![](https://seccdn.libravatar.org/avatar/d70f8a8240c69007852b9d1bf27e170b.jpg?s=120&d=mm&r=g)
25 Sep
2003
25 Sep
'03
22:47
* Charles Kunce (ckunce@nycap.rr.com) [030925 15:20]:
OK, then basically, I don't have to worry about it since I don't use pam_krb5
Well, I'm not authoritative either but the link I posted was from Roman Drahtmueller, head of the security team, who is. So yes, unless you're using kerberos and aren't worried about local users brute forcing the session keys (see http://www.kde.org/info/security/advisory-20030916-1.txt) then it's not a problem.
and SuSE has put out a version of 3.1.4 I can use _if_ I want to: caveat emptor.
I don't know about the emptor part, but yes. As I said, these aren't official packages and are mainly for testing. -- -ckm