[ubuntu/hirsute-proposed] libpam-krb5 4.9-1 (Accepted)
Balint Reczey
balint.reczey at canonical.com
Mon Nov 2 11:06:56 UTC 2020
libpam-krb5 (4.9-1) unstable; urgency=high
* New upstream release.
- Fix potential one-byte buffer overflow when relaying prompts from
the underlying Kerberos library. (CVE-2020-10595)
- Support use_pkinit with MIT Kerberos. (Closes: #871699)
- Reject passwords as long or longer than PAM_MAX_RESP_SIZE (512
octets) to avoid denial of service attacks.
- Use explicit_bzero to erase passwords before freeing.
- Return more accurate errors from the Kerberos prompter function.
- Fix an edge-case memory leak in pam_chauthtok.
* Update to debhelper compatibility level V12.
- Depend on debhelper-compat instead of debhelper.
* Update standards version to 4.5.0 (no changes required).
* Refresh upstream signing key.
Date: 2020-03-31 10:31:29.624340+00:00
Changed-By: Russ Allbery <rra at debian.org>
Signed-By: Balint Reczey <balint.reczey at canonical.com>
https://launchpad.net/ubuntu/+source/libpam-krb5/4.9-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Hirsute-changes
mailing list