View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/krb5
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
importer/ubuntu/dsc 2019-07-18 11:48:30 UTC 2019-07-18
DSC file for 1.17-5

Author: Ubuntu Git Importer
Author Date: 2019-07-18 11:48:30 UTC

DSC file for 1.17-5

importer/debian/dsc 2019-07-18 10:47:06 UTC 2019-07-18
DSC file for 1.17-5

Author: Ubuntu Git Importer
Author Date: 2019-07-18 10:47:06 UTC

DSC file for 1.17-5

ubuntu/devel 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-unapplied version 1.17-5 to debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-unapplied version 1.17-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6a7c9951f052d9b79e6fa595fb5505c8a6dab434

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

debian/sid 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-unapplied version 1.17-5 to debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-unapplied version 1.17-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6a7c9951f052d9b79e6fa595fb5505c8a6dab434

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

ubuntu/eoan-devel 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-unapplied version 1.17-5 to debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-unapplied version 1.17-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6a7c9951f052d9b79e6fa595fb5505c8a6dab434

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

ubuntu/eoan 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-unapplied version 1.17-5 to debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-unapplied version 1.17-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6a7c9951f052d9b79e6fa595fb5505c8a6dab434

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

applied/ubuntu/devel 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-applied version 1.17-5 to applied/debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-applied version 1.17-5 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 733352f63f533ac0d2ebff0a875f54b3766bb6ef
Unapplied parent: 712403b5a9c7e59b1e51bfd7e5ce9badaa286f50

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

ubuntu/eoan-proposed 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-unapplied version 1.17-5 to debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-unapplied version 1.17-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6a7c9951f052d9b79e6fa595fb5505c8a6dab434

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

applied/debian/sid 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-applied version 1.17-5 to applied/debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-applied version 1.17-5 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 733352f63f533ac0d2ebff0a875f54b3766bb6ef
Unapplied parent: 712403b5a9c7e59b1e51bfd7e5ce9badaa286f50

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

applied/ubuntu/eoan-devel 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-applied version 1.17-5 to applied/debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-applied version 1.17-5 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 733352f63f533ac0d2ebff0a875f54b3766bb6ef
Unapplied parent: 712403b5a9c7e59b1e51bfd7e5ce9badaa286f50

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

applied/ubuntu/eoan 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-applied version 1.17-5 to applied/debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-applied version 1.17-5 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 733352f63f533ac0d2ebff0a875f54b3766bb6ef
Unapplied parent: 712403b5a9c7e59b1e51bfd7e5ce9badaa286f50

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

applied/ubuntu/eoan-proposed 2019-07-18 10:35:57 UTC 2019-07-18
Import patches-applied version 1.17-5 to applied/debian/sid

Author: Sam Hartman
Author Date: 2019-07-17 13:20:27 UTC

Import patches-applied version 1.17-5 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 733352f63f533ac0d2ebff0a875f54b3766bb6ef
Unapplied parent: 712403b5a9c7e59b1e51bfd7e5ce9badaa286f50

New changelog entries:
  * Upstream patch to filter invalid enctypes when nfs calls to indicate
    which enctypes it supports, Closes: #932000
  * Do not error out if a keytab includes a single-des enctype, Closes:
    #932132

applied/debian/buster 2019-06-18 16:31:37 UTC 2019-06-18
Import patches-applied version 1.17-3 to applied/debian/sid

Author: Sam Hartman
Author Date: 2019-06-18 12:00:29 UTC

Import patches-applied version 1.17-3 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 30e8445c6fdb0777b4659a17f261cb3af92df874
Unapplied parent: 7f09cf4a4a00969acedc801e33f26daa313a280b

New changelog entries:
  * Fix memory leak in replay cache type none
  * Merge in two upstream documentation changes

debian/buster 2019-06-18 16:31:37 UTC 2019-06-18
Import patches-unapplied version 1.17-3 to debian/sid

Author: Sam Hartman
Author Date: 2019-06-18 12:00:29 UTC

Import patches-unapplied version 1.17-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: d1fa5bbfc87e98c8d2f4c2d367cfbb721e8ec98c

New changelog entries:
  * Fix memory leak in replay cache type none
  * Merge in two upstream documentation changes

applied/ubuntu/bionic-security 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-applied version 1.16-2ubuntu0.1 to applied/ubuntu/bionic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:48:01 UTC

Import patches-applied version 1.16-2ubuntu0.1 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 45e6b99014cee93f4d040d29658cfedeaa0a8348
Unapplied parent: 0ec8af02950cadc8b3bdd8d392ca605d097c2df0

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/xenial-devel 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-applied version 1.13.2+dfsg-5ubuntu2.1 to applied/ubuntu/xenia...

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:46:00 UTC

Import patches-applied version 1.13.2+dfsg-5ubuntu2.1 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9a5dbece3beb6f4875142e42ca3ae1d35a70185f
Unapplied parent: 420092c36aef6a484bc8622088f817d04624522b

New changelog entries:
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/cosmic-updates 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-unapplied version 1.16-2ubuntu1.1 to ubuntu/cosmic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:49:38 UTC

Import patches-unapplied version 1.16-2ubuntu1.1 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 9a687314eb958bad4555652503eaafb3d64d9e4c

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/bionic-devel 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-applied version 1.16-2ubuntu0.1 to applied/ubuntu/bionic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:48:01 UTC

Import patches-applied version 1.16-2ubuntu0.1 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 45e6b99014cee93f4d040d29658cfedeaa0a8348
Unapplied parent: 0ec8af02950cadc8b3bdd8d392ca605d097c2df0

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/bionic-security 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-unapplied version 1.16-2ubuntu0.1 to ubuntu/bionic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:48:01 UTC

Import patches-unapplied version 1.16-2ubuntu0.1 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: c221d89f3ca6e47f972ac69b1651bd7de6dd234b

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/cosmic-devel 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-applied version 1.16-2ubuntu1.1 to applied/ubuntu/cosmic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:49:38 UTC

Import patches-applied version 1.16-2ubuntu1.1 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 2f0c23c27c570e6013af097c086659cfd088ac61
Unapplied parent: 125f1145d021a15181fa647f0f87fa28f3e23fbf

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/xenial-updates 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-unapplied version 1.13.2+dfsg-5ubuntu2.1 to ubuntu/xenial-secu...

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:46:00 UTC

Import patches-unapplied version 1.13.2+dfsg-5ubuntu2.1 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 35d44280dcb40618dc55aa02e30029bd57d3d8c9

New changelog entries:
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/cosmic-devel 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-unapplied version 1.16-2ubuntu1.1 to ubuntu/cosmic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:49:38 UTC

Import patches-unapplied version 1.16-2ubuntu1.1 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 9a687314eb958bad4555652503eaafb3d64d9e4c

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/bionic-devel 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-unapplied version 1.16-2ubuntu0.1 to ubuntu/bionic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:48:01 UTC

Import patches-unapplied version 1.16-2ubuntu0.1 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: c221d89f3ca6e47f972ac69b1651bd7de6dd234b

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/cosmic-security 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-applied version 1.16-2ubuntu1.1 to applied/ubuntu/cosmic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:49:38 UTC

Import patches-applied version 1.16-2ubuntu1.1 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 2f0c23c27c570e6013af097c086659cfd088ac61
Unapplied parent: 125f1145d021a15181fa647f0f87fa28f3e23fbf

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/xenial-security 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-applied version 1.13.2+dfsg-5ubuntu2.1 to applied/ubuntu/xenia...

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:46:00 UTC

Import patches-applied version 1.13.2+dfsg-5ubuntu2.1 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9a5dbece3beb6f4875142e42ca3ae1d35a70185f
Unapplied parent: 420092c36aef6a484bc8622088f817d04624522b

New changelog entries:
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/bionic-updates 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-applied version 1.16-2ubuntu0.1 to applied/ubuntu/bionic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:48:01 UTC

Import patches-applied version 1.16-2ubuntu0.1 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 45e6b99014cee93f4d040d29658cfedeaa0a8348
Unapplied parent: 0ec8af02950cadc8b3bdd8d392ca605d097c2df0

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/xenial-devel 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-unapplied version 1.13.2+dfsg-5ubuntu2.1 to ubuntu/xenial-secu...

