> "Andreas" == Andreas Barth writes:
Andreas> About the bug itself: How about e.g. adding an transition
Andreas> package libkrb53 to unstable which depends on libk5crypto
Andreas> and also libk5crypto breaks the lenny libkrb53. That
Andreas> together would makes sure that the
Hi. Hi, I don't have enough time to dig into the Samba code, but I'm
happy to help interface with the MIT Kerberos team on this issue.
A couple of points. First, 1.8 is in alpha test. Etienne's assumption
that upstream is aware of the consequences of their changes is false.
Upstream (including
package: libk5crypto3
severity: serious
version: 1.8+dfsg~alpha1-1
justification: huge mess for lenny->squeeze
Adrian Zaugg noticed that if you install libk5crypto3 from unstable with
libkrb53 from lenny, nothing works. In particular, the internal symbol
krb5_hmac disappeared.
The obvious and pr
package: wnpp
severity: wishlist
owner: hartm...@debian.org
name: krb5-appl
URL: http://web.mit.edu/kerberos/dist/krb5-appl
License: MIT Kerberos license
(roughly MIT license plus a requirement that if you modify the
software you must mark it as modified)
description: Contains fairly anci
severity 566223 normal
thanks
The problem is your config file is wrong.
Remove the enctype lines you added and add
allow_weak_crypto = true
as described in /usr/share/doc/libkrb5-3/NEWS.debian.gz
There is a bug that if one of the enctype lists is empty, kinit
segfaults. We'll get that fixed, bu
This issue was a major focus of discussion at today's release meeting
for MIT Kerberos upstream.
The consortium plans to:
1) Introduce a new API to enable weak crypto for a given context.
This API will not be the same as the Heimdal API for implementation
complexity reasons.
2) Look into loggin
Here are my thoughts.
1) There are things we could choose to do in krb5-config to make things
better for Debian.
I made one proposal. It's not clear that's necessary though.
2) Either upstream or in a Debian-specific API to be removed in the
future--I.E. something not in a public header--we coul
No, I'm not entirely sure what's going on there, but conflicts or breaks
is the right relationship.
I'd expect that libkadm5srv6 would go away and be replaced by
libkadm5srv7.
Try explicitly installing that.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject o
> "Thomas" == Thomas Bushnell BSG writes:
Thomas> This bug was propagated to the *stable* release because of
Thomas> the recent (minor) security issue.
Thomas, I'm having a hard time substantiating this claim.
According to my rmadison:
krb5 | 1.6.dfsg.4~beta1-5lenny2 | proposed-upda
> "Ralf" == Ralf Treinen writes:
Ralf> Hi, sorry for the double submission (I should just have
Ralf> reopenend the old bug report Bug#564666). I thought that I had
Ralf> seen that bug before but couldn't find it since it was
Ralf> assigned to a different package, and somehow m
Sadly, given the MIT implementation porting that API for 1.8 would be
kind of tricky. The bit about whether something is weak is not stored
per-context.
I guess we should discuss on krbdev.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". T
For AS requests it definitely is a security issue.
For TGS it is less of an issue and may not be an issue at all. The case
I'm still pondering is the cross-realm case.
Perhaps we should backport the API from Heimdal.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with
> "Russ" == Russ Allbery writes:
Russ> Vasilis Vasaitis writes:
>> However, IMHO this is an unsatisfactory solution. Packages should
>> ideally work correctly with their default settings, and therefore
>> having each person that needs openafs-krb5 edit krb5.conf is not
>>
Hi. I'm going to add a conflicts for now, although it sounds like this
needs an upstream fix.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Can I get you to try adding allow_weak_crypto = true to the libdefaults
sections of /etc/krb5.conf? If that fixes your problem, then this is
not a bug.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debia
>>>>> "Russ" == Russ Allbery writes:
Russ> Sam Hartman writes:
>> I'll add a conflicts for now. Are you running into a case where
>> you'd actually like to have both libraries installed at the same
>> time?
