Merge krb5 from Debian unstable for oracular

Scheduled-For: Backlog
Upstream: tbd
Debian: 1.20.1-6
Ubuntu: 1.20.1-6ubuntu2

There is nothing yet to merge for krb5 currently, but this ticket is filed prospectfully for tracking purposes in case a merge does become available later this cycle.

If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.

If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38

### New Debian Changes ###

krb5 (1.20.1-6) unstable; urgency=medium

  * Fix up libverto1*->libverto1*t64, Closes: #1065702

 -- Sam Hartman <email address hidden> Sun, 10 Mar 2024 19:36:33 -0600

krb5 (1.20.1-5.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Rename libraries for 64-bit time_t transition. Closes: #1064164

 -- Lukas Märdian <email address hidden> Wed, 28 Feb 2024 15:25:37 +0000

krb5 (1.20.1-5) unstable; urgency=medium

  [ Helmut Grohne ]
  * Annotate test dependencies <!nocheck>. (Closes: #1054461)

  [ Sam Hartman ]
  * Fix keyutils to be linux-any

 -- Helmut Grohne <email address hidden> Tue, 24 Oct 2023 07:17:27 +0200

krb5 (1.20.1-4) unstable; urgency=low

  [ Steve Langasek ]
  * libkrb5support0: require strict binary dependency to deal with glibc 2.38, Closes: #1043184

  [Jelmer Vernooij]
  * krb5-user: Use alternatives for kinit, klist, kswitch, ksu, kpasswd,
    kdestroy, kadmin and ktutil. This allows installation
    together with heimdal-clients. Closes: #213316, #751203

  [ Sam Hartman ]
  * Enable build-time tests, Thanks Andreas Hasenack, Closes: #1017763
  * Work around doxygen change that breaks doc build, Thanks Greg
    Hudson, Closes: #1051523

 -- Sam Hartman <email address hidden> Mon, 11 Sep 2023 11:06:57 -0600

krb5 (1.20.1-3) unstable; urgency=high

  * Fixes CVE-2023-36054: a remote authenticated attacker can cause
    kadmind to free an uninitialized pointer. Upstream believes remote
    code execusion is unlikely, Closes: #1043431

 -- Sam Hartman <email address hidden> Mon, 14 Aug 2023 14:06:53 -0600

krb5 (1.20.1-2) unstable; urgency=medium

  * Tighten dependencies on libkrb5support0. This means that the entire
    upgrade from bullseye to bookworm needs to be lockstep, but it appears
    that's what is required, Closes: #1036055

 -- Sam Hartman <email address hidden> Mon, 15 May 2023 17:44:41 -0600

krb5 (1.20.1-1) unstable; urgency=high

  [ Bastian Germann ]
  * Sync debian/copyright with NOTICE from upstream

  [ Debian Janitor ]
  * Trim trailing whitespace.
  * Strip unusual field spacing from debian/control.
  * Use secure URI in Homepage field.
  * Merge upstream signing key files.
  * Update renamed lintian tag names in lintian overrides.
  * Update standards version to 4.6.1, no changes needed.
  * Remove field Section on binary package krb5-gss-samples that
    duplicates source.
  * Fix field name cases in debian/control (VCS-Browser => Vcs-Browser,
    VCS-Git => Vcs-Git).

  [ Sam Hartman ]
  * New upstream release
    - Integer overflows in PAC parsing; potentially critical for 32-bit
    KDCs or when cross-realm acts maliciously; DOS in other conditions;
    CVE-2022-42898, Closes: #1024267
  * Tighten version dependencies around crypto library, Closes: 1020424
  * krb5-user reccomends rather than Depends on krb5-config. This avoids
    a hard dependency on bind9-host, but also supports cases where
    krb5-config is externally managed, Closes: #1005821

 -- Sam Hartman <email address hidden> Thu, 17 Nov 2022 10:34:28 -0700

krb5 (1.20-1) unstable; urgency=medium

  * New Upstream Version
  * Do not specify master key type to avoid weak crypto, Closes: #1009927

 -- Sam Hartman <email address hidden> Fri, 22 Jul 2022 16:32:38 -0600

krb5 (1.20~beta1-1) experimental; urgency=medium

  * New Upstream version

 -- Sam Hartman <email address hidden> Thu, 07 Apr 2022 11:57:27 -0600

krb5 (1.19.2-2) unstable; urgency=medium

### Old Ubuntu Delta ###

krb5 (1.20.1-6ubuntu2) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 07:42:10 +0000

krb5 (1.20.1-6ubuntu1) noble; urgency=medium

  * Fix tests with Python 3.12.

 -- Matthias Klose <email address hidden> Sun, 24 Mar 2024 12:51:41 +0100