-
heimdal (0.6.3-7ubuntu1.3) hoary-security; urgency=low
* SECURITY UPDATE: telnetd remote DoS.
* Add debian/patches/005_telnetd_crash:
- Apply upstream patch from 0.6.6 version: The attacker could force the
server to crash in a NULL de-reference before the user logged in,
resulting in inetd turning telnetd off because it forked too fast.
- CVE-2006-0677
-- Martin Pitt <email address hidden> Fri, 17 Feb 2006 12:44:13 +0000
-
heimdal (0.6.3-7ubuntu1.2) hoary-security; urgency=low
* SECURITY UPDATE: Privilege escalation in rshd: local overwrite and owner
change of any root writable file.
* Add debian/patches/004_rshd_priv_escalation:
- rshd.c: Move creation of users ticket file to later to avoid
seteuid/setuid dance.
* CVE-2006-0582
-- Martin Pitt <email address hidden> Wed, 8 Feb 2006 10:53:24 +0000
-
heimdal (0.6.3-7ubuntu1.1) hoary-security; urgency=low
* Non-maintainer upload.
* Fixes from Debian Sarge security update
* Fix buffer overflow security bug in telnet client, CAN-2005-0469, closes:
#305574.
* Applied upstream patch to fix buffer overflow in telnetd, fixes
CAN-2005-2040
-- Björn Torkelsson <email address hidden> Mon, 15 Aug 2005 14:36:41 +0200
-
heimdal (0.6.3-7ubuntu1) hoary; urgency=low
* Synchronise with Debian's 0.6.3-7, fixing Ubuntu bug #8501.
-- Adam Conrad <adconrad@0c3.net> Mon, 4 Apr 2005 02:09:05 +0000