[1392] in Release_7.7_team
Athena 8.2.8 path release
daemon@ATHENA.MIT.EDU (Karl Ramm)
Mon Jul 27 22:50:58 1998
To: alexp@MIT.EDU, cavan@MIT.EDU, coc@MIT.EDU, davidh@MIT.EDU, dmaze@MIT.EDU,
f_l@MIT.EDU, foley@MIT.EDU, gjking@MIT.EDU, grlee@MIT.EDU, hli@MIT.EDU,
iggy@MIT.EDU, jmhunt@MIT.EDU, katiel@MIT.EDU, kshakir@MIT.EDU,
larugsi@MIT.EDU, lavin@MIT.EDU, lisanti@MIT.EDU, mbwall@MIT.EDU,
mjv@MIT.EDU, mwhitson@MIT.EDU, nschmidt@MIT.EDU, pbh@MIT.EDU,
pcollymo@MIT.EDU, pgalt@MIT.EDU, phils@MIT.EDU, rar@MIT.EDU,
release-team@MIT.EDU, sipb-staff@MIT.EDU, ted@MIT.EDU
From: Karl Ramm <kcr@MIT.EDU>
Date: 27 Jul 1998 22:50:40 -0400
8.2.8 just went out to the athena cell. Changes include:
* telnetd, sshd, and login could fail to convert krb5 tickets
to krb4 tickets (and, in the sshd case, nuke the krb5
tickets so you wind up with no tickets) due to an assumption
that the Kerberos realm is null-terminated. This bug has
been fixed.
* The xlogin ticket lifetime is now 10 hours (instead of 8).
The login krb4 ticket lifetime is also 10 hours instead of
8.
* The ssh patch to detect insertion attacks has been updated
to the most recent version; the previous version was
allegedly incorrect.
* sshd sets XAUTHORITY to a temporary directory so your xauth
information doesn't go over the net in the clear. (This
change was advertised as being in 8.2.7 but wasn't. This
time for sure!)
* The bind "host" command will not hang on unrecognized
command-line options.
* The zephyr server database dump format now includes the tty
field of user location entries (they were left out by
mistake in a previous change).
* /usr/athena/bin/passwd now always passes a username argument
to /usr/bin/passwd, since the System V /usr/bin/passwd
program is a little screwy about picking the default
username if you have done an su.
* The krb5.conf file has been fixed: the admin server line no
longer specifies an incorrect port, and the KDCs have been
listed in the proper order.
* ksrvutil has been added back to the release, so that
srvtab-handling procedures can be the same as they were in
8.1.
* The al_acct_create(3) man page has been fixed to display all
argument names correctly.
* The /etc/athena/console program no longer stops listening on
a file descriptor if it gets a zero-length read. It will
also display a message if it stops listening on a file
descriptor due to an input error. The old behavior was
causing programs such as reactivate to hang when they wrote
to /dev/console, since the console program had stopped
reading console output.
* Solaris machines will have patch 106448-01 applied to fix a
buffer overrun security hole in ping.
* Solaris machines no longer specify the system SCSI options
in /etc/system. That very old hack was preventing machines
from negotiating 40MB/sec transfer rates for ultra wide
disks.
* Solaris machines will clear obpdebug at boot time so that
panics don't drop to the prom. (The force-loading of
misc/obpsym was causing obpdebug to be set, which we don't
want.)
* The telnetd banner should be fixed on IRIX machines (it was
saying 4.4 BSD), and possibly changed a bit on Solaris
machines.
* On SGIs, /usr/freeware/catman is now in the default manpath
ahead of /usr/share/catman, so you get perl 5 man pages
instead of the perl 4 man page.
* SGIs will no longer save *.debug syslogs; they will save
"notice" level and above.