ubuntu/+source/heimdal:applied/ubuntu/edgy-devel

Last commit made on 2006-07-03
Get this branch:
git clone -b applied/ubuntu/edgy-devel https://git.launchpad.net/ubuntu/+source/heimdal
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/edgy-devel
Repository:
lp:ubuntu/+source/heimdal

Recent commits

fc8d069... by Martin Pitt on 2006-07-03

Import patches-applied version 0.7.2.dfsg.1-3ubuntu1 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 0a06626ab8c5852ea9b3d59ce4abee67b5bc1832
Unapplied parent: a291c39778e0f5ac490a78887d36d3ca913c1e67

New changelog entries:
  * Merge from debian unstable.
  * Remove bashism in debian/rules. Closes: #376082.
  * Build depends on texinfo, required for makeinfo. Closes: #376224.

a291c39... by Martin Pitt on 2006-07-03

Import patches-unapplied version 0.7.2.dfsg.1-3ubuntu1 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 8f51da2f0301faa76403596e83247e7bf32e3e74

New changelog entries:
  * Merge from debian unstable.
  * Remove bashism in debian/rules. Closes: #376082.
  * Build depends on texinfo, required for makeinfo. Closes: #376224.

0a06626... by Martin Pitt on 2006-06-30

Import patches-applied version 0.7.2.dfsg.1-2ubuntu1 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: be59d71bf9a736079bb5c31be8fa876fb4f55e43
Unapplied parent: 8f51da2f0301faa76403596e83247e7bf32e3e74

New changelog entries:
  * Synchronize to Debian.
    - Only change left: db4.2 -> db4.3 build dependency.
  * debian/rules: Fix bashism.
  * Search for all references to HDB_DB_DIR "/kdc.conf" and replace with
    "/etc/heimdal-kdc/kdc.conf". Closes: #365883, #365890.
  * Remove non-free documentation. Closes: #364860.
  * Add Galician debconf templates. Closes: #362091.
  * Update standards version to 3.7.2.
  * Fix file deletion in postrm. Closes: #361411.
  * Move heimdal-kdc config files, kdc.conf, kadmind.acl and .configured, from
    /var/lib/heimdal-kdc to /etc/heimdal-kdc. Closes: #351960.
  * Install krcp.1 manpage.
  * Move xnlock.1 man page to correct man page section 1.
  * heimdal-dev: add depends on comerr-dev. Closes: #357115.
  * New upstream version. Includes security fixes. Changes from upstream:
        * Fix security problem in rshd that enable an attacker to overwrite
          and change ownership of any file that root could write.
        * Fix a DOS in telnetd. The attacker could force the server to crash
          in a NULL de-reference before the user logged in, resulting in inetd
          turning telnetd off because it forked too fast.
        * Make gss_acquire_cred(GSS_C_ACCEPT) check that the requested name
          exists in the keytab before returning success. This allows servers
          to check if its even possible to use GSSAPI.
        * Fix receiving end of token delegation for GSS-API. It still wrongly
          uses subkey for sending for compatibility reasons, this will change
          in 0.8.
        * telnetd, login and rshd are now more verbose in logging failed and
          successful logins.
        * Bug fixes.
  * Ditch dbs build system in preference for quilt and cdbs.
  * Don't install /usr/include/ss. It's not included by any other header
    in heimdal-dev and is provided by ss-dev. Closes: #349213.
  * Also remove /usr/bin/mk_cmds which is also provided by ss-dev.
  * Supply /etc/ldap/schema/hdb.schema. Closes: #355287.
  * Move iprop man pages from heimdal-clients package into
    heimdal-kdc package. Closes: #347555.
  * Change default program for krsh from rlogin to ktelnet if no parameters
    given. Closes: #355080.
  * Brian May <email address hidden>:
    * Delete patches for old Heimdal versions.
    * Update Swedish debconf translation (closes: #347605).
  * Michael Banck <email address hidden>:
    * Changes for GNU HURD: 026_posix_max (closes: #113317),
                            026_no_afs (closes: #324342).
  * Steve Langasek <email address hidden>:
    * 025_pthreads
    * High-urgency upload for RC bugfix.
    * Use -pthread -lpthread when linking shared libs, not just -pthread,
      needed for proper linking of libgssapi on mips/mipsel. Closes: #346346.
    * Build-depend on libx11-dev, libxau-dev, libxt-dev, x-dev instead of the
      obsolete xlibs-dev. Closes: #346680.
  * Apply 022_ftp-roken-glob again.
  * Upload for unstable.

