Sam Hartman writes:
> For myself I'm unconvinced that it makes sense to have static libraries
> used for aid. I was really hoping the security team would comment on
> this one way or another.
That's kind of where I'm at too. There are enough other tricks that you
can pull to hide files from st
For myself I'm unconvinced that it makes sense to have static libraries
used for aid.
I was really hoping the security team would comment on this one way or
another.
I can certainly create libkrb5-static.
But I'd rather have a broader consensus of the project than just the aid
maintainer agreeing
Hello,
As there is no progress with this issue since nearly two months, I would
now suggest to go along with the third option cited below. I think a
'libkrb5-static package' is a good compromise to solve both bugs and
enable me to use curl with aide.
What do you think?
Best regards
Hannes
On W
> "Alessandro" == Alessandro Ghedini writes:
>> > 3) A static aide with libcurl and somewhat crippled Kerberos
>> meaning > that aide needs to get libcurl and krb5 updates. > In
>> addition libcurl might potentially need to get rebuilt on
>> Kerberos > security updates.
On sab, mag 18, 2013 at 11:38:15 +0200, Hannes von Haugwitz wrote:
> Dear security team,
>
> as suggested by Sam I ask you to comment on the following issue.
>
> I want to statically link my package aide to libcurl, which is
> statically linked for security reasons. Since krb5 does not support
>
Dear security team,
as suggested by Sam I ask you to comment on the following issue.
I want to statically link my package aide to libcurl, which is
statically linked for security reasons. Since krb5 does not support
static libraries any longer (#439039), the static library of libcurl is
now usele
My recommendation is that we talk to the security team.
The biggest disadvantage of all these static libs running around is the
number of packages they need to do security updates for.
We could ask them about whether it's better to have:
1) no static aide
2) a static libcurl with less functionali
Alessandro Ghedini writes:
> On ven, mag 10, 2013 at 07:33:16 -0400, Sam Hartman wrote:
>> So, I'm open to including static support in a special package (not
>> libkrb5-dev), but I'd need to understand the use case and be convinced
>> it's actually a good idea.
> If I understood this, Hannes wan
On ven, mag 10, 2013 at 07:33:16 -0400, Sam Hartman wrote:
> So, I'm open to including static support in a special package (not
> libkrb5-dev), but I'd need to understand the use case and be convinced
> it's actually a good idea.
If I understood this, Hannes wants to enable support for libcurl in
There are reasons that the krb5 upstream build does not include static
libs.
The main problem is that more and more krb5 depends on plugins for
various things.
As an example, preauthentication, KDC location,' GSS-API mechanisms all
support plugins.
In the krb5 in wheezy, you cannot request FAST c
[ CCed the krb5 maintainers, see below ]
On ven, mag 10, 2013 at 10:41:29 +0200, Hannes von Haugwitz wrote:
> On Thu, Apr 12, 2012 at 12:36:21AM +1000, Trent W. Buck wrote:
> > Alessandro Ghedini wrote:
> > > Not much. I'm still quite uncomfortable on replacing MIT kerberos, the
> > > reference
>
On Thu, Apr 12, 2012 at 12:36:21AM +1000, Trent W. Buck wrote:
> Alessandro Ghedini wrote:
> > Not much. I'm still quite uncomfortable on replacing MIT kerberos, the
> > reference
> > implementation of Kerberos and the default one on Debian, with another, less
> > used and tested, alternative.
>
Alessandro Ghedini wrote:
>> Would it be possible to use MIT krb for the dynamic libcurl, and
>> *no* krb for the static libcurl? The krb part is, after all, only
>> used for SPNEGO, and the set intersection of "people who want
>> static libcurl" and "people who need krb" is probably pretty
>> sma
Alessandro Ghedini wrote:
> Hannes von Haugwitz wrote:
>> A static library without krb is better than the current one which
>> is not usable at all.
