ftp in krb5-clients: > starfury:~> kinit cg2v > Password for [EMAIL PROTECTED]: > Warning: Your password will expire in 193 days on Wed Jul 5 11:55:18 2006 > starfury:~> ls -l /tmp/krb5cc_1000 > -rw------- 1 cg2v cg2v 466 2005-12-23 11:49 /tmp/krb5cc_1000 > starfury:~> ftp erewhon > Connected to erewhon. > 220 erewhon FTP server (Version 6.00+Heimdal 0.6.3+KTH-KRB 1.2.2) ready. > 334 Send authorization data. > GSSAPI accepted as authentication type > *** glibc detected *** double free or corruption (fasttop): 0x08070af8 *** > Abort Hm, I can't duplicate this in a quick try: wanderer:~> ftp localhost Connected to localhost. 220 wanderer FTP server (Version 5.60) ready. 334 Using authentication type GSSAPI; ADAT must follow GSSAPI accepted as authentication type GSSAPI error major: Miscellaneous failure GSSAPI error minor: Server not found in Kerberos database GSSAPI error: initializing context GSSAPI authentication failed 334 Using authentication type KERBEROS_V4; ADAT must follow KERBEROS_V4 accepted as authentication type Kerberos V4 krb_mk_req failed: You have no tickets cached Name (localhost:eagle): Do you have the steps required to duplicate this from a current unstable install? -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
