lp:debian/lenny/krb5
- Get this branch:
- bzr branch lp:debian/lenny/krb5
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 17. By Sam Hartman
-
* MITKRB5-SA-2010-007
* CVE-2010-1323: attackers have a 1/256 chance of being able to
produce krb_safe messages that appear to be from legitimate remote
sources. Other than use in KDC database copies this may not be a
huge issue only because no one actually uses krb_safe
messages. Similarly, an attacker can force clients to display
challenge/ response values of the attacker's choice. - 16. By Sebastien Delafond
-
* Non-maintainer upload by the Security Team.
* Fixed CVE-2010-1321: GSS API null pointer dereference. - 15. By Sam Hartman
-
cve-2009-4212, MIT-KRB5-
SA-2009- 004: Integer underflows in AES and
RC4 decriptions. This can definitely lead to a DOS attack and
potentially may leae to execution of unexpected code. It's
potentially possible that arbitrary code could be executed, although
much more likely that permuted heap contents or buffers not under
attacker control will be executed. - 14. By Russ Allbery
-
* MITKRB5-
SA-2009- 0001: Fix read-beyond- end-of- buffer DOS in SPNEGO, an
SPNEGO null pointer dereference, and incorrect length validation in
an ASN.1 decoder. (CVE-2009-0844, CVE-2009-0845, CVE-2009-0847)
* MITKRB5-SA-2009- 002: ASN.1 general time decoder can free uninitialized
pointer. (CVE-2009-0846) - 13. By Russ Allbery
-
* Correct the actions of krb5_newrealm in its man page. It doesn't
create a keytab for kadmind since kadmind no longer needs one.
Mention that it does create a stash file and that it starts the KDC
and kadmind daemons. Thanks, David Medberry. (Closes: #504126)
* Translation updates:
- Spanish, thanks Ignacio Mondino. (Closes: #504766) - 12. By Sam Hartman
-
[ Russ Allbery ]
* Translation updates:
- Swedish, thanks Martin Bagge. (Closes: #487669, #491774)
- Italian, thanks Luca Monducci. (Closes: #493962)[ Sam Hartman ]
* Translation Updates:
- Dutch, Thanks Vincent Zweije, Closes: #495733 - 11. By Russ Allbery
-
* Remove the check for pthread_
mutexattr_ setrobust_ np in the thread
initialization code. This was only needed on Solaris 9 and has been
removed upstream, and was causing FTBFS with glibc 2.5. Thanks,
Martin Pitt. (Closes: #396166)
* Translation updates:
- New Romanian translation, thanks stan ioan-eugen. (Closes: #395347) - 10. By Martin Pitt
-
* Merge with Debian; only Ubuntu change:
- src/include/k5-thread. h: Define__USE_GNU when #include'ing pthread.h to
fix FTBFS (from 1.4.3-9ubuntu1). - 9. By Martin Pitt
-
src/include/
k5-thread. h: Define__USE_GNU when #include'ing pthread.h so
that src/util/support/ threads. c has pthread_ mutexattr_ setrobust_ np()
available. Fixes FTBFS.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:debian/squeeze/krb5