boilermake n stuff
Alan DeKok
aland at deployingradius.com
Wed Nov 21 22:52:32 CET 2012
Matthew Newton wrote:
> Found it - the file 'src/modules/rlm_smb/md4.c' was removed in
> 5791f8641df010 - Fri Sep 19 14:38:32 2003!
Wow...
> Given the fact that it's unlikely to have been built since 2003,
> and that there are warnings of remote root exploits all over the
> source web page (above), then removing it is likely best.
Yes. There are no root exploits in the module, as those were
addressed about the same time frame.
> I'm guessing that as it isn't listed in modules/stable, it's just
> never been built until now.
>
> I've sent a pull request to remove it; feel free to cancel that
> and put md4.c back if you prefer!
It should be deleted.
Alan DeKok.
More information about the Freeradius-Devel
mailing list