Russ>
I'll add a conflicts for now. Are you running into a case where you'd
actually like to have both libraries installed at the same time?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
>>>>> "Harald" == Harald Braumann writes:
Harald> On Mon, 14 Dec 2009 09:16:42 -0500
Harald> Sam Hartman wrote:
> I'm very confused. I've looked over your logs and your package
>> dependencies and I cannot figure
I've forwarded your bug upstream. I don't see any changes in upstream
svn since 1.7 that are likely to be a fix and I'm unlikely to have time
to look at this myself in the next month or so.
--Sam
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscr
I'm very confused. I've looked over your logs and your package
dependencies and I cannot figure out how you managed to get into this
state.
It's possible that one version of jabberd2 was built against a newer
Kerberos and a later version ]was built against an older Kerberos.
If that's the case,
> "Harald" == Harald Braumann writes:
Harald> Hi, yes, very sad, indeed, especially if the host is only
Harald> reachable via ssh and that breaks.
Agreed. This is not intended to reduce the severity of the problem, but
is advice you may find useful for reducing this sort of thing in
> "Zahari" == Zahari Zahariev writes:
Zahari> Hello, I am trying to set up Kerberos server on Debian in
Zahari> VirtualBox. When I am trying to run krb5_newrealm and it
Zahari> hangs!
Getting sufficient random data for virtualization software is tricky.
I'd recommend googling for
Actually, I suspect that the shared library build command is coming
from src/config/lib.in and is being substutited into the Makefile. I don't see
anything specific to shared library builds .
I'm honestly not sure that what upstream is doing is *wrong*. It's
*strange* and I can probably change
So, something has changed in dpkg-gensymbols. encrypted_challenge.so
is a plugin, not a library. Previously, it was not listed nor
expected in the symbols file.
I think that's the correct behavior.
I do not think it would be desirable to move this plugin into another package.
I realize it's not
severity 557929 normal
thanks
There was a fair bit of discussion of this on -release and -devel.
This is the best we came up with. Yes, the problem you note--that if
you install and then remove one of the new libraries, you get a broken
system exists. The consensus of those discussions is that
I expect squeeze to ship with a 1.8 beta probably. I disagree that
this bug would justify a revert, but believe backporting the fix
should be trivial.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian
Brian, should I look into making /usr/include/gssapi be a directory of
symlinks rather than a symlink itself to avoid this?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
I'll argue in the upstream discussion that this should be a default
behavior change where failure to write the pid file is non-fatal.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Russ, thoughts on this?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> "Trafire" == Trafire Arcanegrin writes:
Trafire> Package: krb5 Version: 1.7dfsg~beta3-1 Severity: wishlist
Trafire> Hello, Upstream has released 1.7.
Trafire> Please consider update it. :-)
I should. I've done most of the work in my git repository already.
It's not been the
Package: libc6
Version: 2.10.1-5
Severity: normal
Hi. I've found that if I use MIT Kerberos, or any other application
that requests both v4 and v6 addresses at the same time I get a 5
second delay in each call to getaddrinfo with high probability. There
is obviously a race condition: sometimes (
I don't think start-stop-daemon can create the pid file because these process
fork and daemon themselves.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Another area the patch needs to cover is repointing the .so symlinks
to /usr/lib instead of /usr/lib/heimdal.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Thanks. Sloppiness on my part in dealing with build-depends; will
update and re-upload.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hi. I wanted to give an update here. It turns out that you don't
want to install the .la files in heimdal-multidev because libtool
really doesn't deal at all well with the .la and .so.x.y living in
different directories.
So, I'm leaving the .la files in heimdal-dev and the .so and .a files
in he
Are you using LDAP for nss in /etc/nsswitch.conf?
This sounds more like an NSS or Kerberos issue than a PAM issue.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
I guess the question is whether there are any significant changes in
common-password that need to be merged in or whether it is OK for new
systems to get the new file and old systems not to.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". T
> "Luca" == Luca Monducci writes:
Luca> Hello, I received a late feedback from one of proofreader.
Luca> Could you please add the attache translation instead of
Luca> previuops one?
Sure thing, done.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a
Honestly I'd rather think about fixing it than argue about bug
severities. I would probably have treated all of these as
grave/critical, but I don't care much.
