Please sync krb5 (main) from Debian unstable (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
krb5 (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects ubuntu/krb5
status confirmed
subscribe ubuntu-archive
Please sync krb5 (main) from Debian unstable (main).
Explanation of the Ubuntu delta and why it can be dropped:
All Ubuntu changes have been incorporated upstream.
Changelog since current gutsy version 1.4.4-5ubuntu3:
krb5 (1.6.dfsg.1-2) unstable; urgency=low
* Fix shlibdeps to reflect 1.6.dfsg.1 instead of 1.6.1
* Upload 1.6 to unstable
-- Sam Hartman <email address hidden> Thu, 3 May 2007 20:23:47 -0400
krb5 (1.6.dfsg.1-1) experimental; urgency=low
* Oops, I failed to understand how the version numbers work. Since 1.6.1 is less than 1.6.dfsg, the version numbering is going to be a bit screwy for the 1.6 series. We will use 1.6.dfsg.1 for 1.6.1.
* Update to update-inetd dependency, Closes: #420748
-- Sam Hartman <email address hidden> Sun, 29 Apr 2007 08:59:28 -0400
krb5 (1.6.1.dfsg-1) experimental; urgency=low
* Depend on keyutils-lib-dev so we consistently get keyring cache support
* New Portuguese translation, thanks Miguel Figueiredo , Closes: #409318
* New Upstream release
- Update shlibs for new API
* Fix handling of null realm in krb5_rd_
-- Sam Hartman <email address hidden> Sat, 28 Apr 2007 16:21:03 -0400
krb5 (1.6.dfsg-1) experimental; urgency=low
* New 1.6 release from upstream.
* Update copyright
-- Sam Hartman <email address hidden> Thu, 1 Feb 2007 22:26:08 -0500
krb5 (1.6.dfsg~alpha1-1) experimental; urgency=low
* New upstream release
* Remove IETF RFCs, Closes: #393380
* Update copyright file based on new copyrights upstearm
-- Sam Hartman <email address hidden> Wed, 22 Nov 2006 10:28:13 -0500
krb5 (1.4.4-8) unstable; urgency=emergency
* MIT-SA-2007-1: telnet allows login as an arbitrary user when
presented with a specially crafted username; CVE-2007-0956
* krb5_klog_syslog has a trivial buffer overflow that can be exploited
by network data; CVE-2007-0957. The upstream patch is very intrusive
because it fixes each call to syslog to have proper length checking as
well as the actual krb5_klog_syslog internals to use vsnprintf rather
than vsprintf. I have chosen to only include the change to
krb5_
is much smaller and less intrusive. (MIT-SA-2007-2)
* MIT-SA-2007-3: The GSS-API library can cause a double free if
applications treat certain errors decoding a message as errors that
require freeing the output buffer. At least the gssapi rpc library
does this, so kadmind is vulnerable. Fix the gssapi library because
the spec allows applications to treat errors this way. CVE-2007-1216
* New Japanese translation, thanks TANAKA Atushi, Closes: #414382
-- Sam Hartman <email address hidden> Sun, 11 Mar 2007 19:08:52 -0400
krb5 (1.4.4-7) unstable; urgency=low
* Translation updates:
- New Portuguese translation, thanks Rui Branco. (Closes: #409318)
-- Russ Allbery <email address hidden> Wed, 21 Feb 2007 15:23:08 -0800
krb5 (1.4.4-6) unstable; urgency=emergency
* MIT-SA-2006-2: kadmind and rpc library call through function pointer
to freed memory (CVE-2006-6143). Null out xp_auth unless it is
associated with an rpcsec_gss connection.
-- Sam Hartman <email address hidden> Thu, 4 Jan 2007 16:07:02 -0500
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGQGx5H/
8m3HPUpRHpPqwio
=Odcq
-----END PGP SIGNATURE-----
[Updating] krb5 (1.4.4-5ubuntu3 [Ubuntu] < 1.6.dfsg.1-3 [Debian]) 6.dfsg. 1.orig. tar.gz: downloading from http:// ftp.debian. org/debian/> 6.dfsg. 1-3.diff. gz: downloading from http:// ftp.debian. org/debian/> 6.dfsg. 1-3.dsc: downloading from http:// ftp.debian. org/debian/> 1.4.4-5ubuntu3 [universe]. 1.4.4-5ubuntu3 [universe]. dev_1.4. 4-5ubuntu3 [main]. 1.4.4-5ubuntu3 [universe]. 1.4.4-5ubuntu3 [main]. 1.4.4-5ubuntu3 [universe]. dbg_1.4. 4-5ubuntu3 [main]. 1.4.4-5ubuntu3 [main]. 1.4.4-5ubuntu3 [main]. 1.4.4-5ubuntu3 [universe]. server_ 1.4.4-5ubuntu3 [universe]. server_ 1.4.4-5ubuntu3 [universe].
* Trying to add krb5...
- <krb5_1.
- <krb5_1.
- <krb5_1.
I: krb5 [main] -> krb5-telnetd_
I: krb5 [main] -> krb5-clients_
I: krb5 [main] -> libkrb5-
I: krb5 [main] -> krb5-ftpd_
I: krb5 [main] -> krb5-doc_
I: krb5 [main] -> krb5-user_
I: krb5 [main] -> libkrb5-
I: krb5 [main] -> libkadm55_
I: krb5 [main] -> libkrb53_
I: krb5 [main] -> krb5-kdc_
I: krb5 [main] -> krb5-rsh-
I: krb5 [main] -> krb5-admin-