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:46:00 UTC

Import patches-unapplied version 1.13.2+dfsg-5ubuntu2.1 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 35d44280dcb40618dc55aa02e30029bd57d3d8c9

New changelog entries:
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/xenial-updates 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-applied version 1.13.2+dfsg-5ubuntu2.1 to applied/ubuntu/xenia...

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:46:00 UTC

Import patches-applied version 1.13.2+dfsg-5ubuntu2.1 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9a5dbece3beb6f4875142e42ca3ae1d35a70185f
Unapplied parent: 420092c36aef6a484bc8622088f817d04624522b

New changelog entries:
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/cosmic-updates 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-applied version 1.16-2ubuntu1.1 to applied/ubuntu/cosmic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:49:38 UTC

Import patches-applied version 1.16-2ubuntu1.1 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 2f0c23c27c570e6013af097c086659cfd088ac61
Unapplied parent: 125f1145d021a15181fa647f0f87fa28f3e23fbf

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/bionic-updates 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-unapplied version 1.16-2ubuntu0.1 to ubuntu/bionic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:48:01 UTC

Import patches-unapplied version 1.16-2ubuntu0.1 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: c221d89f3ca6e47f972ac69b1651bd7de6dd234b

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/xenial-security 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-unapplied version 1.13.2+dfsg-5ubuntu2.1 to ubuntu/xenial-secu...

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:46:00 UTC

Import patches-unapplied version 1.13.2+dfsg-5ubuntu2.1 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 35d44280dcb40618dc55aa02e30029bd57d3d8c9

New changelog entries:
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/cosmic-security 2019-01-14 21:03:22 UTC 2019-01-14
Import patches-unapplied version 1.16-2ubuntu1.1 to ubuntu/cosmic-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-11 15:49:38 UTC

Import patches-unapplied version 1.16-2ubuntu1.1 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 9a687314eb958bad4555652503eaafb3d64d9e4c

New changelog entries:
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/disco-devel 2019-01-14 04:33:34 UTC 2019-01-14
Import patches-applied version 1.17-1 to applied/debian/sid

Author: Sam Hartman
Author Date: 2019-01-13 20:59:40 UTC

Import patches-applied version 1.17-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 5e4171f30f9536f7a4ac2dd27c05acd9ecf4c4fe
Unapplied parent: 4be5e70f6e326a0e62288cb4f8e34f67dbf5d18a

New changelog entries:
  * New Upstream release
  * Don't include all memory ccaches in ccache collection, avoids invalid
    mutex, Closes: #918088
  * The default path for the KDC database even without a config file is
    /var/lib/krb5kdc/principal, Closes: #777579

applied/ubuntu/disco 2019-01-14 04:33:34 UTC 2019-01-14
Import patches-applied version 1.17-1 to applied/debian/sid

Author: Sam Hartman
Author Date: 2019-01-13 20:59:40 UTC

Import patches-applied version 1.17-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 5e4171f30f9536f7a4ac2dd27c05acd9ecf4c4fe
Unapplied parent: 4be5e70f6e326a0e62288cb4f8e34f67dbf5d18a

New changelog entries:
  * New Upstream release
  * Don't include all memory ccaches in ccache collection, avoids invalid
    mutex, Closes: #918088
  * The default path for the KDC database even without a config file is
    /var/lib/krb5kdc/principal, Closes: #777579

ubuntu/disco 2019-01-14 04:33:34 UTC 2019-01-14
Import patches-unapplied version 1.17-1 to debian/sid

Author: Sam Hartman
Author Date: 2019-01-13 20:59:40 UTC

Import patches-unapplied version 1.17-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 06f03caaeba54d863e21c3a8b9e8b6fe00d5ceac

New changelog entries:
  * New Upstream release
  * Don't include all memory ccaches in ccache collection, avoids invalid
    mutex, Closes: #918088
  * The default path for the KDC database even without a config file is
    /var/lib/krb5kdc/principal, Closes: #777579

ubuntu/disco-devel 2019-01-14 04:33:34 UTC 2019-01-14
Import patches-unapplied version 1.17-1 to debian/sid

Author: Sam Hartman
Author Date: 2019-01-13 20:59:40 UTC

Import patches-unapplied version 1.17-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 06f03caaeba54d863e21c3a8b9e8b6fe00d5ceac

New changelog entries:
  * New Upstream release
  * Don't include all memory ccaches in ccache collection, avoids invalid
    mutex, Closes: #918088
  * The default path for the KDC database even without a config file is
    /var/lib/krb5kdc/principal, Closes: #777579

ubuntu/disco-proposed 2019-01-14 04:33:34 UTC 2019-01-14
Import patches-unapplied version 1.17-1 to debian/sid

Author: Sam Hartman
Author Date: 2019-01-13 20:59:40 UTC

Import patches-unapplied version 1.17-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 06f03caaeba54d863e21c3a8b9e8b6fe00d5ceac

New changelog entries:
  * New Upstream release
  * Don't include all memory ccaches in ccache collection, avoids invalid
    mutex, Closes: #918088
  * The default path for the KDC database even without a config file is
    /var/lib/krb5kdc/principal, Closes: #777579

applied/ubuntu/disco-proposed 2019-01-14 04:33:34 UTC 2019-01-14
Import patches-applied version 1.17-1 to applied/debian/sid

Author: Sam Hartman
Author Date: 2019-01-13 20:59:40 UTC

Import patches-applied version 1.17-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 5e4171f30f9536f7a4ac2dd27c05acd9ecf4c4fe
Unapplied parent: 4be5e70f6e326a0e62288cb4f8e34f67dbf5d18a

New changelog entries:
  * New Upstream release
  * Don't include all memory ccaches in ccache collection, avoids invalid
    mutex, Closes: #918088
  * The default path for the KDC database even without a config file is
    /var/lib/krb5kdc/principal, Closes: #777579

applied/ubuntu/trusty-security 2019-01-10 19:18:16 UTC 2019-01-10
Import patches-applied version 1.12+dfsg-2ubuntu5.4 to applied/ubuntu/trusty-...

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-09 16:01:22 UTC

Import patches-applied version 1.12+dfsg-2ubuntu5.4 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2d1ec9e348e6bc42973922596a61a6bf9668ee45
Unapplied parent: 2d0de0e679cccea15d2af50a4d17995e2ef2fee4

New changelog entries:
  * SECURITY UPDATE: DoS (out-of-bounds read) via a crafted string
    - debian/patches/CVE-2015-8629.patch: Verify decode kadmin C strings
    - CVE-2015-8629
  * SECURITY UPDATE: DoS (NULL pointer dereference) by specifying KADM5_POLICY
    with a NULL policy name
    - debian/patches/CVE-2015-8630.patch: Check for null kadm5 policy name
    - CVE-2015-8630
  * SECURITY UPDATE: DoS (memory consumption) via a request specifying a NULL
    principal name
    - debian/patches/CVE-2015-8631.patch: Fix leaks in kadmin server stubs
    - CVE-2015-8631
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/trusty-updates 2019-01-10 19:18:16 UTC 2019-01-10
Import patches-applied version 1.12+dfsg-2ubuntu5.4 to applied/ubuntu/trusty-...

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-09 16:01:22 UTC

Import patches-applied version 1.12+dfsg-2ubuntu5.4 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2d1ec9e348e6bc42973922596a61a6bf9668ee45
Unapplied parent: 2d0de0e679cccea15d2af50a4d17995e2ef2fee4

New changelog entries:
  * SECURITY UPDATE: DoS (out-of-bounds read) via a crafted string
    - debian/patches/CVE-2015-8629.patch: Verify decode kadmin C strings
    - CVE-2015-8629
  * SECURITY UPDATE: DoS (NULL pointer dereference) by specifying KADM5_POLICY
    with a NULL policy name
    - debian/patches/CVE-2015-8630.patch: Check for null kadm5 policy name
    - CVE-2015-8630
  * SECURITY UPDATE: DoS (memory consumption) via a request specifying a NULL
    principal name
    - debian/patches/CVE-2015-8631.patch: Fix leaks in kadmin server stubs
    - CVE-2015-8631
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/trusty-devel 2019-01-10 19:18:16 UTC 2019-01-10
Import patches-applied version 1.12+dfsg-2ubuntu5.4 to applied/ubuntu/trusty-...