8f51da2... by Martin Pitt on 2006-06-30

Import patches-unapplied version 0.7.2.dfsg.1-2ubuntu1 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: f43acc816bc25696fe1636ac9b25d8d91319dc01

New changelog entries:
  * Synchronize to Debian.
    - Only change left: db4.2 -> db4.3 build dependency.
  * debian/rules: Fix bashism.
  * Search for all references to HDB_DB_DIR "/kdc.conf" and replace with
    "/etc/heimdal-kdc/kdc.conf". Closes: #365883, #365890.
  * Remove non-free documentation. Closes: #364860.
  * Add Galician debconf templates. Closes: #362091.
  * Update standards version to 3.7.2.
  * Fix file deletion in postrm. Closes: #361411.
  * Move heimdal-kdc config files, kdc.conf, kadmind.acl and .configured, from
    /var/lib/heimdal-kdc to /etc/heimdal-kdc. Closes: #351960.
  * Install krcp.1 manpage.
  * Move xnlock.1 man page to correct man page section 1.
  * heimdal-dev: add depends on comerr-dev. Closes: #357115.
  * New upstream version. Includes security fixes. Changes from upstream:
        * Fix security problem in rshd that enable an attacker to overwrite
          and change ownership of any file that root could write.
        * Fix a DOS in telnetd. The attacker could force the server to crash
          in a NULL de-reference before the user logged in, resulting in inetd
          turning telnetd off because it forked too fast.
        * Make gss_acquire_cred(GSS_C_ACCEPT) check that the requested name
          exists in the keytab before returning success. This allows servers
          to check if its even possible to use GSSAPI.
        * Fix receiving end of token delegation for GSS-API. It still wrongly
          uses subkey for sending for compatibility reasons, this will change
          in 0.8.
        * telnetd, login and rshd are now more verbose in logging failed and
          successful logins.
        * Bug fixes.
  * Ditch dbs build system in preference for quilt and cdbs.
  * Don't install /usr/include/ss. It's not included by any other header
    in heimdal-dev and is provided by ss-dev. Closes: #349213.
  * Also remove /usr/bin/mk_cmds which is also provided by ss-dev.
  * Supply /etc/ldap/schema/hdb.schema. Closes: #355287.
  * Move iprop man pages from heimdal-clients package into
    heimdal-kdc package. Closes: #347555.
  * Change default program for krsh from rlogin to ktelnet if no parameters
    given. Closes: #355080.
  * Brian May <email address hidden>:
    * Delete patches for old Heimdal versions.
    * Update Swedish debconf translation (closes: #347605).
  * Michael Banck <email address hidden>:
    * Changes for GNU HURD: 026_posix_max (closes: #113317),
                            026_no_afs (closes: #324342).
  * Steve Langasek <email address hidden>:
    * 025_pthreads
    * High-urgency upload for RC bugfix.
    * Use -pthread -lpthread when linking shared libs, not just -pthread,
      needed for proper linking of libgssapi on mips/mipsel. Closes: #346346.
    * Build-depend on libx11-dev, libxau-dev, libxt-dev, x-dev instead of the
      obsolete xlibs-dev. Closes: #346680.
  * Apply 022_ftp-roken-glob again.
  * Upload for unstable.

be59d71... by Martin Pitt on 2006-02-17

Import patches-applied version 0.7.1-1ubuntu3 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: b01ea0601db23fa986bb665f51bf8504f670e083
Unapplied parent: f43acc816bc25696fe1636ac9b25d8d91319dc01

New changelog entries:
  * SECURITY UPDATE: telnetd remote DoS.
  * Add debian/patches/033_telnetd_remote_dos:
    - Apply upstream patch from 0.7.2 version: The attacker could force the
      server to crash in a NULL de-reference before the user logged in,
      resulting in inetd turning telnetd off because it forked too fast.
    - CVE-2006-0677

f43acc8... by Martin Pitt on 2006-02-17

Import patches-unapplied version 0.7.1-1ubuntu3 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 888448e4ae882d80a96cc471bd6376e905f2b22f

New changelog entries:
  * SECURITY UPDATE: telnetd remote DoS.
  * Add debian/patches/033_telnetd_remote_dos:
    - Apply upstream patch from 0.7.2 version: The attacker could force the
      server to crash in a NULL de-reference before the user logged in,
      resulting in inetd turning telnetd off because it forked too fast.
    - CVE-2006-0677

b01ea06... by Martin Pitt on 2006-02-08

Import patches-applied version 0.7.1-1ubuntu2 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: c05ff0ddca6ada2372e99bd02f285a5b6f029ebe
Unapplied parent: 888448e4ae882d80a96cc471bd6376e905f2b22f

New changelog entries:
  * Add debian/patches/001_rsdh_fixes.patch: Security and bug fixes
    for rshd, backported from 0.7.2 release:
    - Move creation of users ticket file to later to avoid seteuid/setuid
      dance. This allowed an authenticated user to overwrite and change the
      owner of arbitrary files. [CVE-2006-0582]
    - Disable DCE since above patch breaks it.
    - Check return value from asprintf instead of string != NULL since it
      is undefined behavior on Linux.