As far as I can tell, the bug severity doesn't matter much:
1) They are all in testing already
2) We agree they want to be fixed
3) We p
severity: serious
tags: security
package: libpam-runtime
Version: 1.0.1-6
Even with the changes committed for 1.0.1-10, enabling only profiles
like consolekit that provide no authentication option leave the system
accepting any password.
I realize this is messy in the code, but I think we need to
Sorry, I broke the last patch fixing a cosmetic issue reported by Russ.
I will retest and fix.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
1-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Implement heimdal-multidev package to provide set of headers and
+libraries that can be installed along-side MIT Kerberos Development
+files
+
+ -- Sam Hartman Sat, 25 Jul 2009 13:35:51 -0400
+
heimdal (1.2.e1.dfsg.1-1) uns
Ah. I specifically installed mutt only because nmudiff seemed to
imply I'd be happy with it than without.
I don't use mutt.
This may be a doc issue.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.o
I'm terribly sorry.
hartm...@live:sid(140)> env |grep -i email
debemail=hartm...@debian.org
However I was using mutt not sendmail.
Is DEBEMAIL expected to be ignored in the mutt case?
If so, why?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscri
Package: devscripts
Version: 2.10.52
Severity: normal
File: /usr/bin/nmudiff
I filed two nmudiffs; despite DEB_EMAIL being set, it was not used for my from
address.
I had mutt installed.
-- Package-specific info:
--- /etc/devscripts.conf ---
--- ~/.devscripts ---
Not present
-- System Infor
) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Build depend on libzephyr-dev >= 3.0; this indicates a transition from
+krb4-based zephyr to krb5-based zephyr, Closes: #538053
+
+ -- Sam Hartman Thu, 23 Jul 2009 07:37:06 -0400
+
owl (2.2.2-1) unstable; urgency=low
* New upstr
+ tzc-2.6.15/debian/changelog
@@ -1,3 +1,11 @@
+tzc (2.6.15-5.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Build depend on zephyr 3.0, indicating a transition from krb4 to krb5
+zephyr, Closes: #538052
+
+ -- Sam Hartman Thu, 23 Jul 2009 07:42:27 -0400
+
tzc (2.6.15-5) uns
I will send a diff when I schedule the NMU.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: owl
Version: 2.2.2-1
Severity: grave
Justification: renders package unusable
Hi. Owl depends on libzephyr3 which is no longer in unstable. This
is blocking the zephyr transition which is blocking the removal of
libkrb53 from testing. I'll schedule an NMU through the delayed queue
mech
package: tzc
severity: grave
version: 2.6.15-5
Hi. tzc depends on libzephyr3 which is no longer present in unstable.
This is blocking the zephyr transition, which is blocking the removal
of libkrb53 from testing.
I plan to schedule an NMU for 4 days from now using the delayed queue.
I'll attach a
package: krb5-config
Version: 1.23
severity: wishlist
MIT Kerberos 1.7 and some recent version of Heimdal support a consistent config
file option to disable weak encryption types like des and rc4-56.
Please implement this option for Debian.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...
> "Luk" == Luk Claes writes:
>> Package: libzephyr3-krb Package: zephyr-server-krb
>>
>> Zephyr's Kerberos support has been broken for a while in
>> testing, so breaking libzephyr3-krb and zephyr-server-krb's
>> dependencies in testing won't be a big deal. The code doesn'
> "Robert" == Robert Millan writes:
Robert> Version: 3.0~beta.2362-1 Hi,
Robert> This seems to be fixed in 3.0~beta.2362-1 which is
Robert> currently in experimental.
Robert> Karl, is that version in a usable state? Can it be
Robert> uploaded to sid?
I talked to Karl a
> "Luk" == Luk Claes writes:
>> Root-system is newer in testing than unstable and has RC bugs
>> open for a long time in unstable.
Luk> Should this be fixed from testing for now?
If you did a bin NMU of the testing root-system rather than the
unstable, it should remove the depe
I'll ask the person responsible for that. I'm guessing there exists
some platform somewhere that does the wrong thing with af_family = 0.