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-09 16:01:22 UTC

Import patches-applied version 1.12+dfsg-2ubuntu5.4 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2d1ec9e348e6bc42973922596a61a6bf9668ee45
Unapplied parent: 2d0de0e679cccea15d2af50a4d17995e2ef2fee4

New changelog entries:
  * SECURITY UPDATE: DoS (out-of-bounds read) via a crafted string
    - debian/patches/CVE-2015-8629.patch: Verify decode kadmin C strings
    - CVE-2015-8629
  * SECURITY UPDATE: DoS (NULL pointer dereference) by specifying KADM5_POLICY
    with a NULL policy name
    - debian/patches/CVE-2015-8630.patch: Check for null kadm5 policy name
    - CVE-2015-8630
  * SECURITY UPDATE: DoS (memory consumption) via a request specifying a NULL
    principal name
    - debian/patches/CVE-2015-8631.patch: Fix leaks in kadmin server stubs
    - CVE-2015-8631
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/trusty-devel 2019-01-10 19:18:16 UTC 2019-01-10
Import patches-unapplied version 1.12+dfsg-2ubuntu5.4 to ubuntu/trusty-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-09 16:01:22 UTC

Import patches-unapplied version 1.12+dfsg-2ubuntu5.4 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 68da9fe2c775915deb3946585836ba1caab0fe9c

New changelog entries:
  * SECURITY UPDATE: DoS (out-of-bounds read) via a crafted string
    - debian/patches/CVE-2015-8629.patch: Verify decode kadmin C strings
    - CVE-2015-8629
  * SECURITY UPDATE: DoS (NULL pointer dereference) by specifying KADM5_POLICY
    with a NULL policy name
    - debian/patches/CVE-2015-8630.patch: Check for null kadm5 policy name
    - CVE-2015-8630
  * SECURITY UPDATE: DoS (memory consumption) via a request specifying a NULL
    principal name
    - debian/patches/CVE-2015-8631.patch: Fix leaks in kadmin server stubs
    - CVE-2015-8631
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/trusty-security 2019-01-10 19:18:16 UTC 2019-01-10
Import patches-unapplied version 1.12+dfsg-2ubuntu5.4 to ubuntu/trusty-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-09 16:01:22 UTC

Import patches-unapplied version 1.12+dfsg-2ubuntu5.4 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 68da9fe2c775915deb3946585836ba1caab0fe9c

New changelog entries:
  * SECURITY UPDATE: DoS (out-of-bounds read) via a crafted string
    - debian/patches/CVE-2015-8629.patch: Verify decode kadmin C strings
    - CVE-2015-8629
  * SECURITY UPDATE: DoS (NULL pointer dereference) by specifying KADM5_POLICY
    with a NULL policy name
    - debian/patches/CVE-2015-8630.patch: Check for null kadm5 policy name
    - CVE-2015-8630
  * SECURITY UPDATE: DoS (memory consumption) via a request specifying a NULL
    principal name
    - debian/patches/CVE-2015-8631.patch: Fix leaks in kadmin server stubs
    - CVE-2015-8631
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

ubuntu/trusty-updates 2019-01-10 19:18:16 UTC 2019-01-10
Import patches-unapplied version 1.12+dfsg-2ubuntu5.4 to ubuntu/trusty-security

Author: Eduardo dos Santos Barretto
Author Date: 2019-01-09 16:01:22 UTC

Import patches-unapplied version 1.12+dfsg-2ubuntu5.4 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 68da9fe2c775915deb3946585836ba1caab0fe9c

New changelog entries:
  * SECURITY UPDATE: DoS (out-of-bounds read) via a crafted string
    - debian/patches/CVE-2015-8629.patch: Verify decode kadmin C strings
    - CVE-2015-8629
  * SECURITY UPDATE: DoS (NULL pointer dereference) by specifying KADM5_POLICY
    with a NULL policy name
    - debian/patches/CVE-2015-8630.patch: Check for null kadm5 policy name
    - CVE-2015-8630
  * SECURITY UPDATE: DoS (memory consumption) via a request specifying a NULL
    principal name
    - debian/patches/CVE-2015-8631.patch: Fix leaks in kadmin server stubs
    - CVE-2015-8631
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

applied/ubuntu/cosmic-proposed 2018-08-20 12:43:20 UTC 2018-08-20
Import patches-applied version 1.16-2ubuntu1 to applied/ubuntu/cosmic-proposed

Author: Andreas Hasenack
Author Date: 2018-07-06 18:39:44 UTC

Import patches-applied version 1.16-2ubuntu1 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 45e6b99014cee93f4d040d29658cfedeaa0a8348
Unapplied parent: ba69a03e2540d8f44673afd7d18bd40456db6c1a

New changelog entries:
  * Add DEP8 tests (LP: #1677881):
    - d/t/util: common functions used in the tests
    - d/t/control, d/t/kinit: simple kinit test
    - d/t/control, d/t/slapd-gssapi: DEP8 test for service principals

applied/ubuntu/cosmic 2018-08-20 12:43:20 UTC 2018-08-20
Import patches-applied version 1.16-2ubuntu1 to applied/ubuntu/cosmic-proposed

Author: Andreas Hasenack
Author Date: 2018-07-06 18:39:44 UTC

Import patches-applied version 1.16-2ubuntu1 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 45e6b99014cee93f4d040d29658cfedeaa0a8348
Unapplied parent: ba69a03e2540d8f44673afd7d18bd40456db6c1a

New changelog entries:
  * Add DEP8 tests (LP: #1677881):
    - d/t/util: common functions used in the tests
    - d/t/control, d/t/kinit: simple kinit test
    - d/t/control, d/t/slapd-gssapi: DEP8 test for service principals

ubuntu/cosmic 2018-08-20 12:43:20 UTC 2018-08-20
Import patches-unapplied version 1.16-2ubuntu1 to ubuntu/cosmic-proposed

Author: Andreas Hasenack
Author Date: 2018-07-06 18:39:44 UTC

Import patches-unapplied version 1.16-2ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Upload parent: 171213f69220df0e4d55dd2f969747533bd62f01

ubuntu/cosmic-proposed 2018-08-20 12:43:20 UTC 2018-08-20
Import patches-unapplied version 1.16-2ubuntu1 to ubuntu/cosmic-proposed

Author: Andreas Hasenack
Author Date: 2018-07-06 18:39:44 UTC

Import patches-unapplied version 1.16-2ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Upload parent: 171213f69220df0e4d55dd2f969747533bd62f01

importer/ubuntu/pristine-tar 2018-03-09 10:48:46 UTC 2018-03-09
pristine-tar data for krb5_1.16.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-09 10:48:46 UTC

pristine-tar data for krb5_1.16.orig.tar.gz

importer/debian/pristine-tar 2018-03-09 08:25:40 UTC 2018-03-09
pristine-tar data for krb5_1.16.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-09 08:25:40 UTC

pristine-tar data for krb5_1.16.orig.tar.gz

applied/ubuntu/bionic-proposed 2018-02-05 18:04:13 UTC 2018-02-05
Import patches-applied version 1.16-2build1 to applied/ubuntu/bionic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-02-05 16:50:17 UTC

Import patches-applied version 1.16-2build1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: c48b4e05cb6b7e1ed60936f9dd88dbd3467a4ceb
Unapplied parent: 6eb36a654c71eab29fc05d72b61888786b8a125b

New changelog entries:
  * No change rebuild against openssl1.1.

applied/ubuntu/bionic 2018-02-05 18:04:13 UTC 2018-02-05
Import patches-applied version 1.16-2build1 to applied/ubuntu/bionic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-02-05 16:50:17 UTC