888448e... by Martin Pitt on 2006-02-08

Import patches-unapplied version 0.7.1-1ubuntu2 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 30abd037763dba2b55ed391b2d62a73e32a992d0

New changelog entries:
  * Add debian/patches/001_rsdh_fixes.patch: Security and bug fixes
    for rshd, backported from 0.7.2 release:
    - Move creation of users ticket file to later to avoid seteuid/setuid
      dance. This allowed an authenticated user to overwrite and change the
      owner of arbitrary files. [CVE-2006-0582]
    - Disable DCE since above patch breaks it.
    - Check return value from asprintf instead of string != NULL since it
      is undefined behavior on Linux.

c05ff0d... by Martin Pitt on 2005-11-23

Import patches-applied version 0.7.1-1ubuntu1 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: f05d9f3ce64dd501f99f08c7480e361f5856b0f5
Unapplied parent: 30abd037763dba2b55ed391b2d62a73e32a992d0

New changelog entries:
  * Upgrade to new heimdal version to get rid of Kerberos 4.
  * debian/control: Build against libdb4.3.
  * debian/rules: Do not install /usr/include/ss/ss.h, that's ss-dev's area.
  * New upstream version.
  * Remove krb4 support (closes: #315059, #334632).
  * Conflict with krb4.
  * Add alternative depends of debconf-2.0 in heimdal-kdc. Closes
    <URL:http://lists.debian.org/debian-devel/2005/08/msg00136.html>.
  * Update sv translations (closes: #330318).
  * Rebuild to fix broken *.la files (closes: #316980).
  * Modify rxtelnet and rxterm to use ktelnet and krsh (closes: #274063).
  * Add Vietnamese debconf translation (closes: #314197).
  * Add Czech debconf translation (closes: #314749).
  * Move string2key into heimdal-clients (closes: #314365).
  * Fix LDAP searches (closes: #318409).
  * Apply patch to fix "Remotely exploitable buffer overflow in
    getterminaltype function", reported in Secunia advisory SA15718 at
    http://secunia.com/advisories/15718/. Closes: #315065.
  * LDAP support (closes: #95246).
  * Fix buffer overflow security bug in telnet client, CAN-2005-0469,
    closes: #305574.
  * Add Japanese debconf translation (closes: #302485)
  * Updated replaces for heimdal-clients (closes: #303751).
  * Support update-alternatives with rcp man page (closes: #303753).
  * Apply patch to build on amd64 (closes: #300811).
  * Move verify_krb5_conf man page to heimdal-clients (closes: #299905).
  * Include danish debconf translations (closes: #296987).
  * Add missing (versioned) comerr-dev to build depends (closes: #293270).
  * Remove setconfig from built package, the new kdc.conf config broke this
    script, and the config it changed wasn't used by Heimdal anyway.
    Closes: #289295.
  * Add patch from upstream to stop KDC crashing with SIGPIPE error.
    Closes: #284498.
  * Make conflict between heimdal-kdc and krb5-admin-server explicit, see
    #274763 for details.
  * Supply better example kdc.conf (closes: #210575). I deliberately omitted
    the database setting as upstream say it isn't currently usable and will
    change soon. Improvements welcome.
  * Fix hardcoded paths to work with openafs (closes: #286249).
  * Add new German debconf translations (closes: #284375).
  * Set Project-Id-Version, PO-Revision-Date, Last-Translator fields to
    Swedish and Russian translations from information in BTS.
  * Remove kerberos.8.gz man page. This hack is to remove the conflict with
    kerberos4kth which also contains the same file. It doesn't appear worth
    keeping. See bug #274763 for details on conflict.
  * Add note concerning above item in README.Debian.
  * Make conflict between heimdal-kdc and krb5-kdc explicit, see #274763
    for details.
  * Adding the attached Brazilian Portuguese templates (closes: #278730).
  * Fix typo in prerm script (closes: #280354).
  * Move kerberos.8.gz from heimdal-servers into heimdal-docs package.
  * Move kadmind.8.gz from heimdal-servers into heimdal-kdc package.
  * Conflict with pop3-server instead of qpopper (closes: #274774).
  * Stop all daemons as long as PID file exists, regardless if deamon is
    enabled or not (closes: #266575).
  * Add Dutch po-debconf translations (closes: #263597).
  * Add some cleanups recommended in #95246 to debian/rules.
    * Remove debian/*.ex files.
    * Remove debian/control.* files.
    * Remove debian/ex.doc-base.package.
    * Remove obsolete libtool hack.
    * Remove calls to obsolete dh_suidregister program.
  * New upstream version.
  * New upstream version.
  * Fixes security bugs in FTP server.
  * Update replaces header for heimdal-clients, to allow for push.8.gz
    moving from heimdal-servers to heimdal-clients (closes: #264979).
  * Cave in to pressure and remove libdb4.2-dev from depends in
    heimdal-dev. See bug #253894 for reasons, both for and against.
  * Add patch 000_afslog to make afslog work (closes: #261065).