I'm also hoping that we can move past that now.
I'm guessing that an svn blame would suggest that code is old.
--
To UNSUBSCRIBE, email to debian-bugs-dist
This is strange. So, the reverse resolution behavior is intentional
(and highly broken--it's a long story) but can be disable by setting
rdns=true in the libdefaults section of krb5.conf.
Gss calls gss_import_name (lib/gssapi/krb5/import_name.c) and that
calls krb5_sname_to_principal (src/lib/krb
As best I can tell these symbols were only ever available with the
KRB5_PRIVATE preprocessor define set in the compilation environment.
Symbols made available by the KRB5_PRIVATE symbol are not part of the
public ABI/API of the krb5 libraries. They may be renamed, removed,
arguments changed witho
I've forwarded your latest message to upstream.
One advantage of the keyring cache is that it completely isolates the
file system for ticket caching.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.
Can I get you to make sure you have krb5-user installed,
kinit -c KEYRING:blah
and start firefox with the KRB5CCNAME environment variable set to KEYRING:blah
(to confirm you're using the keyring cache, probably doing a kdestroy
on your normal tickets would be good)
What I'm trying to do here is
Thanks for the updated patch. I noticed you dropped the pthread hunk;
I'm assuming that is either not needed or you'll open a separate bug
on that issue.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.deb
> "Aleksandar" == Aleksandar Kostadinov writes:
Aleksandar> It is in the form kdc = : just like the
Aleksandar> standard entries in the file. This is the same as on
Aleksandar> the fedora system which is actually a virtualbox VM
Aleksandar> (with vbox nat networking) on the de
> "Marc" == Marc Dequènes (Duck) writes:
Marc> Coin, In fact, the patch is mostly identical to the previous
Marc> one, just added 3 very small chunks to solve the same thing
Marc> as the previous patch. It is a fix because PATH_MAX,
Marc> MAXHOSTNAMELEN, and MAXPATHLEN should
Can I get you to make sure that your krb5.conf explicitly lists the
KDCs for the realms in question, and that each KDC ends with a trailling period.
I.E.
kdc = kerberos.your.domain.
not
kdc = kerberos.your.domain
Also, do you see slowness the first time you open a location or all the time?
--
This patch would be hugely easier to review (and would thus get
reviewed much sooner and uploaded) if it were split apart into
patching describing what you were trying to do and including a small
code change that is consistent with that description. For example, if
you were to clone the git repo m
Paul, letting us know that it works against a lenny server but not a
sid server is very interesting. That probably means that the etype
negotiation support introduced in 1.7 is not quite doing the right
thing.
Things to check:
[I'm not saying you should check these; this is mostly for Kerberos pe
I can't reproduce this.
Password for hartm...@athena.mit.edu:
Enter new password:
Enter it again:
Password change rejected: New password is too short.
Please choose a password which is at least 6 characters long.
luminous:/# zcat /usr/share/doc/krb5-user/ |head -1
zcat: /usr/share/doc/krb5-user/ is
> "Simon" == Simon Josefsson writes:
8Simon> Hi. It seems the doc/krb5-protocols/ directory wasn't
Simon> removed in the upload of this *.orig.tar.gz. This is a
Simon> regression of #393380.
Yes. I screwed up the import of 1.7dfsg~beta1. I depend on the
filter feature of git
Thanks much.
I think I roughly understand the problem area.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
>>>>> "Bastian" == Bastian Blank writes:
Bastian> On Wed, May 13, 2009 at 10:20:46AM -0400, Sam Hartman wrote:
>> Any chance you could see where it's segfaulting with a
>> backtrace or something? As is, the bug's not much to go
severity 527468 serious
reassign 527468 libgssapi-krb5-2
tags 527468 moreinfo
thanks
Any chance you could see where it's segfaulting with a backtrace or
something? As is, the bug's not much to go on.
I don't have a test environment handy and will admit that I've not had
much luck getting NFS an
severity 527468 serious
reassign 527468 libgssapi-krb5-2
tags 527468 moreinfo
thanks
Any chance you could see where it's segfaulting with a backtrace or
something? As is, the bug's not much to go on.