Import patches-applied version 1.16-2build1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: c48b4e05cb6b7e1ed60936f9dd88dbd3467a4ceb
Unapplied parent: 6eb36a654c71eab29fc05d72b61888786b8a125b

New changelog entries:
  * No change rebuild against openssl1.1.

ubuntu/bionic 2018-02-05 18:04:13 UTC 2018-02-05
Import patches-unapplied version 1.16-2build1 to ubuntu/bionic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-02-05 16:50:17 UTC

Import patches-unapplied version 1.16-2build1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 33c956050b3d5dbcb1d400107d0ed093f133b55a

New changelog entries:
  * No change rebuild against openssl1.1.

ubuntu/bionic-proposed 2018-02-05 18:04:13 UTC 2018-02-05
Import patches-unapplied version 1.16-2build1 to ubuntu/bionic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-02-05 16:50:17 UTC

Import patches-unapplied version 1.16-2build1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 33c956050b3d5dbcb1d400107d0ed093f133b55a

New changelog entries:
  * No change rebuild against openssl1.1.

debian/jessie 2017-12-09 17:44:39 UTC 2017-12-09
Import patches-unapplied version 1.12.1+dfsg-19+deb8u4 to debian/jessie

Author: Sam Hartman
Author Date: 2017-08-28 15:55:49 UTC

Import patches-unapplied version 1.12.1+dfsg-19+deb8u4 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: bcb004543217fbcfbf3cc588e367ca3c927b9c39

New changelog entries:
  * New version number; same code as deb8u3 but rebuilt to build arch all
    packages and because dgit doesn't deal well with reusing a version
    number when a package is rejected
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * fix for CVE-2016-3120 (kdc crash on restrict_anon_to_tgt), Closes:
    #832572
  * fix for CVE-2016-3119: remote DOS with ldap for authenticated
    attackers, Closes: #819468
  * Prevent requires_preauth bypass (CVE-2015-2694), Closes: #783557

applied/debian/jessie 2017-12-09 17:44:39 UTC 2017-12-09
Import patches-applied version 1.12.1+dfsg-19+deb8u4 to applied/debian/jessie

Author: Sam Hartman
Author Date: 2017-08-28 15:55:49 UTC

Import patches-applied version 1.12.1+dfsg-19+deb8u4 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: a6d31c65acbf59f839acc1dfcbed3bdaea37aa60
Unapplied parent: 190a50590756f4d2ff87dbd3c33fd2fa9ceab553

New changelog entries:
  * New version number; same code as deb8u3 but rebuilt to build arch all
    packages and because dgit doesn't deal well with reusing a version
    number when a package is rejected
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * fix for CVE-2016-3120 (kdc crash on restrict_anon_to_tgt), Closes:
    #832572
  * fix for CVE-2016-3119: remote DOS with ldap for authenticated
    attackers, Closes: #819468
  * Prevent requires_preauth bypass (CVE-2015-2694), Closes: #783557

applied/debian/stretch 2017-10-07 11:01:36 UTC 2017-10-07
Import patches-applied version 1.15-1+deb9u1 to applied/debian/stretch

Author: Sam Hartman
Author Date: 2017-08-09 16:19:50 UTC

Import patches-applied version 1.15-1+deb9u1 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: 48215746fcfa8194bbf92cd353f0d0f1c8cbf4d7
Unapplied parent: aa8c5bad003bc85780c4ebfcf30933e667d7cc69

New changelog entries:
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * Upstream patches to fix startup if getaddrinfo() returns a wildcard v6
    address, and to fix handling of explicitly specified v4 wildcard
    address; regression over previous versions, Closes: #860767
  * Fix SRV lookups to respect udp_preference_limit, regression over
    previous versions with OTP, Closes: #856307

debian/stretch 2017-10-07 11:01:36 UTC 2017-10-07
Import patches-unapplied version 1.15-1+deb9u1 to debian/stretch

Author: Sam Hartman
Author Date: 2017-08-09 16:19:50 UTC

Import patches-unapplied version 1.15-1+deb9u1 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: c1c9a02ffa08f00a8d7d4ed5b3ab0f597f5a9f0e

New changelog entries:
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * Upstream patches to fix startup if getaddrinfo() returns a wildcard v6
    address, and to fix handling of explicitly specified v4 wildcard
    address; regression over previous versions, Closes: #860767
  * Fix SRV lookups to respect udp_preference_limit, regression over
    previous versions with OTP, Closes: #856307

applied/ubuntu/artful-proposed 2017-07-23 22:34:47 UTC 2017-07-23
Import patches-applied version 1.15.1-2 to applied/debian/sid

Author: Sam Hartman
Author Date: 2017-07-23 18:16:38 UTC

Import patches-applied version 1.15.1-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: da3e933604d5ac7687b9e591c3e23aa4d839cc35
Unapplied parent: b29809b75b27d593127122dba55b2dcd221656be

New changelog entries:
  * Depend on libsasl2-dev for LDAP SASL authentication, Thanks Hideki
    Yamane, Closes: #868035
  * Remove /etc/gss/mech.d/README on libgssapi-krb5-2 purge, Closes: #868121
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * Set Restart=on-abnormal in krb5-kdc.service and krb5-admind.service to
    minimize the impact of future DOS bugs.

applied/ubuntu/artful-devel 2017-07-23 22:34:47 UTC 2017-07-23
Import patches-applied version 1.15.1-2 to applied/debian/sid

Author: Sam Hartman
Author Date: 2017-07-23 18:16:38 UTC

Import patches-applied version 1.15.1-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: da3e933604d5ac7687b9e591c3e23aa4d839cc35
Unapplied parent: b29809b75b27d593127122dba55b2dcd221656be

New changelog entries:
  * Depend on libsasl2-dev for LDAP SASL authentication, Thanks Hideki
    Yamane, Closes: #868035
  * Remove /etc/gss/mech.d/README on libgssapi-krb5-2 purge, Closes: #868121
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * Set Restart=on-abnormal in krb5-kdc.service and krb5-admind.service to
    minimize the impact of future DOS bugs.

ubuntu/artful 2017-07-23 22:34:47 UTC 2017-07-23
Import patches-unapplied version 1.15.1-2 to debian/sid

Author: Sam Hartman
Author Date: 2017-07-23 18:16:38 UTC

Import patches-unapplied version 1.15.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 12c20eb0781a66387370b767aa81188d2a6c9d32

New changelog entries:
  * Depend on libsasl2-dev for LDAP SASL authentication, Thanks Hideki
    Yamane, Closes: #868035
  * Remove /etc/gss/mech.d/README on libgssapi-krb5-2 purge, Closes: #868121
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * Set Restart=on-abnormal in krb5-kdc.service and krb5-admind.service to
    minimize the impact of future DOS bugs.

ubuntu/artful-proposed 2017-07-23 22:34:47 UTC 2017-07-23
Import patches-unapplied version 1.15.1-2 to debian/sid

Author: Sam Hartman
Author Date: 2017-07-23 18:16:38 UTC

Import patches-unapplied version 1.15.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 12c20eb0781a66387370b767aa81188d2a6c9d32

New changelog entries:
  * Depend on libsasl2-dev for LDAP SASL authentication, Thanks Hideki
    Yamane, Closes: #868035
  * Remove /etc/gss/mech.d/README on libgssapi-krb5-2 purge, Closes: #868121
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * Set Restart=on-abnormal in krb5-kdc.service and krb5-admind.service to
    minimize the impact of future DOS bugs.

applied/ubuntu/artful 2017-07-23 22:34:47 UTC 2017-07-23
Import patches-applied version 1.15.1-2 to applied/debian/sid

Author: Sam Hartman
Author Date: 2017-07-23 18:16:38 UTC

Import patches-applied version 1.15.1-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: da3e933604d5ac7687b9e591c3e23aa4d839cc35
Unapplied parent: b29809b75b27d593127122dba55b2dcd221656be

New changelog entries:
  * Depend on libsasl2-dev for LDAP SASL authentication, Thanks Hideki
    Yamane, Closes: #868035
  * Remove /etc/gss/mech.d/README on libgssapi-krb5-2 purge, Closes: #868121
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * Set Restart=on-abnormal in krb5-kdc.service and krb5-admind.service to
    minimize the impact of future DOS bugs.

