>>>>> "Thomas" == Thomas Bushnell BSG <t...@becket.net> writes:
Thomas> This bug was propagated to the *stable* release because of
Thomas> the recent (minor) security issue.
Thomas, I'm having a hard time substantiating this claim.
According to my rmadison:
krb5 | 1.6.dfsg.4~beta1-5lenny2 | proposed-updates | source
I believe that's also the same version in stable-security.
Looking at what commits were merged to the lenny-security branch in my
git, I do not believe any of the changes related to this bug are in
stable. In fact, the code necessary to disable weak crypto support in
the manner done recently in unstable was *introduced* in krb5 1.7;
stable has 1.6.4 roughly.
Now, it's possible I did something really stupid on the packaging front.
If I did somehow manage to upload krb5 1.8 to stable and call it 1.6
that would be disastrous as you claim. However can I get you to
approach this with the assumption that something non-obvious is going on
here and check your details and let me know what you're seeing?
--Sam
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
