* SECURITY UPDATE: KDC heap corruption and crash vulnerabilities
- debian/patches/MITKRB5-SA-2012-001.patch: initialize pointers both
at allocation and assignment time
- CVE-2012-1015, CVE-2012-1014
* SECURITY UPDATE: denial of service in kadmind (LP: #1009422)
- debian/patches/krb5-CVE-2012-1013.patch: check for null password
- CVE-2012-1013
* SECURITY UPDATE: insufficient ACL checking on get_strings/set_string
- debian/patches/krb5-CVE-2012-1012.patch: make the access
controls for get_strings/set_string mirror those of
get_principal/modify_principal
- CVE-2012-1012
-- Steve Beattie <email address hidden> Thu, 26 Jul 2012 14:29:35 -0700
This bug was fixed in the package krb5 - 1.10+dfsg~ beta1-2ubuntu0. 3
--------------- beta1-2ubuntu0. 3) precise-security; urgency=low
krb5 (1.10+dfsg~
* SECURITY UPDATE: KDC heap corruption and crash vulnerabilities patches/ MITKRB5- SA-2012- 001.patch: initialize pointers both patches/ krb5-CVE- 2012-1013. patch: check for null password set_string patches/ krb5-CVE- 2012-1012. patch: make the access set_string mirror those of principal/ modify_ principal
- debian/
at allocation and assignment time
- CVE-2012-1015, CVE-2012-1014
* SECURITY UPDATE: denial of service in kadmind (LP: #1009422)
- debian/
- CVE-2012-1013
* SECURITY UPDATE: insufficient ACL checking on get_strings/
- debian/
controls for get_strings/
get_
- CVE-2012-1012
-- Steve Beattie <email address hidden> Thu, 26 Jul 2012 14:29:35 -0700