ubuntu/artful-devel 2017-07-23 22:34:47 UTC 2017-07-23
Import patches-unapplied version 1.15.1-2 to debian/sid

Author: Sam Hartman
Author Date: 2017-07-23 18:16:38 UTC

Import patches-unapplied version 1.15.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 12c20eb0781a66387370b767aa81188d2a6c9d32

New changelog entries:
  * Depend on libsasl2-dev for LDAP SASL authentication, Thanks Hideki
    Yamane, Closes: #868035
  * Remove /etc/gss/mech.d/README on libgssapi-krb5-2 purge, Closes: #868121
  * CVE-2017-11368: Remote authenticated attackers can crash the KDC,
    Closes: #869260
  * Set Restart=on-abnormal in krb5-kdc.service and krb5-admind.service to
    minimize the impact of future DOS bugs.

applied/ubuntu/zesty-devel 2017-05-11 21:23:13 UTC 2017-05-11
Import patches-applied version 1.15-1ubuntu0.1 to applied/ubuntu/zesty-proposed

Author: Andreas Hasenack
Author Date: 2017-05-05 14:05:38 UTC

Import patches-applied version 1.15-1ubuntu0.1 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 48215746fcfa8194bbf92cd353f0d0f1c8cbf4d7
Unapplied parent: 66183de2c818147becc6a4c924680ec3949336ee

New changelog entries:
  * Pulled in Debian fixes from Sam Hartman for:
    - kinit fails for OTP user when using kdc discovery via DNS
      (LP: #1683237)
    - KDC/kadmind explicit wildcard listener addresses do not use pktinfo
      (LP: #1688121)
    - KDC/kadmind may fail to start on IPv4-only systems (LP: #1688310)

applied/ubuntu/zesty-proposed 2017-05-11 21:23:13 UTC 2017-05-11
Import patches-applied version 1.15-1ubuntu0.1 to applied/ubuntu/zesty-proposed

Author: Andreas Hasenack
Author Date: 2017-05-05 14:05:38 UTC

Import patches-applied version 1.15-1ubuntu0.1 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 48215746fcfa8194bbf92cd353f0d0f1c8cbf4d7
Unapplied parent: 66183de2c818147becc6a4c924680ec3949336ee

New changelog entries:
  * Pulled in Debian fixes from Sam Hartman for:
    - kinit fails for OTP user when using kdc discovery via DNS
      (LP: #1683237)
    - KDC/kadmind explicit wildcard listener addresses do not use pktinfo
      (LP: #1688121)
    - KDC/kadmind may fail to start on IPv4-only systems (LP: #1688310)

ubuntu/zesty-proposed 2017-05-11 21:23:13 UTC 2017-05-11
Import patches-unapplied version 1.15-1ubuntu0.1 to ubuntu/zesty-proposed

Author: Andreas Hasenack
Author Date: 2017-05-05 14:05:38 UTC

Import patches-unapplied version 1.15-1ubuntu0.1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c1c9a02ffa08f00a8d7d4ed5b3ab0f597f5a9f0e
Upload parent: 26d08c4e6727ce4496f932c6307bde8a006cebdd

New changelog entries:
  * Pulled in Debian fixes from Sam Hartman for:
    - kinit fails for OTP user when using kdc discovery via DNS
      (LP: #1683237)
    - KDC/kadmind explicit wildcard listener addresses do not use pktinfo
      (LP: #1688121)
    - KDC/kadmind may fail to start on IPv4-only systems (LP: #1688310)

ubuntu/zesty-devel 2017-05-11 21:23:13 UTC 2017-05-11
Import patches-unapplied version 1.15-1ubuntu0.1 to ubuntu/zesty-proposed

Author: Andreas Hasenack
Author Date: 2017-05-05 14:05:38 UTC

Import patches-unapplied version 1.15-1ubuntu0.1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c1c9a02ffa08f00a8d7d4ed5b3ab0f597f5a9f0e
Upload parent: 26d08c4e6727ce4496f932c6307bde8a006cebdd

New changelog entries:
  * Pulled in Debian fixes from Sam Hartman for:
    - kinit fails for OTP user when using kdc discovery via DNS
      (LP: #1683237)
    - KDC/kadmind explicit wildcard listener addresses do not use pktinfo
      (LP: #1688121)
    - KDC/kadmind may fail to start on IPv4-only systems (LP: #1688310)

ubuntu/zesty-updates 2017-05-11 21:23:13 UTC 2017-05-11
Import patches-unapplied version 1.15-1ubuntu0.1 to ubuntu/zesty-proposed

Author: Andreas Hasenack
Author Date: 2017-05-05 14:05:38 UTC

Import patches-unapplied version 1.15-1ubuntu0.1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c1c9a02ffa08f00a8d7d4ed5b3ab0f597f5a9f0e
Upload parent: 26d08c4e6727ce4496f932c6307bde8a006cebdd

New changelog entries:
  * Pulled in Debian fixes from Sam Hartman for:
    - kinit fails for OTP user when using kdc discovery via DNS
      (LP: #1683237)
    - KDC/kadmind explicit wildcard listener addresses do not use pktinfo
      (LP: #1688121)
    - KDC/kadmind may fail to start on IPv4-only systems (LP: #1688310)

applied/ubuntu/zesty-updates 2017-05-11 21:23:13 UTC 2017-05-11
Import patches-applied version 1.15-1ubuntu0.1 to applied/ubuntu/zesty-proposed

Author: Andreas Hasenack
Author Date: 2017-05-05 14:05:38 UTC

Import patches-applied version 1.15-1ubuntu0.1 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 48215746fcfa8194bbf92cd353f0d0f1c8cbf4d7
Unapplied parent: 66183de2c818147becc6a4c924680ec3949336ee

New changelog entries:
  * Pulled in Debian fixes from Sam Hartman for:
    - kinit fails for OTP user when using kdc discovery via DNS
      (LP: #1683237)
    - KDC/kadmind explicit wildcard listener addresses do not use pktinfo
      (LP: #1688121)
    - KDC/kadmind may fail to start on IPv4-only systems (LP: #1688310)

debian/experimental 2017-04-21 10:10:15 UTC 2017-04-21
Import patches-unapplied version 1.15-2 to debian/experimental

Author: Sam Hartman
Author Date: 2017-04-19 20:50:01 UTC

Import patches-unapplied version 1.15-2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: c1c9a02ffa08f00a8d7d4ed5b3ab0f597f5a9f0e

New changelog entries:
  * Upstream patches to fix startup if getaddrinfo() returns a wildcard v6
    address, and to fix handling of explicitly specified v4 wildcard
    address; regression over previous versions, Closes: #860767
  * Fix SRV lookups to respect udp_preference_limit, regression over
    previous versions with OTP, Closes: #856307

applied/debian/experimental 2017-04-21 10:10:15 UTC 2017-04-21
Import patches-applied version 1.15-2 to applied/debian/experimental

Author: Sam Hartman
Author Date: 2017-04-19 20:50:01 UTC

Import patches-applied version 1.15-2 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: 48215746fcfa8194bbf92cd353f0d0f1c8cbf4d7
Unapplied parent: 8a45b3994fa67264cfefa88b020a0ff33035509c

New changelog entries:
  * Upstream patches to fix startup if getaddrinfo() returns a wildcard v6
    address, and to fix handling of explicitly specified v4 wildcard
    address; regression over previous versions, Closes: #860767
  * Fix SRV lookups to respect udp_preference_limit, regression over
    previous versions with OTP, Closes: #856307

ubuntu/xenial-proposed 2017-01-23 16:33:24 UTC 2017-01-23
Import patches-unapplied version 1.13.2+dfsg-5ubuntu2 to ubuntu/xenial-proposed

Author: Eric Desrochers
Author Date: 2017-01-16 14:06:57 UTC

Import patches-unapplied version 1.13.2+dfsg-5ubuntu2 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: e3fcbf1fe7c8fb23ac625d24f3015ee328a37b7c

New changelog entries:
  * Fix segfault in context_handle (LP: #1648901).
    - d/p/check_internal_context_on_init_context_errors.patch:
    Cherry picked patch from upstream VCS.

applied/ubuntu/xenial-proposed 2017-01-23 16:33:24 UTC 2017-01-23
Import patches-applied version 1.13.2+dfsg-5ubuntu2 to applied/ubuntu/xenial-...

