Comment 26 for bug 571572

Revision history for this message
Nathan Rosenblum (nater-n) wrote :

[Replying from a duplicating issue:]

This affects any system using MIT's Kerberos in the 1.10 series prior to 1.10.2-final. To the best of my knowledge, no 1.11 series releases were affected by this issue, and 1.9 remains affected. The upstream patch [1] applies cleanly against the Ubuntu 12.04 krb5-1.10+dfsg~beta1 source package, with which I've successfully built and deployed my own packages.

I believe that all Ubuntu versions from Precise through Saucy are affected, though maybe some of the later variants (I have only looked into Precise) have a glibc that fixes the underlying issue. There is no harm in applying both the workaround here and the glibc fix.

[1] https://github.com/krb5/krb5/commit/57738b357e8b03bcb7af2f147c97cb84d0ce96e2