30abd03... by Martin Pitt on 2005-11-23

Import patches-unapplied version 0.7.1-1ubuntu1 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 7f08c12324fb3c6237b0ccd091ea095cc551d980

New changelog entries:
  * Upgrade to new heimdal version to get rid of Kerberos 4.
  * debian/control: Build against libdb4.3.
  * debian/rules: Do not install /usr/include/ss/ss.h, that's ss-dev's area.
  * New upstream version.
  * Remove krb4 support (closes: #315059, #334632).
  * Conflict with krb4.
  * Add alternative depends of debconf-2.0 in heimdal-kdc. Closes
    <URL:http://lists.debian.org/debian-devel/2005/08/msg00136.html>.
  * Update sv translations (closes: #330318).
  * Rebuild to fix broken *.la files (closes: #316980).
  * Modify rxtelnet and rxterm to use ktelnet and krsh (closes: #274063).
  * Add Vietnamese debconf translation (closes: #314197).
  * Add Czech debconf translation (closes: #314749).
  * Move string2key into heimdal-clients (closes: #314365).
  * Fix LDAP searches (closes: #318409).
  * Apply patch to fix "Remotely exploitable buffer overflow in
    getterminaltype function", reported in Secunia advisory SA15718 at
    http://secunia.com/advisories/15718/. Closes: #315065.
  * LDAP support (closes: #95246).
  * Fix buffer overflow security bug in telnet client, CAN-2005-0469,
    closes: #305574.
  * Add Japanese debconf translation (closes: #302485)
  * Updated replaces for heimdal-clients (closes: #303751).
  * Support update-alternatives with rcp man page (closes: #303753).
  * Apply patch to build on amd64 (closes: #300811).
  * Move verify_krb5_conf man page to heimdal-clients (closes: #299905).
  * Include danish debconf translations (closes: #296987).
  * Add missing (versioned) comerr-dev to build depends (closes: #293270).
  * Remove setconfig from built package, the new kdc.conf config broke this
    script, and the config it changed wasn't used by Heimdal anyway.
    Closes: #289295.
  * Add patch from upstream to stop KDC crashing with SIGPIPE error.
    Closes: #284498.
  * Make conflict between heimdal-kdc and krb5-admin-server explicit, see
    #274763 for details.
  * Supply better example kdc.conf (closes: #210575). I deliberately omitted
    the database setting as upstream say it isn't currently usable and will
    change soon. Improvements welcome.
  * Fix hardcoded paths to work with openafs (closes: #286249).
  * Add new German debconf translations (closes: #284375).
  * Set Project-Id-Version, PO-Revision-Date, Last-Translator fields to
    Swedish and Russian translations from information in BTS.
  * Remove kerberos.8.gz man page. This hack is to remove the conflict with
    kerberos4kth which also contains the same file. It doesn't appear worth
    keeping. See bug #274763 for details on conflict.
  * Add note concerning above item in README.Debian.
  * Make conflict between heimdal-kdc and krb5-kdc explicit, see #274763
    for details.
  * Adding the attached Brazilian Portuguese templates (closes: #278730).
  * Fix typo in prerm script (closes: #280354).
  * Move kerberos.8.gz from heimdal-servers into heimdal-docs package.
  * Move kadmind.8.gz from heimdal-servers into heimdal-kdc package.
  * Conflict with pop3-server instead of qpopper (closes: #274774).
  * Stop all daemons as long as PID file exists, regardless if deamon is
    enabled or not (closes: #266575).
  * Add Dutch po-debconf translations (closes: #263597).
  * Add some cleanups recommended in #95246 to debian/rules.
    * Remove debian/*.ex files.
    * Remove debian/control.* files.
    * Remove debian/ex.doc-base.package.
    * Remove obsolete libtool hack.
    * Remove calls to obsolete dh_suidregister program.
  * New upstream version.
  * New upstream version.
  * Fixes security bugs in FTP server.
  * Update replaces header for heimdal-clients, to allow for push.8.gz
    moving from heimdal-servers to heimdal-clients (closes: #264979).
  * Cave in to pressure and remove libdb4.2-dev from depends in
    heimdal-dev. See bug #253894 for reasons, both for and against.
  * Add patch 000_afslog to make afslog work (closes: #261065).