lp:ubuntu/maverick/krb5

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

28. By Sam Hartman on 2010-05-27

* Ignore duplicate token sent in mechListMIC from Windows 2000 SPNEGO
  (LP: #551901)
* krb5-admin-server starts after krb5-kdc, Closes: #583494

27. By Sam Hartman on 2010-05-19

* CVE-2010-1321 GSS-API accept sec context null pointer deref, Closes:
  #582261
* Force use of bash for build, Closes: #581473
* Start slapd before krb5 when krb5-kdc-ldap installed, Closes:
  #582122

26. By Sam Hartman on 2010-04-12

Fix crash in renewal and validation, Thanks Joel Johnson for such a
prompt bug report, Closes: #577490

25. By Kees Cook on 2010-03-23

* SECURITY UPDATE: unauthenticated remote service crash.
  - src/lib/gssapi/spnego/spnego_mech.c: back-ported upstream fixes
    from krb5 1.8.1.
  - MITKRB5-SA-2010-002 (CVE-2010-0628)

24. By Russ Allbery on 2010-02-16

* MITKRB5-SA-2010-001: Avoid an assertion failure leading to a denial of
  service in the KDC by doing better input validation. (CVE-2010-0283)
* Update standards version to 3.8.4 (no changes required).

23. By Sam Hartman on 2010-01-22

[ Sam Hartman ]
* New API to allow an application to enable weak crypto
* Rename libkadm5clnt and libkadm5srv to libkadm5clnt_mit and
  libkadm5srv_mit in order to avoid conflicts with Heimdal packages.
  Sorry for the second trip through new, but we needed to coordinate
  with upstream on the ABI issues involved with this change.
* Medium urgency in order to get a fix for openafs-krb5 weak crypto into
  testing sooner
* Include fix for pam-krb5 segfault with wrong password; bump urgency to
  high.

[ Russ Allbery ]
* Change libkrb5-dbg to only depend on libkrb5-3, libk5crypto3, or
  libkrb5support0. All of the other packages for which it provides
  debugging symbols also depend on one of those packages and always
  will, so listing the disjunction of every library package is
  overkill. Remove from the Depends several obsolete library packages
  no longer included.
* Drop obsolete Replaces for libkadm5srv-mit7 and libkadm5clnt-mit7.
* Wrap krb5-multidev dependencies and description and shorten the short
  description.
* Reformat NEWS.Debian to avoid using a bulleted list per devref.

[ Sam Hartman ]
* Link libkadm5{clnt,srv}.so specially so that the links work without
  libkrb5-dev installed

22. By Sam Hartman on 2010-01-13

* Add replaces to deal with moving files from krb5-multidev to
  libkrb5-dev, Closes: #565217
* This is definitely the getting all the conflicts combinations right is
  tricky series of releases. Sorry about the wasted cycles.

21. By Sam Hartman on 2009-12-28

cve-2009-3295, MIT-KRB5-SA-2009-003: KDC crash when failing to find
the realm of a host., Thanks 2Jakob Haufe for the report to Debian

20. By Sam Hartman on 2009-11-29

* Fix typo in control file
* Exclude usr/lib/krb5/plugins from dh_makeshlibs call to deal with
  behavior change in dh_makeshlibs, Closes: #558719

19. By Sam Hartman on 2009-05-27

* New upstream release
* Revert relaxation of Debian symbol versions introduced in
  1.7dfsg~beta1-3
* Fix kproplog's manpage (LP: #374819)