lp:ubuntu/jaunty-updates/krb5
- Get this branch:
- bzr branch lp:ubuntu/jaunty-updates/krb5
Branch merges
Branch information
Recent revisions
- 18. By Kees Cook
-
* SECURITY UPDATE: unauthenticated remote attacker can crash kadmind.
- debian/patches/ MITKRB5- SA-2010- 005: applied upstream fixes inline
- CVE-2010-1321 - 17. By Kees Cook
-
* SECURITY UPDATE: unauthenticated remote KDC service crash.
- debian/patches/ MITKRB5- SA-2010- 003 applied inline.
* SECURITY UPDATE: potential service crashes.
- debian/patches/ likewise- krb5-gssapi: fixed to not re-introduce
CVE-2007-5901 and CVE-2007-5971. - 16. By Kees Cook
-
* SECURITY UPDATE: unauthenticated remote attacker can crash or
compromise the KDC via flaws in AES and RC4 decryption (CVE-2009-4212).
- debian/patches/ MITKRB5- SA-2009- 004 applied inline.
- http://web.mit. edu/kerberos/ advisories/ 2009-004- patch_1. 6.3.txt - 15. By Kees Cook
-
* SECURITY UPDATE: denial of service via buffer overflows.
- src/lib/gssapi/ spnego/ spnego_ mech.c, src/lib/ krb5/asn. 1/asn1buf. c:
GSS-API could be crashed remotely (MITKRB5-SA-2009- 001: CVE-2009-0844,
CVE-2009-0845, CVE-2009-0847).
- src/lib/krb5/asn. 1/asn1_ decode. c: ASN.1 decoder freed uninitialized
pointers (MITKRB5-SA-2009- 002: CVE-2009-0846). - 14. By Mathias Gug
-
debian/
patches/ likewise- krb5-gssapi: add likewise-open patch to support
Microsoft kerberos implementation. - 13. By Russ Allbery
-
* Correct the actions of krb5_newrealm in its man page. It doesn't
create a keytab for kadmind since kadmind no longer needs one.
Mention that it does create a stash file and that it starts the KDC
and kadmind daemons. Thanks, David Medberry. (Closes: #504126)
* Translation updates:
- Spanish, thanks Ignacio Mondino. (Closes: #504766) - 12. By Sam Hartman
-
[ Russ Allbery ]
* Translation updates:
- Swedish, thanks Martin Bagge. (Closes: #487669, #491774)
- Italian, thanks Luca Monducci. (Closes: #493962)[ Sam Hartman ]
* Translation Updates:
- Dutch, Thanks Vincent Zweije, Closes: #495733 - 11. By Russ Allbery
-
* Remove the check for pthread_
mutexattr_ setrobust_ np in the thread
initialization code. This was only needed on Solaris 9 and has been
removed upstream, and was causing FTBFS with glibc 2.5. Thanks,
Martin Pitt. (Closes: #396166)
* Translation updates:
- New Romanian translation, thanks stan ioan-eugen. (Closes: #395347) - 10. By Martin Pitt
-
* Merge with Debian; only Ubuntu change:
- src/include/k5-thread. h: Define__USE_GNU when #include'ing pthread.h to
fix FTBFS (from 1.4.3-9ubuntu1). - 9. By Martin Pitt
-
src/include/
k5-thread. h: Define__USE_GNU when #include'ing pthread.h so
that src/util/support/ threads. c has pthread_ mutexattr_ setrobust_ np()
available. Fixes FTBFS.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/krb5