Author: Eric Desrochers
Author Date: 2017-01-16 14:06:57 UTC

Import patches-applied version 1.13.2+dfsg-5ubuntu2 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 9c10974e4fae34422d4a068abfc4cbe4b23bb30a
Unapplied parent: 0144b4d4c561014c9f6d286b5a8a20daf7385e9e

New changelog entries:
  * Fix segfault in context_handle (LP: #1648901).
    - d/p/check_internal_context_on_init_context_errors.patch:
    Cherry picked patch from upstream VCS.

applied/ubuntu/yakkety-proposed 2016-12-16 10:23:14 UTC 2016-12-16
Import patches-applied version 1.14.3+dfsg-2ubuntu1 to applied/ubuntu/yakkety...

Author: Steve Langasek
Author Date: 2016-11-22 01:01:33 UTC

Import patches-applied version 1.14.3+dfsg-2ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 12c26c1d6273aa057a9049dc00e065bd382d4be7
Unapplied parent: 00fdd201bb6db93ac91fe48542b7df923abd5a4a

New changelog entries:
  * d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
    Cherry-pick from upstream to add SPNEGO special case for
    NTLMSSP+MechListMIC. LP: #1643708.

applied/ubuntu/yakkety-updates 2016-12-16 10:23:14 UTC 2016-12-16
Import patches-applied version 1.14.3+dfsg-2ubuntu1 to applied/ubuntu/yakkety...

Author: Steve Langasek
Author Date: 2016-11-22 01:01:33 UTC

Import patches-applied version 1.14.3+dfsg-2ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 12c26c1d6273aa057a9049dc00e065bd382d4be7
Unapplied parent: 00fdd201bb6db93ac91fe48542b7df923abd5a4a

New changelog entries:
  * d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
    Cherry-pick from upstream to add SPNEGO special case for
    NTLMSSP+MechListMIC. LP: #1643708.

applied/ubuntu/yakkety-devel 2016-12-16 10:23:14 UTC 2016-12-16
Import patches-applied version 1.14.3+dfsg-2ubuntu1 to applied/ubuntu/yakkety...

Author: Steve Langasek
Author Date: 2016-11-22 01:01:33 UTC

Import patches-applied version 1.14.3+dfsg-2ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 12c26c1d6273aa057a9049dc00e065bd382d4be7
Unapplied parent: 00fdd201bb6db93ac91fe48542b7df923abd5a4a

New changelog entries:
  * d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
    Cherry-pick from upstream to add SPNEGO special case for
    NTLMSSP+MechListMIC. LP: #1643708.

applied/ubuntu/trusty-proposed 2016-12-16 10:23:14 UTC 2016-12-16
Import patches-applied version 1.12+dfsg-2ubuntu5.3 to applied/ubuntu/trusty-...

Author: Steve Langasek
Author Date: 2016-11-22 02:14:47 UTC

Import patches-applied version 1.12+dfsg-2ubuntu5.3 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: cdf0f3e24254abfa0e3c7ba1c35ec2dc21ef3694
Unapplied parent: 2a3e44cb042a21445bf15c76d45fd4dbc86cd73e

New changelog entries:
  * d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
    Cherry-pick from upstream to add SPNEGO special case for
    NTLMSSP+MechListMIC. LP: #1643708.

ubuntu/trusty-proposed 2016-12-16 10:23:14 UTC 2016-12-16
Import patches-unapplied version 1.12+dfsg-2ubuntu5.3 to ubuntu/trusty-proposed

Author: Steve Langasek
Author Date: 2016-11-22 02:14:47 UTC

Import patches-unapplied version 1.12+dfsg-2ubuntu5.3 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 26e46c4b2a21165bf2aed00963799d83d381232b

New changelog entries:
  * d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
    Cherry-pick from upstream to add SPNEGO special case for
    NTLMSSP+MechListMIC. LP: #1643708.

ubuntu/yakkety-updates 2016-12-16 10:23:14 UTC 2016-12-16
Import patches-unapplied version 1.14.3+dfsg-2ubuntu1 to ubuntu/yakkety-proposed

Author: Steve Langasek
Author Date: 2016-11-22 01:01:33 UTC

Import patches-unapplied version 1.14.3+dfsg-2ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 4a9110524056af47163831a7ed63b6af1e11c51f

New changelog entries:
  * d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
    Cherry-pick from upstream to add SPNEGO special case for
    NTLMSSP+MechListMIC. LP: #1643708.

ubuntu/yakkety-devel 2016-12-16 10:23:14 UTC 2016-12-16
Import patches-unapplied version 1.14.3+dfsg-2ubuntu1 to ubuntu/yakkety-proposed

Author: Steve Langasek
Author Date: 2016-11-22 01:01:33 UTC

Import patches-unapplied version 1.14.3+dfsg-2ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 4a9110524056af47163831a7ed63b6af1e11c51f

New changelog entries:
  * d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
    Cherry-pick from upstream to add SPNEGO special case for
    NTLMSSP+MechListMIC. LP: #1643708.

ubuntu/yakkety-proposed 2016-12-16 10:23:14 UTC 2016-12-16
Import patches-unapplied version 1.14.3+dfsg-2ubuntu1 to ubuntu/yakkety-proposed

Author: Steve Langasek
Author Date: 2016-11-22 01:01:33 UTC

Import patches-unapplied version 1.14.3+dfsg-2ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 4a9110524056af47163831a7ed63b6af1e11c51f

New changelog entries:
  * d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
    Cherry-pick from upstream to add SPNEGO special case for
    NTLMSSP+MechListMIC. LP: #1643708.

applied/ubuntu/zesty 2016-12-05 04:14:18 UTC 2016-12-05
Import patches-applied version 1.15-1 to applied/debian/sid

Author: Benjamin Kaduk
Author Date: 2016-12-04 20:37:57 UTC

Import patches-applied version 1.15-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 7511c7895c97e797aa2c73e6f05da3a5dc10b54a
Unapplied parent: d30f62db0043d1e1aea01c8ee319369483e5274a

New changelog entries:
  [ Benjamin Kaduk ]
  * New upstream version
    - Make zap() more reliable and use it more consistently; the
      previous version could be optimized out by gcc 5.1 or later
    - Update license statement in ccapi/common/win/OldCC/autolock.hxx,
      Closes: #846088
  * Update Debian-HURD-compatibility.patch, Closes: #845381
  * Bump debhelper compat level to 9
  [ Sam Hartman ]
  * Actually build and ship German translations, Closes: #842497

ubuntu/zesty 2016-12-05 04:14:18 UTC 2016-12-05
Import patches-unapplied version 1.15-1 to debian/sid

Author: Benjamin Kaduk
Author Date: 2016-12-04 20:37:57 UTC

Import patches-unapplied version 1.15-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4ae290546d68f7651108d53c981a4491f373742c

New changelog entries:
  [ Benjamin Kaduk ]
  * New upstream version
    - Make zap() more reliable and use it more consistently; the
      previous version could be optimized out by gcc 5.1 or later
    - Update license statement in ccapi/common/win/OldCC/autolock.hxx,
      Closes: #846088
  * Update Debian-HURD-compatibility.patch, Closes: #845381
  * Bump debhelper compat level to 9
  [ Sam Hartman ]
  * Actually build and ship German translations, Closes: #842497

applied/ubuntu/yakkety 2016-09-07 04:15:37 UTC 2016-09-07
Import patches-applied version 1.14.3+dfsg-2 to applied/debian/sid

Author: Sam Hartman
Author Date: 2016-09-06 01:03:14 UTC

Import patches-applied version 1.14.3+dfsg-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 3227d4e80e568badc19c3f750dc7d47e0fa065f1
Unapplied parent: 1be2e48564ca7996debb1c490f1616f189598d16

