[Pkg-samba-maint] Bug#897269: samba: build against system heimdal instead of outdated embedded code copy

Paul Wise pabs at debian.org
Tue May 1 06:36:59 BST 2018


Source: samba
Severity: wishlist
Usertags: embed
Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=12976

As noted in samba upstream bug #12505, the embedded copy of heimdal in
samba is outdated, at least in respect to the krb5_storage_free
function and this seems to cause some crashes in samba at times.
There are probably other bugs in samba's copy of heimdal that were
fixed in heimdal upstream.

https://git.samba.org/?p=samba.git;a=blob;f=source4/heimdal/lib/krb5/store.c;hb=HEAD#l270
https://github.com/heimdal/heimdal/blob/master/lib/krb5/store.c#L289
https://bugzilla.samba.org/show_bug.cgi?id=11824
https://bugzilla.samba.org/show_bug.cgi?id=12505
https://www.spinics.net/lists/samba/msg133243.html

I asked samba upstream last year to either remove or update the
embedded code copy but there was no response to my bug report.

https://bugzilla.samba.org/show_bug.cgi?id=12976

Until samba upstream reaches a decision on this, I think that Debian
should patch samba so that our builds use the system version of heimdal
instead of the outdated embedded code copy.

See also Debian Policy 4.13 and the corresponding wiki page:

https://www.debian.org/doc/debian-policy/#convenience-copies-of-code
https://wiki.debian.org/EmbeddedCodeCopies

-- 
bye,
pabs

https://wiki.debian.org/PaulWise
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20180501/e7c617f4/attachment-0001.sig>


More information about the Pkg-samba-maint mailing list