[ubuntu/karmic-security] krb5, krb5_1.7dfsg~beta3-1ubuntu0.7_amd64_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.7_i386_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.7_armel_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.7_sparc_translations.tar.gz (delayed), krb5_1.7dfsg~beta3-1ubuntu0.7_ia64_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.7_lpia_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.7_powerpc_translations.tar.gz 1.7dfsg~beta3-1ubuntu0.7 (Accepted)

Ubuntu Installer archive at ubuntu.com
Thu Dec 9 14:04:34 GMT 2010 

krb5 (1.7dfsg~beta3-1ubuntu0.7) karmic-security; urgency=low

  * SECURITY UPDATE: message forgery and privilege escalation via
    unacceptable checksums
    - src/lib/crypto/krb/dk/derive.c, src/lib/crypto/krb/keyed_checksum_types.c,
      src/lib/gssapi/krb5/util_crypt.c, src/lib/krb5/krb/mk_safe.c,
      src/lib/krb5/krb/pac.c, src/lib/krb5/krb/preauth2.c,
      src/plugins/preauth/pkinit/pkinit_srv.c: patched inline, thanks to
      upstream.
    - CVE-2010-1323
    - CVE-2010-1324
    - MITKRB5-SA-2010-007
  * SECURITY UPDATE: client impersonation via KrbFastReq forgery issue.
    - src/kdc/fast_util.c: patched inline.
    - CVE-2010-4021

Date: Wed, 08 Dec 2010 10:00:27 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/krb5/1.7dfsg~beta3-1ubuntu0.7
-------------- next part --------------
Format: 1.8
Date: Wed, 08 Dec 2010 10:00:27 -0500
Source: krb5
Binary: krb5-user krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd krb5-kdc krb5-kdc-ldap krb5-admin-server libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv6 libkadm5clnt6 libk5crypto3 libkdb5-4 libkrb5support0
Architecture: source
Version: 1.7dfsg~beta3-1ubuntu0.7
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 krb5-admin-server - MIT Kerberos master server (kadmind)
 krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos
 krb5-doc   - Documentation for MIT Kerberos
 krb5-ftpd  - Secure FTP server supporting MIT Kerberos
 krb5-kdc   - MIT Kerberos key server (KDC)
 krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
 krb5-pkinit - PKINIT plugin for MIT Kerberos
 krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos
 krb5-telnetd - Secure telnet server supporting MIT Kerberos
 krb5-user  - Basic programs to authenticate using MIT Kerberos
 libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
 libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
 libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
 libkadm5clnt6 - MIT Kerberos runtime libraries - Administration Clients
 libkadm5srv6 - MIT Kerberos runtime libraries - KDC and Admin Server
 libkdb5-4  - MIT Kerberos runtime libraries - Kerberos database
 libkrb5-3  - MIT Kerberos runtime libraries
 libkrb5-dbg - Debugging files for MIT Kerberos
 libkrb5-dev - Headers and development libraries for MIT Kerberos
 libkrb5support0 - MIT Kerberos runtime libraries - Support library
Changes: 
 krb5 (1.7dfsg~beta3-1ubuntu0.7) karmic-security; urgency=low
 .
   * SECURITY UPDATE: message forgery and privilege escalation via
     unacceptable checksums
     - src/lib/crypto/krb/dk/derive.c, src/lib/crypto/krb/keyed_checksum_types.c,
       src/lib/gssapi/krb5/util_crypt.c, src/lib/krb5/krb/mk_safe.c,
       src/lib/krb5/krb/pac.c, src/lib/krb5/krb/preauth2.c,
       src/plugins/preauth/pkinit/pkinit_srv.c: patched inline, thanks to
       upstream.
     - CVE-2010-1323
     - CVE-2010-1324
     - MITKRB5-SA-2010-007
   * SECURITY UPDATE: client impersonation via KrbFastReq forgery issue.
     - src/kdc/fast_util.c: patched inline.
     - CVE-2010-4021
Checksums-Sha1: 
 070d5db8fd631d1965e002983da0bb53f1659fb3 2382 krb5_1.7dfsg~beta3-1ubuntu0.7.dsc
 350c2d1ed3bac8823b593493c9a487f81486da23 114478 krb5_1.7dfsg~beta3-1ubuntu0.7.diff.gz
Checksums-Sha256: 
 7030a4829a70225e45f27da34337af0356933de126fa37a693c2c5f9d010e72e 2382 krb5_1.7dfsg~beta3-1ubuntu0.7.dsc
 16a1c12eff9f9cf7362c96e658017d3d91bc1f721b5765d24ca5ee84f67a18d4 114478 krb5_1.7dfsg~beta3-1ubuntu0.7.diff.gz
Files: 
 a2c9a0ad43310cdcec913a2f1a16ff8c 2382 net standard krb5_1.7dfsg~beta3-1ubuntu0.7.dsc
 579dc2430cd9cc0c4196f9aab3a02ec0 114478 net standard krb5_1.7dfsg~beta3-1ubuntu0.7.diff.gz
Original-Maintainer: Sam Hartman <hartmans at debian.org>

More information about the Karmic-changes mailing list