I don't have a test environment handy and will admit that I've not had
much luck getting NFS an
Package: cyrus-sasl2
Version: 2.1.22.dfsg1-25
Severity: normal
Hi. There is a configure test to link against libkrb5support0 even
though the distribution uses none of the symbols from that library.
This creates a dependency between libsasl2-modules-gssapi-mit and
libkrb5support0. Unfortunately,
> "Eric" == Eric Dorland writes:
Eric> Client is up2date unstable, and where I reported the bug.
Eric> Server is debian stable, running the heimdal kdc, version
Eric> 1.2.dfsg.1-2.1. It doesn't have libgssapi-krb5-2 and
Eric> libkrb5-3 installed.
OK. I believe that 1.7dfsg~b
In the interests of easing the krb5 transition I'd like to see
nfs-utils transition to testing. As best I can tell, this is not an
RC bug. If it is a bug, not a behavior change, it does not render the
package unusuable. I'd recommend important as a severity.
--Sam
--
To UNSUBSCRIBE, email
> "Sébastien" == Sébastien Tisserant writes:
Sébastien> Hi, I have the same problem
Sébastien> ssh gives me : debug1: Unspecified GSS failure.
Sébastien> Minor code may provide more information Decrypt
Sébastien> integrity check failed
What kerberos libraries were running on
I found a test environment and have reproduced the environment.
Will keep you and the bug posted.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: heimdal-kdc
Version: 1.2.dfsg.1-4
Severity: important
Tags: upstream
Hi.As discussed in bug #527353, Heimdal fails to follow the
requirement at the top of page 35 of RFC 4120 that when an
authenticator subkey is used in the TGS request, the response needs to
be encrypted in that subkey, n
Actually, I'm no longer convinced that a flag is the right approach.
I have a solution that involves fixing this bug along with the
wishlist bugs. An explanation is too long to fit in the margin of
this message, but will be sent out when I get to it so others can
review.
Components:
* use bind9-h
*sigh* I begin to question the wizdom of agreeing that 510419 was
actually a bug.
Yes, I think an extra internal flag is the right approach. I'm going
to be mucking with kerberos-configs to get rid of krb4-configshortly and will
deal.
However if we get any more problems with 510419, I'm going b
severity 527353 important
tags 527353 moreinfo
thanks
"works for me" between two Debian systems. Can you please tell me the
server software, and include klist -5e output after running ssh?
If the server is Debian, make sure it is running the same version of
libgssapi-krb5-2 and libkrb5-3 (assu
package: libzephyr3-krb
severity: grave
justification: cannot be installed using packages in unstable
Version: 2.1.20070719.SNAPSHOT-1.2
Hi. With the removal of libkrb53 from unstable, libzephyr3-krb can no
longer be installed in unstable.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@
package: libauthen-krb5-admin-perl
Version: 0.11-1
Severity: important
Tags: patch
Hi. Kerberos 1.7 just entered unstable. Kerberos 1.7 makes the
admin.h interface public, so it should be possible to use the actual
upstream interface rather than an internal header taken from the
upstream sources
# Automatically generated email from bts, devscripts version 2.10.35lenny1
# via tagpending
#
# krb5 (1.7~beta1+dfsg-1) experimental; urgency=low
#
# * New upstream release
#- kadmin and related commands moved to /usr/bin, Closes: #477296
#- Kadmin headers are Public: Closes: #191616
#
: #477296
# -- Sam Hartman Wed, 22 Apr 2009 09:53:15 -0400
#
package krb5-user libkrb5-dbg krb5-kdc krb5-rsh-server krb5-ftpd krb5-doc
libkadm5srv6 krb5 krb5-admin-server libk5crypto3 krb5-kdc-ldap libkrb5-dev
krb5-pkinit libkadm5clnt6 krb5-clients libkdb5-4 krb5-telnetd libkrb5support0
> "Roman" == Roman Bojczuk writes:
Roman> I waited about 10 minutes and just randomly hit keys on the
Roman> keyboard while it was generating random data. I have an
Roman> Intel dual core 1.6 GHz machine which does not usually take
Roman> too long to generate randomness. Than
I'm guessing that this is a server system that you're sshing into or a virtual
machine or something
and so the kernel is not getting a lot of random data.
