LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in heimdal:
The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5)
up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and
(b) Heimdal 0.7.2 and earlier, do not check return codes for setuid
ismaelvc wrote:there aren't 3.5.12 PKGBUILDS there are precompiled binaries, so no depends=(heimdal) optionAh, to ignore dependencies without rebuilding, install them with "pacman -Ud". However, this will skip ALL dependency checks, so make sure heimdal is the only one you're missing.
LinuxSecurity.com: A vulnerability has been found and corrected in heimdal:
Certain invalid GSS-API tokens can cause a GSS-API acceptor (server)
to crash due to a null pointer dereference in the GSS-API library