New changelog entries:
  * Fix gcc -O3, thanks Ben Kaduk/Steve Langasek, Closes: #833798
  * Fix kdb5_util create on 32-bit platforms, thanks Greg Hudson, Closes:
    #834035

ubuntu/yakkety 2016-09-07 04:15:37 UTC 2016-09-07
Import patches-unapplied version 1.14.3+dfsg-2 to debian/sid

Author: Sam Hartman
Author Date: 2016-09-06 01:03:14 UTC

Import patches-unapplied version 1.14.3+dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 887980abe92e63b9ad0060f86f44d0b46f426d42

New changelog entries:
  * Fix gcc -O3, thanks Ben Kaduk/Steve Langasek, Closes: #833798
  * Fix kdb5_util create on 32-bit platforms, thanks Greg Hudson, Closes:
    #834035

debian/wheezy 2016-04-02 23:32:57 UTC 2016-04-02
Import patches-unapplied version 1.10.1+dfsg-5+deb7u7 to debian/wheezy

Author: Salvatore Bonaccorso
Author Date: 2016-01-31 12:39:43 UTC

Import patches-unapplied version 1.10.1+dfsg-5+deb7u7 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 3b556c08fa8a4fb18d3dcc1223813eda375dbefa

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Verify decoded kadmin C strings [CVE-2015-8629]
    CVE-2015-8629: An authenticated attacker can cause kadmind to read
    beyond the end of allocated memory by sending a string without a
    terminating zero byte. Information leakage may be possible for an
    attacker with permission to modify the database. (Closes: #813296)
  * Fix leaks in kadmin server stubs [CVE-2015-8631]
    CVE-2015-8631: An authenticated attacker can cause kadmind to leak
    memory by supplying a null principal name in a request which uses one.
    Repeating these requests will eventually cause kadmind to exhaust all
    available memory. (Closes: #813126)
  * Non-maintainer upload by the Security Team.
  * Update 0036-Fix-build_principal-memory-bug-CVE-2015-2697.patch.
    Add check on rlen before doing memcpy.
  * Non-maintainer upload by the Security Team.
  * Add missing 0036-Fix-build_principal-memory-bug-CVE-2015-2697.patch.
    CVE-2015-2697: unsafe string handling in TGS processing.
    The previous wheezy-security upload mentioned the fix, but did not
    include the patch in the upload.
    Thanks to Marc Deslauriers (Closes: #803088)
  * Import upstream patches for four CVEs:
    - CVE-2015-2695: SPNEGO context aliasing during establishment,
      Closes: #803083
    - CVE-2015-2696: IAKERB context aliasing during establishment,
      Closes: #803084
    - CVE-2015-2697: unsafe string handling in TGS processing,
      Closes: #803088
    - CVE-2015-2698: regression (memory corruption) in patch for CVE-2015-2696
  * In addition to CVE-2015-2698, the upstream patches for CVE-2015-2695
    and CVE-2015-2696 introduced regressions preventing the use of
    gss_import_sec_context() with contexts established using IAKERB
    or SPNEGO; the fixes for those regressions are included here.

applied/debian/wheezy 2016-04-02 23:32:57 UTC 2016-04-02
Import patches-applied version 1.10.1+dfsg-5+deb7u7 to applied/debian/wheezy

Author: Salvatore Bonaccorso
Author Date: 2016-01-31 12:39:43 UTC

Import patches-applied version 1.10.1+dfsg-5+deb7u7 to applied/debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 6c384c7a0d01b06b5af9744c098d27e7465b04ab
Unapplied parent: ebc6dcf11f71a8a74785c456b7cb15ee4e6063b0

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Verify decoded kadmin C strings [CVE-2015-8629]
    CVE-2015-8629: An authenticated attacker can cause kadmind to read
    beyond the end of allocated memory by sending a string without a
    terminating zero byte. Information leakage may be possible for an
    attacker with permission to modify the database. (Closes: #813296)
  * Fix leaks in kadmin server stubs [CVE-2015-8631]
    CVE-2015-8631: An authenticated attacker can cause kadmind to leak
    memory by supplying a null principal name in a request which uses one.
    Repeating these requests will eventually cause kadmind to exhaust all
    available memory. (Closes: #813126)
  * Non-maintainer upload by the Security Team.
  * Update 0036-Fix-build_principal-memory-bug-CVE-2015-2697.patch.
    Add check on rlen before doing memcpy.
  * Non-maintainer upload by the Security Team.
  * Add missing 0036-Fix-build_principal-memory-bug-CVE-2015-2697.patch.
    CVE-2015-2697: unsafe string handling in TGS processing.
    The previous wheezy-security upload mentioned the fix, but did not
    include the patch in the upload.
    Thanks to Marc Deslauriers (Closes: #803088)
  * Import upstream patches for four CVEs:
    - CVE-2015-2695: SPNEGO context aliasing during establishment,
      Closes: #803083
    - CVE-2015-2696: IAKERB context aliasing during establishment,
      Closes: #803084
    - CVE-2015-2697: unsafe string handling in TGS processing,
      Closes: #803088
    - CVE-2015-2698: regression (memory corruption) in patch for CVE-2015-2696
  * In addition to CVE-2015-2698, the upstream patches for CVE-2015-2695
    and CVE-2015-2696 introduced regressions preventing the use of
    gss_import_sec_context() with contexts established using IAKERB
    or SPNEGO; the fixes for those regressions are included here.

applied/ubuntu/xenial 2016-02-23 22:16:43 UTC 2016-02-23
Import patches-applied version 1.13.2+dfsg-5 to applied/debian/sid

Author: Sam Hartman
Author Date: 2016-02-23 13:54:09 UTC

Import patches-applied version 1.13.2+dfsg-5 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: b55454d38d6974bebac7352a2778c3e830399e43
Unapplied parent: 560a8c39a9b0208d2029714aacb4a1593df6bd19

New changelog entries:
  * Security Update
  * Verify decoded kadmin C strings [CVE-2015-8629]
    CVE-2015-8629: An authenticated attacker can cause kadmind to read
    beyond the end of allocated memory by sending a string without a
    terminating zero byte. Information leakage may be possible for an
    attacker with permission to modify the database. (Closes: #813296)
  * Check for null kadm5 policy name [CVE-2015-8630]
    CVE-2015-8630: An authenticated attacker with permission to modify a
    principal entry can cause kadmind to dereference a null pointer by
    supplying a null policy value but including KADM5_POLICY in the mask.
    (Closes: #813127)
  * Fix leaks in kadmin server stubs [CVE-2015-8631]
    CVE-2015-8631: An authenticated attacker can cause kadmind to leak
    memory by supplying a null principal name in a request which uses one.
    Repeating these requests will eventually cause kadmind to exhaust all
    available memory. (Closes: #813126)

ubuntu/xenial 2016-02-23 22:16:43 UTC 2016-02-23
Import patches-unapplied version 1.13.2+dfsg-5 to debian/sid

Author: Sam Hartman
Author Date: 2016-02-23 13:54:09 UTC

Import patches-unapplied version 1.13.2+dfsg-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8db3f11cb94b574b6b154cdeb1124b241b115a14

New changelog entries:
  * Security Update
  * Verify decoded kadmin C strings [CVE-2015-8629]
    CVE-2015-8629: An authenticated attacker can cause kadmind to read
    beyond the end of allocated memory by sending a string without a
    terminating zero byte. Information leakage may be possible for an
    attacker with permission to modify the database. (Closes: #813296)
  * Check for null kadm5 policy name [CVE-2015-8630]
    CVE-2015-8630: An authenticated attacker with permission to modify a
    principal entry can cause kadmind to dereference a null pointer by
    supplying a null policy value but including KADM5_POLICY in the mask.
    (Closes: #813127)
  * Fix leaks in kadmin server stubs [CVE-2015-8631]
    CVE-2015-8631: An authenticated attacker can cause kadmind to leak
    memory by supplying a null principal name in a request which uses one.
    Repeating these requests will eventually cause kadmind to exhaust all
    available memory. (Closes: #813126)

applied/ubuntu/wily-updates 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-applied version 1.13.2+dfsg-2ubuntu0.1 to applied/ubuntu/wily-...