I'm not entirely sure what to tell you: it's really incredibly
important that you have good random data when running krb5_newrealm.
I don't kn
Package: libzephyr-dev
Version: 3.0~beta.2362-1
Severity: important
libzephyr4-krb5 is not an acceptable alternative for libzephyr4 in
libzephyr4-dev's dependencies.
-- System Information:
Debian Release: 5.0
APT prefers testing
APT policy: (200, 'testing'), (90, 'unstable'), (1, 'experimen
> "Greg" == Greg Stark writes:
Greg> Has the debian zephyr package been krb5ed? Or will that
Greg> package be desupported as well?
Currently it FTBFSes. Karl does have krb5 zephyr code that is in
production at a few places (but not MIT) and he is working on
packaging it.
Note that
Source: krb5
Source-version: 1.6.dfsg.4~beta1-4
So, the Kerberos libraries in unstable do not support Kerberos 4.
This is known and documented in their news.debian file among other
places.
There's also a bit of a library rename/transition going on. The new
libraries replace, but do not conflict
Briefly, the short of my message is that fetchmail need not change and
that libkrb5-dev is still the right thing to depend on. I also don't
think things should break.
I'll look at the gssglue issue and get back to you.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
wit
How do I fix this and avoid marking the translations fuzzy?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
# Automatically generated email from bts, devscripts version 2.10.35
# via tagpending
#
# krb5 (1.6.dfsg.4~beta1-10) UNRELEASED; urgency=low
#
# * New French debconf translations, Thanks Christian Perrier, Closes: #518221
package libkadm5srv5 krb5-user libkrb5-dbg krb5-kdc krb5-rsh-server krb5-
Package: kstart
Version: 3.14-1
Severity: serious
Justification: no longer builds from source
The kstart package requires working krb4 headers.
As of krb5 1.6.dfsg.4~beta1-9, these are no longer available in unstable.
krb4 support needs to be removed.
-- System Information:
Debian Release: len
It turns out this will not be a RC bug. Owl does build from source
without krb4 or des425 although it loses zcrypt support.
--Sam
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: zephyr
Version: 2.1.20070719.SNAPSHOT-1.2
Severity: serious
Justification: no longer builds from source
Hi. krb5 version 1.6.dfsg.4~beta1-9 has been uploaded to unstable.
This version does not include headers or development libraries for libkrb4 or
libdes425.
As a result, zephyr fails t
OK, I'm going to upload a version with versioned replaces. Here are
downgrade instructions taken from -8's debian/NEWS that should work
both for -8 and for -7. Hopefully if you have -8 installed you won't
need to downgrade , but if you want to or currently have a broken
system here's what to do.
Um, I kind of think that's how replaces has always worked. However
there's a reason I wanted to shake this out in experimental first. Thanks for
the bug report.
Note that the upload of this for unstable will include a mostly dummy
libkrb53 that depends on the new libraries.
We'll call that t
> "Nico" == Nico Golde writes:
Nico> Hi, * Eike Sauer [2009-02-27 17:47]:
>> Am Freitag, 27. Februar 2009 schrieb Nico Golde: > libkrb5-3 is
>> in experimental so I dont see the problem on the fetchmail >
>> package side.
>>
>> Ah, I see. libkrb5-3 states it "Replac
; the important thing is to build-depend on libssl-dev.
The affect of these patches will still be to use libdes425, but if
rebuilt after libdes425.so goes awy, you'd end up using libcrypto.
>From 4ad9c2d0e61dcdee8091d21d20effa74a053191b Mon Sep 17 00:00:00 2001
From: Sam Hartman
Date: Tue
package: ftp.debian.org
Hi. The PSP package has received no significant development and no releases
upstream in a number of users.
I know of no use of the package and don't see why we want to maintain it.
I've spent no effort on the package in years.
pgprsvwPYOWJp.pgp
Description: PGP signat
1101 - 1200 of 1340 matches
Mail list logo
