Heimdal 0.7.2 and 0.6.6

[Love Hörnquist Åstrand <lha@it.su.se>]

A twin is forked into the world, Heimdal 0.7.2 and Heimdal 0.6.6, both are
healthy and represent an improvement over their older siblings.

You can find the source code here:

	ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.7.2.tar.gz
	ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.6.6.tar.gz

Both are signed by the Heimdal signing key: 
     Heimdal Signing Key <heimdal@pdc.kth.se> keyid: 45D901D8

Heimdal 0.7.2 includes the following changes

* Fix security problem in rshd that enable an attacker to overwrite
  and change ownership of any file that root could write.

* Fix a DOS in telnetd. The attacker could force the server to crash
  in a NULL de-reference before the user logged in, resulting in inetd
  turning telnetd off because it forked too fast.

* Make gss_acquire_cred(GSS_C_ACCEPT) check that the requested name
  exists in the keytab before returning success. This allows servers
  to check if its even possible to use GSSAPI.

* Fix receiving end of token delegation for GSS-API. It still wrongly
  uses subkey for sending for compatibility reasons, this will change
  in 0.8.

* telnetd, login and rshd are now more verbose in logging failed and
  successful logins.

* Bug fixes

Heimdal 0.6.6 includes the following changes

* Fix security problem in rshd that enable an attacker to overwrite
  and change ownership of any file that root could write.

* Fix a DOS in telnetd. The attacker could force the server to crash
  in a NULL de-reference before the user logged in, resulting in inetd
  turning telnetd off because it forked too fast.



Thanks to those reporting bugs and waiting peacefully for the release,

Enjoy,
Assar, Jacques, Johan, Love, Luke

PGP signature