lp:ubuntu/feisty/krb5
- Get this branch:
- bzr branch lp:ubuntu/feisty/krb5
Branch merges
Branch information
Recent revisions
- 15. By Kees Cook
-
* SECURITY UPDATE: arbitrary login via telnet, arbitrary code execution
via syslog buffer overflows, and heap corruption via GSS api.
* src/appl/telnet/ telnetd/ {state, sys_term} .c: MIT-SA-2007-1 fix from
upstream (CVE-2007-0956).
* src/lib/kadm5/logger. c: MIT-SA-2007-2 fix from Debian, based on
upstream fixes (CVE-2007-0957).
* src/lib/gssapi/ krb5/k5unseal. c: MIT-SA-2007-3 fix from upstream
(CVE-2007-1216). - 14. By Martin Pitt
-
* SECURITY UPDATE: Remote privilege escalation.
* src/lib/rpc/svc.c:
- Do not call an uninitialized pointer.
- Patch provided by upstream.
- References:
CVE-2006-6143
http://web.mit. edu/kerberos/ www/advisories/ MITKRB5- SA-2006- 002-rpc. txt - 13. By Andrew Mitchell
-
* Merge from debian unstable, remaining changes:
- Change netbase dependencies to update-inetd dependencies as
update-inetd is its own package now. - 12. By Tollef Fog Heen
-
Change netbase dependencies to update-inetd dependencies as
update-inetd is its own package now. - 11. By Russ Allbery
-
* Remove the check for pthread_
mutexattr_ setrobust_ np in the thread
initialization code. This was only needed on Solaris 9 and has been
removed upstream, and was causing FTBFS with glibc 2.5. Thanks,
Martin Pitt. (Closes: #396166)
* Translation updates:
- New Romanian translation, thanks stan ioan-eugen. (Closes: #395347) - 10. By Martin Pitt
-
* Merge with Debian; only Ubuntu change:
- src/include/k5-thread. h: Define__USE_GNU when #include'ing pthread.h to
fix FTBFS (from 1.4.3-9ubuntu1). - 9. By Martin Pitt
-
src/include/
k5-thread. h: Define__USE_GNU when #include'ing pthread.h so
that src/util/support/ threads. c has pthread_ mutexattr_ setrobust_ np()
available. Fixes FTBFS. - 8. By Sam Hartman
-
* Add error checking to setuid, setreuid to avoid local privilege
escalation ; fixes krb5-sa-2006-1, CVE-2006-3084, CVE-2006-3083
* Update standards version to 3.7.2 (no changes required).
* Translation updates.
- Russian, thanks Yuri Kozlov. (Closes: #380303) - 7. By Russ Allbery
-
* Fix double free caused by a zero-length keytab. Thanks, Steve
Langasek. (Closes: #344295)
* Fix segfault in krb5_kuserok if the local name doesn't correspond to a
local account. (Discovered in bug #354133.)
* Build a separate libkrb5-dbg package containing the detached debugging
information for libkrb53 and libkadm55.
* Update debhelper compatibility level to V5 since the dh_strip behavior
around debug packages changes in V5 and we should use the current
interface from the beginning.
* Translation updates.
- Dutch, thanks Vincent Zweije. (Closes: #360444)
- Galician, thanks Jacobo Tarrio. (Closes: #361809) - 6. By Sam Hartman
-
* Configure with --enable-shared --enable-static so that libkrb5-dev
gets static libraries.
* Fix double free in getting credentials, Closes: #344543
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/krb5