[Bug 2040386] Re: Merge krb5 from Debian unstable for noble

Andreas Hasenack 2040386 at bugs.launchpad.net
Tue Jan 2 22:47:09 UTC 2024 

This is a sync at the moment.

** Changed in: krb5 (Ubuntu)
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/2040386

Title:
  Merge krb5 from Debian unstable for noble

Status in krb5 package in Ubuntu:
  Incomplete

Bug description:
  Upstream: tbd
  Debian:   1.20.1-5    
  Ubuntu:   1.20.1-3ubuntu1


  Debian does new releases regularly, so it's likely there will be newer
  versions available before FF that we can pick up if this merge is done
  later in the cycle.

  If it turns out this needs a sync rather than a merge, please change
  the tag 'needs-merge' to 'needs-sync', and (optionally) update the
  title as desired.

  
  ### New Debian Changes ###

  krb5 (1.20.1-5) unstable; urgency=medium

    [ Helmut Grohne ]
    * Annotate test dependencies <!nocheck>. (Closes: #1054461)

    [ Sam Hartman ]
    * Fix keyutils to be linux-any

   -- Helmut Grohne <helmut at subdivi.de>  Tue, 24 Oct 2023 07:17:27 +0200

  krb5 (1.20.1-4) unstable; urgency=low

    [ Steve Langasek ]
    * libkrb5support0: require strict binary dependency to deal with glibc 2.38, Closes: #1043184

    [Jelmer Vernooij]
    * krb5-user: Use alternatives for kinit, klist, kswitch, ksu, kpasswd,
      kdestroy, kadmin and ktutil. This allows installation
      together with heimdal-clients. Closes: #213316, #751203

    [ Sam Hartman ]
    * Enable build-time tests, Thanks Andreas Hasenack, Closes: #1017763
    * Work around doxygen change that breaks doc build, Thanks Greg
      Hudson, Closes: #1051523

   -- Sam Hartman <hartmans at debian.org>  Mon, 11 Sep 2023 11:06:57 -0600

  krb5 (1.20.1-3) unstable; urgency=high

    * Fixes CVE-2023-36054: a  remote authenticated attacker can cause
      kadmind to free an uninitialized pointer.  Upstream believes remote
      code execusion is unlikely, Closes: #1043431 

   -- Sam Hartman <hartmans at debian.org>  Mon, 14 Aug 2023 14:06:53 -0600

  krb5 (1.20.1-2) unstable; urgency=medium

    * Tighten dependencies on libkrb5support0.  This means that the entire
      upgrade from bullseye to bookworm needs to be lockstep, but it appears
      that's what is required, Closes: #1036055
    

   -- Sam Hartman <hartmans at debian.org>  Mon, 15 May 2023 17:44:41 -0600

  krb5 (1.20.1-1) unstable; urgency=high

    [ Bastian Germann ]
    * Sync debian/copyright with NOTICE from upstream

    [ Debian Janitor ]
    * Trim trailing whitespace.
    * Strip unusual field spacing from debian/control.
    * Use secure URI in Homepage field.
    * Merge upstream signing key files.
    * Update renamed lintian tag names in lintian overrides.
    * Update standards version to 4.6.1, no changes needed.
    * Remove field Section on binary package krb5-gss-samples that
      duplicates source.
    * Fix field name cases in debian/control (VCS-Browser => Vcs-Browser,
      VCS-Git => Vcs-Git).

    [ Sam Hartman ]
    * New upstream release
      - Integer overflows in PAC parsing; potentially critical for 32-bit
      KDCs or when cross-realm acts maliciously; DOS in other conditions;
      CVE-2022-42898, Closes: #1024267
    * Tighten version dependencies around crypto library, Closes: 1020424
    * krb5-user reccomends rather than Depends on krb5-config.  This avoids
      a hard dependency on bind9-host, but also supports cases where
      krb5-config is externally managed, Closes: #1005821

   -- Sam Hartman <hartmans at debian.org>  Thu, 17 Nov 2022 10:34:28 -0700

  krb5 (1.20-1) unstable; urgency=medium

    * New Upstream Version
    * Do not specify master key type to avoid weak crypto, Closes: #1009927

   -- Sam Hartman <hartmans at debian.org>  Fri, 22 Jul 2022 16:32:38 -0600

  krb5 (1.20~beta1-1) experimental; urgency=medium

    * New Upstream version

   -- Sam Hartman <hartmans at debian.org>  Thu, 07 Apr 2022 11:57:27 -0600

  krb5 (1.19.2-2) unstable; urgency=medium

    * Standards version 4.6.0; no change
    * kpropd: run after network.target, Closes: #948820
    * krb5-kdc: Remove /var from PidFile, Closes: #982009

   -- Sam Hartman <hartmans at debian.org>  Mon, 21 Feb 2022 13:05:20 -0700

  krb5 (1.19.2-1) experimental; urgency=medium

    * New Upstream version
    * Include patch to work with OpenSSL 3.0, Closes: #995152
    * Depend on tex-gyre, Closes: #997407


  
  ### Old Ubuntu Delta ###

  krb5 (1.20.1-3ubuntu1) mantic; urgency=medium

    * Make krb5int_strl(cat|copy) optional symbols, since they are not needed
      when built against glibc 2.38.  Closes: #1043184.
    * Declare Breaks: against older packages using these symbols.
    * Make dependencies on libkrb5support0 strict to avoid future symbol skew.

   -- Steve Langasek <steve.langasek at ubuntu.com>  Thu, 24 Aug 2023
  18:07:33 +0000

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/2040386/+subscriptions

More information about the foundations-bugs mailing list