>
> That's just not true. Nothing stops you from using the static
> libcurl library and linking to the shared krb5, which is installed
> on pretty muc
On Thu, Apr 12, 2012 at 12:36:21AM +1000, Trent W. Buck wrote:
> Alessandro Ghedini wrote:
> > On Tue, Apr 10, 2012 at 11:14:25AM +0200, Hannes von Haugwitz wrote:
> > > Hello,
> > >
> > > On Sat, Feb 18, 2012 at 05:01:14PM +0100, Alessandro Ghedini wrote:
> > > > An alternative solution would be
On Wed, Apr 11, 2012 at 05:44:01PM +0200, Hannes von Haugwitz wrote:
> On Thu, Apr 12, 2012 at 12:36:21AM +1000, Trent W. Buck wrote:
> > Alessandro Ghedini wrote:
> > > Not much. I'm still quite uncomfortable on replacing MIT kerberos, the
> > > reference
> > > implementation of Kerberos and the
On Thu, Apr 12, 2012 at 12:36:21AM +1000, Trent W. Buck wrote:
> Alessandro Ghedini wrote:
> > Not much. I'm still quite uncomfortable on replacing MIT kerberos, the
> > reference
> > implementation of Kerberos and the default one on Debian, with another, less
> > used and tested, alternative.
>
Alessandro Ghedini wrote:
> On Tue, Apr 10, 2012 at 11:14:25AM +0200, Hannes von Haugwitz wrote:
> > Hello,
> >
> > On Sat, Feb 18, 2012 at 05:01:14PM +0100, Alessandro Ghedini wrote:
> > > An alternative solution would be to build curl with Heimdal (AFAICT they
> > > do
> > > provide the static
On Tue, Apr 10, 2012 at 11:14:25AM +0200, Hannes von Haugwitz wrote:
> Hello,
>
> On Sat, Feb 18, 2012 at 05:01:14PM +0100, Alessandro Ghedini wrote:
> > An alternative solution would be to build curl with Heimdal (AFAICT they do
> > provide the static library) instead of the MIT kerberos impleme
Hello,
On Sat, Feb 18, 2012 at 05:01:14PM +0100, Alessandro Ghedini wrote:
> An alternative solution would be to build curl with Heimdal (AFAICT they do
> provide the static library) instead of the MIT kerberos implementation.
>
> I'm not sure on the consequences of such change though, and I wil
tags 495163 confirmed
kthxbye
On Fri, Aug 15, 2008 at 10:58:31AM +1000, Trent W. Buck wrote:
> Package: libcurl4-openssl-dev
> Severity: normal
>
> Darcs can no longer be statically built with curl on Debian. This
> appears to be due to
>
> http://bugs.debian.org/439039
> libkrb5-dev: s
Hannes von Haugwitz wrote:
> What is the state of this bug? I would like to add curl support to
> the aide pkg (which is statically linked).
AFAIK, no change.
If it were a private package, I'd advise you to reroll curl without
kerberos support, so it can be statically linked into aide. To do
th
Hi,
What is the state of this bug?
I would like to add curl support to the aide pkg (which is statically
linked).
Thanks
Hannes
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hi Andreas.
On Fri, Aug 15, 2008 at 12:58 PM, Andreas Schuldei <[EMAIL PROTECTED]> wrote:
> * Andreas Schuldei ([EMAIL PROTECTED]) [080815 10:14]:
>> i am not sure what package this bug should be filed against. i think it
>> is either darcs or kerberos.
>
> after closer inspection i find this in c
On Fri, Aug 15, 2008 at 10:58:54AM +0200, Andreas Schuldei wrote:
> is this relevant for lenny?
Within Debian, the darcs package is only ever dynamically linked. The
issue was raised by users who are creating statically linked versions
of the current Darcs release on Lenny, to run on Etch.
I ass
* Andreas Schuldei ([EMAIL PROTECTED]) [080815 10:14]:
> i am not sure what package this bug should be filed against. i think it
> is either darcs or kerberos.
after closer inspection i find this in curl-config.in:
echo @libdir@/[EMAIL PROTECTED]@ @LDFLAGS@ @LIBCURL_LIBS@ @LIBS@
which c
* Trent W. Buck ([EMAIL PROTECTED]) [080815 03:05]:
> Package: libcurl4-openssl-dev
> Severity: normal
>
> Darcs can no longer be statically built with curl on Debian. This
> appears to be due to
>
> http://bugs.debian.org/439039
> libkrb5-dev: static libraries no longer supported
i sug
Package: libcurl4-openssl-dev
Severity: normal
Darcs can no longer be statically built with curl on Debian. This
appears to be due to
http://bugs.debian.org/439039
libkrb5-dev: static libraries no longer supported
It appears that this can be resolved by building libcurl's static
version
28 matches
Mail list logo
