2002-08-05: Security advisory regarding OpenSSL and XDR

• The problems discovered in OpenSSL does not directly affect Heimdal. Even when linked with OpenSSL the bad functions are not used.
• Likewise, the integer overflow in Sun's XDR library does not directly affect Heimdal. MIT's Kadmin library uses a variant of GSSRPC that had this problem, but Heimdal uses a different marshaling.

Third party applications might be affected, and it's probably a good idea to avoid using the misbehaving libraries.