Ubuntu
krb5 package

krb5 1.6.dfsg.1-3 source package in Ubuntu

Changelog

krb5 (1.6.dfsg.1-3) unstable; urgency=low

  * Upstream bug #5552: krb5_get_init_creds  needs to not dereference
    gic_opts if it is null.  Instead, assume that it is default options,
    Closes: #422687 

krb5 (1.6.dfsg.1-2) unstable; urgency=low

  * Fix shlibdeps to reflect 1.6.dfsg.1 instead of 1.6.1
  * Upload 1.6 to unstable

krb5 (1.6.dfsg.1-1) experimental; urgency=low

  * Oops, I failed to understand how the version numbers work.  Since 1.6.1 is less than 1.6.dfsg, the version numbering is going to be a bit screwy for the 1.6 series.  We will use 1.6.dfsg.1 for 1.6.1.
  * Update to update-inetd dependency, Closes: #420748

krb5 (1.6.1.dfsg-1) experimental; urgency=low

  * Depend on keyutils-lib-dev so we consistently get keyring cache support
  * New Portuguese translation, thanks Miguel Figueiredo , Closes: #409318
  * New Upstream release
      - Update shlibs for new API
  * Fix handling of null realm in krb5_rd_req_decoded; now we treat a null realm as a default realm there.

krb5 (1.6.dfsg-1) experimental; urgency=low

  * New 1.6 release from upstream.
  * Update copyright

krb5 (1.6.dfsg~alpha1-1) experimental; urgency=low

  * New upstream release
  * Remove IETF RFCs, Closes: #393380
  * Update copyright file based on new copyrights upstearm

krb5 (1.4.4-8) unstable; urgency=emergency

  * MIT-SA-2007-1: telnet allows  login as an arbitrary user when
    presented with a specially crafted username; CVE-2007-0956 
  * krb5_klog_syslog has a trivial buffer overflow that can be exploited
    by network data; CVE-2007-0957.  The upstream patch is very intrusive
    because it fixes each call to syslog to have proper length checking as
    well as the actual krb5_klog_syslog internals to use vsnprintf rather
    than vsprintf.  I have chosen to only include the change to
    krb5_klog_syslog for sarge.  This is sufficient to fix the problem but
    is much smaller and less intrusive.   (MIT-SA-2007-2)
  * MIT-SA-2007-3: The GSS-API library can cause a double free if
    applications treat certain errors decoding a message as errors that
    require freeing the output buffer.  At least the gssapi rpc library
    does this, so kadmind is vulnerable.    Fix the gssapi library because
    the spec allows applications to treat errors this way.  CVE-2007-1216 
  * New Japanese translation, thanks TANAKA Atushi, Closes: #414382

krb5 (1.4.4-7) unstable; urgency=low

  * Translation updates:
    - New Portuguese translation, thanks Rui Branco.  (Closes: #409318)


krb5 (1.4.4-6) unstable; urgency=emergency

  * MIT-SA-2006-2: kadmind and rpc library call through function pointer
    to freed memory (CVE-2006-6143).  Null out xp_auth unless it is
    associated with an rpcsec_gss connection.

 -- Kees Cook <email address hidden>   Wed,  09 May 2007 14:18:37 +0100

Upload details

Uploaded by:
Kees Cook
Uploaded to:
Gutsy
Original maintainer:
Sam Hartman
Architectures:
any
Section:
net
Urgency:
Critically Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
krb5_1.6.dfsg.1.orig.tar.gz 13.8 MiB ae5966a43d3fe0045e39631759180ceb16067f16ea67be86f2b489a8a6f22cb2
krb5_1.6.dfsg.1-3.diff.gz 1.6 MiB 9e4510d23d97f08e7e3aacf516f2b17cb806ee3f8e6e858d0f6ce6a6a7665c29
krb5_1.6.dfsg.1-3.dsc 898 bytes e97968af1db663f2dc4904e6789d05c5c28f97f5acddf27388eeb16420300736

View changes file

Binary packages built by this source