From owner-freebsd-security  Wed Feb 28 14:47:28 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id OAA23113
          for security-outgoing; Wed, 28 Feb 1996 14:47:28 -0800 (PST)
Received: from alpha.dsu.edu (ghelmer@[138.247.32.12])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id OAA23102
          for <freebsd-security@freebsd.org>; Wed, 28 Feb 1996 14:47:24 -0800 (PST)
Received: (from ghelmer@localhost) by alpha.dsu.edu (8.7.4/8.7.3) id QAA29383; Wed, 28 Feb 1996 16:47:16 -0600 (CST)
Date: Wed, 28 Feb 1996 16:47:16 -0600 (CST)
From: Guy Helmer <ghelmer@alpha.dsu.edu>
To: freebsd-security@freebsd.org
Subject: Re: Kerberos Insecurities (COAST Announcement) 
In-Reply-To: <199602180722.JAA16952@grumble.grondar.za>
Message-ID: <Pine.OSF.3.91.960228163603.28918A-100000@alpha.dsu.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
Precedence: bulk

On Sun, 18 Feb 1996, Mark Murray wrote:
> Paul Danckaert wrote:
> > Does anybody know if this effects the ebones-based kerberos package?  If 
> > so, is there any info on a bug-fix?  
> 
> Too early to tell. We are eagerly awaiting the follow-up.

Has anyone tried merging MIT's patches into the eBones kerberos?  A 
cursory examination of the eBones kerberos.c indicates that it doesn't 
use des_new_random_key & friends...

Guy Helmer, Dakota State University Computing Services - ghelmer@alpha.dsu.edu