Merge heimdal from Debian unstable for mantic
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
heimdal (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Upstream: tbd
Debian: 7.8.git20221117
Ubuntu: 7.8.git20221117
Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle.
If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.
### New Debian Changes ###
heimdal (7.8.git2022111
* Fix incorrect license of Debian files.
* Fix deprecated dependancies.
* gsskrb5: fix accidental logic inversions (CVE-2022-45142)
(Closes: #1030849) - change applied from NMU version
7.8.
* Add ro.po file. Closes: #1031897.
-- Brian May <email address hidden> Sat, 25 Feb 2023 09:32:57 +1100
heimdal (7.8.git2022111
* New upstream release.
-- Brian May <email address hidden> Sat, 10 Dec 2022 16:29:20 +1100
heimdal (7.8.git2022111
* Source-only upload to enable migration to testingi (2nd attempt).
-- Brian May <email address hidden> Sun, 04 Dec 2022 09:56:06 +1100
heimdal (7.8.git2022111
* Source-only upload to enable migration to testing.
-- Brian May <email address hidden> Sun, 04 Dec 2022 09:09:44 +1100
heimdal (7.8.git2022111
* New upstream version.
* Numerous security fixes (Closes: #1024187).
* asn1: Invalid free in ASN.1 codec (CVE-2022-44640)
* krb5: PAC parse integer overflows (CVE-2022-42898)
* gsskrb5: Use constant-time memcmp() for arcfour unwrap (CVE-2022-3437)
* gsskrb5: Use constant-time memcmp() in unwrap_des3() (CVE-2022-3437)
* gsskrb5: Don't pass NULL pointers to memcpy() in DES unwrap
(CVE-2022-3437)
* gsskrb5: Avoid undefined behaviour in _gssapi_
(CVE-2022-3437)
* gsskrb5: Check the result of _gsskrb5_get_mech() (CVE-2022-3437)
* gsskrb5: Check buffer length against overflow for DES{,3} unwrap
(CVE-2022-3437)
* gsskrb5: Check for overflow in _gsskrb5_get_mech() (CVE-2022-3437)
* gsskrb5: Pass correct length to _gssapi_
* libhx509: Fix denial of service vulnerability (CVE-2022-41916)
* spnego: send_reject when no mech selected (CVE-2021-44758)
* Fix regression in _krb5_get_int64 on 32 bit systems.
https:/
* Increment soname for libroken.
* Increment soname for libhcrypto.
* Remove legacy shared library version requirements.
* Add symbols to libkadm5srv8.
-- Brian May <email address hidden> Sun, 27 Nov 2022 10:44:26 +1100
heimdal (7.7.0+dfsg-6) unstable; urgency=medium
* Retry deleting dangling windc.so again. Closes: #857215.
* Create /var/lib/
Closes: #964008.
* Disable use of -rpath in krb5-config.
-- Brian May <email address hidden> Mon, 05 Sep 2022 08:35:33 +1000
heimdal (7.7.0+dfsg-5) unstable; urgency=medium
* Fix missing closefrom symbol. Closes: #1016884, #1017244.
* Fix spelling of dependency in changelog.
* Fix override_
* Remove default --parallel from dh call.
* Remove unused debian/
* Fix Multi-Arch headers. heimdal-multidev is not co-installable, so
heimdal-dev cannot be co-installable either.
-- Brian May <email address hidden> Fri, 02 Sep 2022 07:59:59 +1000
heimdal (7.7.0+dfsg-4) unstable; urgency=medium
* Delete dependency on install-info. Closes: #1013735.
* Non-maintainer upload.
* Reduce Build-Depends: (Closes: #980531)
+ Drop unused libhesiod-dev.
+ Drop unused libperl4-
it.
+ Drop unused libx11-dev, libxau-dev, libxt-dev, ss-dev, and
x11proto-
+ Clean generated C tables to actually rebuild them using python3.
-- Brian May <email address hidden> Mon, 27 Jun 2022 10:36:10 +1000
heimdal (7.7.0+dfsg-3) unstable; urgency=high
* Fix CVE-2021-3671: A null pointer de-reference was found in the way
samba kerberos server handled missing sname in TGS-REQ. Closes: #996586.
* Fix autoconf 2.7 issues.
-- Brian May <email address hidden> Wed, 17 Nov 2021 12:12:45 +1100
### Old Ubuntu Delta ###
heimdal (7.8.git2022111
* Merge from Debian unstable. Remaining changes:
- d/rules: Disable lto, to regain dep on roken, otherwise
dependencies on amd64 are different than i386 resulting in
different files on amd64 and i386.
(LP #1934936)
-- Steve Langasek <email address hidden> Tue, 24 Jan 2023 19:14:54 -0800
Changed in heimdal (Ubuntu): | |
milestone: | none → ubuntu-23.07 |
Changed in heimdal (Ubuntu): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
7.8.git20221117 .28daf24+ dfsg-3 was already merged, nothing new for now.