Accepted krb5 1.6.dfsg.1-5 (source)

Fri Jun 29 11:12:58 BST 2007

Accepted:
 OK: krb5_1.6.dfsg.1.orig.tar.gz
 OK: krb5_1.6.dfsg.1-5.diff.gz
 OK: krb5_1.6.dfsg.1-5.dsc
     -> Component: main Section: net

Origin: Debian/unstable
Format: 1.7
Date: Fri,  29 Jun 2007 11:10:35 +0100
Source: krb5
Binary: krb5-telnetd, krb5-clients, libkrb5-dev, krb5-ftpd, krb5-doc, krb5-user, libkrb5-dbg, libkadm55, libkrb53, krb5-kdc, krb5-rsh-server, krb5-admin-server
Architecture: source
Version: 1.6.dfsg.1-5
Distribution: gutsy
Urgency: critical
Maintainer: Sam Hartman <hartmans at debian.org>
Changed-By: Kees Cook <kees at ubuntu.com>
Changes: 
 krb5 (1.6.dfsg.1-5) unstable; urgency=emergency
 .
   * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized
     pointer or write past the end of a stack buffer.  This may lead to
     execution of arbitrary code.  (CVE-2007-2442, CVE-2007-2443)
   * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that
     may lead to execution of arbitrary code.  (CVE-2007-2798)
Files: 
 c4f41d2303a3d99a32501a62e46f9bac 1658176 net standard krb5_1.6.dfsg.1-5.diff.gz
 9dd153b5226963f14e50eab9b616530b 898 net standard krb5_1.6.dfsg.1-5.dsc