in the wrong order). Fix this, and bump PORTREVISION again. The window
was only a few minutes, but this won't disrupt things, and someone may
have updated in that window given the prominence of the problem.
Obtained from: Matt Power <mhpower@BOS.BINDVIEW.COM> via Bugtraq
the more restrictive SSH2 license), deprecate this port in favour of
OpenSSH as a parting shot (still allow people to build by setting an
environment variable) and remove myself as maintainer since I don't
have any interest in maintaining it.
About the only thing this port does which OpenSSH can't do well is
Kerberized logins..once that is working properly in OpenSSH I'm planning
to nuke the port.
The vendor says: ``We suggest those running a ftpd to update
immediately.''
Changes in release 0.3e:
* rcp program included
* fix buffer overrun in ftpd
* handle omitted sequence numbers as zeroes to handle MIT krb5 that
cannot generate zero sequence numbers
* handle v4 /.k files better
* configure/portability fixes
* fixes in parsing of options to kadmin (sub-)commands
* handle errors in kadmin load better
* bug fixes
Add new cracklib(3) manpage; add FascistCheck(3) function header file
(actually called packer.h) and a MLINK to cracklib(3) manpage. Bump
PORTREVISION to 1.
Submitted by: Andrew J. Korty <ajk@iu.edu> (maintainer)
compat_heimdal.c:
= Stop shooting at feet when freeing a particular chunk of memory.
Found by complaints from free(), and pinpointed with MALLOC_OPTIONS=A.
pam_krb5_auth.c:
= In addition to dropping and restoring uid when delving in /tmp,
drop and restore gid.
= Explicitly set permissions on the credentials cache for good measure.
The following was
Obtained from: Sam Hartman <hartmans@mit.edu> via bugs.debian.org
support.c:
= verify_krb_v5_tgt: Do a little more to prevent KDC spoofing.
Allow for a key separate from the host key to use only for PAM.
= Be very specific about where we think the libraries are, to avoid
getting the old crusty Heimdal from the base system.
= Minimize the undefined symbols in pam_krb5.so
mysql323-client installs libmysqlclient.so.10 (instead of
libmysqlclient.so.6).
mysql323-{client,server} are production quality, now (according to
MySQL AB at least).