Author: Marc Deslauriers
Author Date: 2015-11-11 13:36:55 UTC

Import patches-applied version 1.13.2+dfsg-2ubuntu0.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 974d039062b0be810529232db820d20b7e91aa2f
Unapplied parent: e8cf16d5944b52ea49665a5961fc3b119cfa3b41

New changelog entries:
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/u/0011-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/u/0016-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/u/0012-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/u/0014-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/u/0013-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/u/0015-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

ubuntu/vivid-security 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-unapplied version 1.12.1+dfsg-18ubuntu0.1 to ubuntu/vivid-secu...

Author: Marc Deslauriers
Author Date: 2015-11-11 13:52:46 UTC

Import patches-unapplied version 1.12.1+dfsg-18ubuntu0.1 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 927b1b9718ac91b4ea0ae8f01a578a4e9b9213e7

New changelog entries:
  * SECURITY UPDATE: preauthentication requirement bypass in kdcpreauth
    - d/p/u/0031-Prevent-requires_preauth-bypass-CVE-2015-2694.patch:
      improve logic in src/plugins/preauth/otp/main.c,
      src/plugins/preauth/pkinit/pkinit_srv.c.
    - CVE-2015-2694
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/u/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/u/0036-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/u/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/u/0034-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/u/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/u/0035-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

ubuntu/precise-security 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-unapplied version 1.10+dfsg~beta1-2ubuntu0.7 to ubuntu/precise...

Author: Marc Deslauriers
Author Date: 2015-11-11 14:16:52 UTC

Import patches-unapplied version 1.10+dfsg~beta1-2ubuntu0.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 170cc2ebc5096b87e2ad6d5fbf5afac87b1bf3aa

New changelog entries:
  * SECURITY UPDATE: denial of service via udp ping-pong
    - debian/patches/CVE-2002-2443.patch: don't respond to improper packets
      in src/kadmin/server/schpw.c.
    - CVE-2002-2443
  * SECURITY UPDATE: denial of service via incorrect null bytes
    - d/p/0030-Fix-krb5_read_message-handling-CVE-2014-5355.patch:
      properly handle null bytes in src/appl/user_user/server.c,
      src/lib/krb5/krb/recvauth.c.
    - CVE-2015-5355
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/0035-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/0033-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/0034-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

ubuntu/vivid-updates 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-unapplied version 1.12.1+dfsg-18ubuntu0.1 to ubuntu/vivid-secu...

Author: Marc Deslauriers
Author Date: 2015-11-11 13:52:46 UTC

Import patches-unapplied version 1.12.1+dfsg-18ubuntu0.1 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 927b1b9718ac91b4ea0ae8f01a578a4e9b9213e7

New changelog entries:
  * SECURITY UPDATE: preauthentication requirement bypass in kdcpreauth
    - d/p/u/0031-Prevent-requires_preauth-bypass-CVE-2015-2694.patch:
      improve logic in src/plugins/preauth/otp/main.c,
      src/plugins/preauth/pkinit/pkinit_srv.c.
    - CVE-2015-2694
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/u/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/u/0036-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/u/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/u/0034-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/u/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/u/0035-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

ubuntu/precise-devel 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-unapplied version 1.10+dfsg~beta1-2ubuntu0.7 to ubuntu/precise...

Author: Marc Deslauriers
Author Date: 2015-11-11 14:16:52 UTC

Import patches-unapplied version 1.10+dfsg~beta1-2ubuntu0.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 170cc2ebc5096b87e2ad6d5fbf5afac87b1bf3aa

New changelog entries:
  * SECURITY UPDATE: denial of service via udp ping-pong
    - debian/patches/CVE-2002-2443.patch: don't respond to improper packets
      in src/kadmin/server/schpw.c.
    - CVE-2002-2443
  * SECURITY UPDATE: denial of service via incorrect null bytes
    - d/p/0030-Fix-krb5_read_message-handling-CVE-2014-5355.patch:
      properly handle null bytes in src/appl/user_user/server.c,
      src/lib/krb5/krb/recvauth.c.
    - CVE-2015-5355
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/0035-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/0033-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/0034-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

applied/ubuntu/wily-security 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-applied version 1.13.2+dfsg-2ubuntu0.1 to applied/ubuntu/wily-...

Author: Marc Deslauriers
Author Date: 2015-11-11 13:36:55 UTC

Import patches-applied version 1.13.2+dfsg-2ubuntu0.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 974d039062b0be810529232db820d20b7e91aa2f
Unapplied parent: e8cf16d5944b52ea49665a5961fc3b119cfa3b41

New changelog entries:
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/u/0011-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/u/0016-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/u/0012-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/u/0014-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/u/0013-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/u/0015-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

ubuntu/precise-updates 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-unapplied version 1.10+dfsg~beta1-2ubuntu0.7 to ubuntu/precise...

Author: Marc Deslauriers
Author Date: 2015-11-11 14:16:52 UTC

Import patches-unapplied version 1.10+dfsg~beta1-2ubuntu0.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 170cc2ebc5096b87e2ad6d5fbf5afac87b1bf3aa

New changelog entries:
  * SECURITY UPDATE: denial of service via udp ping-pong
    - debian/patches/CVE-2002-2443.patch: don't respond to improper packets
      in src/kadmin/server/schpw.c.
    - CVE-2002-2443
  * SECURITY UPDATE: denial of service via incorrect null bytes
    - d/p/0030-Fix-krb5_read_message-handling-CVE-2014-5355.patch:
      properly handle null bytes in src/appl/user_user/server.c,
      src/lib/krb5/krb/recvauth.c.
    - CVE-2015-5355
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/0035-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/0033-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/0034-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

ubuntu/wily-devel 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-unapplied version 1.13.2+dfsg-2ubuntu0.1 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2015-11-11 13:36:55 UTC

Import patches-unapplied version 1.13.2+dfsg-2ubuntu0.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: a0b32df26c9252d5b90df456012eaa46c972504d

New changelog entries:
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/u/0011-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/u/0016-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/u/0012-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/u/0014-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/u/0013-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/u/0015-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

applied/ubuntu/wily-devel 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-applied version 1.13.2+dfsg-2ubuntu0.1 to applied/ubuntu/wily-...

Author: Marc Deslauriers
Author Date: 2015-11-11 13:36:55 UTC

Import patches-applied version 1.13.2+dfsg-2ubuntu0.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 974d039062b0be810529232db820d20b7e91aa2f
Unapplied parent: e8cf16d5944b52ea49665a5961fc3b119cfa3b41

New changelog entries:
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/u/0011-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/u/0016-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/u/0012-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/u/0014-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/u/0013-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/u/0015-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

applied/ubuntu/precise-updates 2015-11-12 17:44:14 UTC 2015-11-12
Import patches-applied version 1.10+dfsg~beta1-2ubuntu0.7 to applied/ubuntu/p...

Author: Marc Deslauriers
Author Date: 2015-11-11 14:16:52 UTC

Import patches-applied version 1.10+dfsg~beta1-2ubuntu0.7 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: cf66088038288fb764e77f111d12012acce9f096
Unapplied parent: d5e181919d20a43e047bf6fd3fab25b608f0f76d

New changelog entries:
  * SECURITY UPDATE: denial of service via udp ping-pong
    - debian/patches/CVE-2002-2443.patch: don't respond to improper packets
      in src/kadmin/server/schpw.c.
    - CVE-2002-2443
  * SECURITY UPDATE: denial of service via incorrect null bytes
    - d/p/0030-Fix-krb5_read_message-handling-CVE-2014-5355.patch:
      properly handle null bytes in src/appl/user_user/server.c,
      src/lib/krb5/krb/recvauth.c.
    - CVE-2015-5355
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/0035-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/0033-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/0034-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

1100 of 272 results

Other repositories

Name Last Modified
lp:ubuntu/+source/krb5 2019-07-19
lp:~ahasenack/ubuntu/+source/krb5 2018-11-12
12 of 2 results
You can't create new repositories for krb5 in Ubuntu.