Bug 12976 - heimdal embedded copy: delete or keep up to date
Summary: heimdal embedded copy: delete or keep up to date
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
Depends on:
Reported: 2017-08-20 15:51 UTC by Paul Wise
Modified: 2021-01-29 05:57 UTC (History)
3 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Paul Wise 2017-08-20 15:51:27 UTC
As noted in bug #12505, the embedded copy of heimdal in samba is outdated, at least in respect to the krb5_storage_free function and this seems to cause some crashes in samba at times. There are probably other bugs in samba's copy of heimdal that were fixed in heimdal upstream.


samba's copy of heimdal needs to either be deleted or constantly kept up to date with the latest upstream release. My personal preference would be to just delete it. Given the recent rate of heimdal upstream releases, deleting it would probably be less work in the long run. Given the recent security issue for heimdal (CVE-2017-11103), deleting it would probably result in less work for distro security teams, especially since samba builds take much longer than heimdal.


If there are modifications to samba's copy of heimdal then it will need to be kept up to date instead. If possible, any such modifications should be sent upstream to heimdal. If they are not appropriate for upstream, then the release process for samba should be adjusted to include a check for the latest heimdal upstream release version.
Comment 1 Andrew Bartlett 2021-01-29 05:57:00 UTC
We are well aware.  This is more difficult than it looks however.