Package: heimdal-kdc Version: 1.2.dfsg.1-4 Severity: important Tags: upstream
Hi.As discussed in bug #527353, Heimdal fails to follow the requirement at the top of page 35 of RFC 4120 that when an authenticator subkey is used in the TGS request, the response needs to be encrypted in that subkey, not in the ticket session key. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable'), (40, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.25-2-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
