Accepted krb5 1.4.4-5ubuntu3 (source)

Kees Cook kees at ubuntu.com
Wed Apr 4 00:00:26 BST 2007 

Accepted:
 OK: krb5_1.4.4-5ubuntu3.dsc
     -> Component: main Section: net
 OK: krb5_1.4.4-5ubuntu3.diff.gz

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue,  3 Apr 2007 15:34:58 -0700
Source: krb5
Binary: krb5-doc libkrb5-dev krb5-rsh-server krb5-user krb5-ftpd libkadm55 libkrb53 krb5-clients krb5-telnetd krb5-kdc krb5-admin-server libkrb5-dbg
Architecture: source
Version: 1.4.4-5ubuntu3
Distribution: feisty
Urgency: low
Maintainer: Sam Hartman <hartmans at debian.org>
Changed-By: Kees Cook <kees at ubuntu.com>
Description: 
 krb5-admin-server - MIT Kerberos master server (kadmind)
 krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos
 krb5-doc   - Documentation for MIT Kerberos
 krb5-ftpd  - Secure FTP server supporting MIT Kerberos
 krb5-kdc   - MIT Kerberos key server (KDC)
 krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos
 krb5-telnetd - Secure telnet server supporting MIT Kerberos
 krb5-user  - Basic programs to authenticate using MIT Kerberos
 libkadm55  - MIT Kerberos administration runtime libraries
 libkrb5-dbg - Debugging files for MIT Kerberos
 libkrb5-dev - Headers and development libraries for MIT Kerberos
 libkrb53   - MIT Kerberos runtime libraries
Changes: 
 krb5 (1.4.4-5ubuntu3) feisty; urgency=low
 .
   * SECURITY UPDATE: arbitrary login via telnet, arbitrary code execution
     via syslog buffer overflows, and heap corruption via GSS api.
   * src/appl/telnet/telnetd/{state,sys_term}.c: MIT-SA-2007-1 fix from
     upstream (CVE-2007-0956).
   * src/lib/kadm5/logger.c: MIT-SA-2007-2 fix from Debian, based on
     upstream fixes (CVE-2007-0957).
   * src/lib/gssapi/krb5/k5unseal.c: MIT-SA-2007-3 fix from upstream
     (CVE-2007-1216).
Files: 
 34f8d94b854640f2f7e6bf137ced66e4 880 net standard krb5_1.4.4-5ubuntu3.dsc
 1c4419c95ee5c3261348b927e897cc34 1577222 net standard krb5_1.4.4-5ubuntu3.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGEtu0H/9LqRcGPm0RAnriAKChbwi43o5q9ouFecszJCir1dAIWACfTWKz
KMli+xWRQzoqV+fmWQbeGdA=
=jElF
-----END PGP SIGNATURE-----

More information about the feisty-changes mailing list