lp:debian/lenny/krb5

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

18. By Florian Weimer on 2011-12-26

Apply patch from FreeBSD to fix CVE-2011-4862

17. By Sam Hartman on 2010-11-20

  * MITKRB5-SA-2010-007
      * CVE-2010-1323: attackers have a 1/256 chance of being able to
        produce krb_safe messages that appear to be from legitimate remote
        sources. Other than use in KDC database copies this may not be a
        huge issue only because no one actually uses krb_safe
        messages. Similarly, an attacker can force clients to display
        challenge/response values of the attacker's choice.

16. By Sebastien Delafond on 2010-05-20

* Non-maintainer upload by the Security Team.
* Fixed CVE-2010-1321: GSS API null pointer dereference.

15. By Sam Hartman on 2010-01-03

cve-2009-4212, MIT-KRB5-SA-2009-004: Integer underflows in AES and
RC4 decriptions. This can definitely lead to a DOS attack and
potentially may leae to execution of unexpected code. It's
potentially possible that arbitrary code could be executed, although
much more likely that permuted heap contents or buffers not under
attacker control will be executed.

14. By Russ Allbery on 2009-04-06

* MITKRB5-SA-2009-0001: Fix read-beyond-end-of-buffer DOS in SPNEGO, an
  SPNEGO null pointer dereference, and incorrect length validation in
  an ASN.1 decoder. (CVE-2009-0844, CVE-2009-0845, CVE-2009-0847)
* MITKRB5-SA-2009-002: ASN.1 general time decoder can free uninitialized
  pointer. (CVE-2009-0846)

13. By Russ Allbery on 2008-12-29

* Correct the actions of krb5_newrealm in its man page. It doesn't
  create a keytab for kadmind since kadmind no longer needs one.
  Mention that it does create a stash file and that it starts the KDC
  and kadmind daemons. Thanks, David Medberry. (Closes: #504126)
* Translation updates:
  - Spanish, thanks Ignacio Mondino. (Closes: #504766)

12. By Sam Hartman on 2008-08-21

[ Russ Allbery ]
* Translation updates:
  - Swedish, thanks Martin Bagge. (Closes: #487669, #491774)
  - Italian, thanks Luca Monducci. (Closes: #493962)

[ Sam Hartman ]
* Translation Updates:
    - Dutch, Thanks Vincent Zweije, Closes: #495733

11. By Russ Allbery on 2006-11-05

* Remove the check for pthread_mutexattr_setrobust_np in the thread
  initialization code. This was only needed on Solaris 9 and has been
  removed upstream, and was causing FTBFS with glibc 2.5. Thanks,
  Martin Pitt. (Closes: #396166)
* Translation updates:
  - New Romanian translation, thanks stan ioan-eugen. (Closes: #395347)

10. By Martin Pitt on 2006-10-30

* Merge with Debian; only Ubuntu change:
  - src/include/k5-thread.h: Define__USE_GNU when #include'ing pthread.h to
    fix FTBFS (from 1.4.3-9ubuntu1).

9. By Martin Pitt on 2006-09-20

src/include/k5-thread.h: Define__USE_GNU when #include'ing pthread.h so
that src/util/support/threads.c has pthread_mutexattr_setrobust_np()
available. Fixes FTBFS.