[ubuntu/maverick-security] krb5, krb5_1.8.1+dfsg-5ubuntu0.8_amd64_translations.tar.gz, krb5_1.8.1+dfsg-5ubuntu0.8_i386_translations.tar.gz, krb5_1.8.1+dfsg-5ubuntu0.8_armel_translations.tar.gz, krb5_1.8.1+dfsg-5ubuntu0.8_powerpc_translations.tar.gz 1.8.1+dfsg-5ubuntu0.8 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Tue Oct 18 22:04:08 UTC 2011
krb5 (1.8.1+dfsg-5ubuntu0.8) maverick-security; urgency=low
* SECURITY UPDATE: fix multiple kdc DoS issues:
- db2/lockout.c, ldap/libkdb_ldap/ldap_principal2.c,
ldap/libkdb_ldap/lockout.c:
+ more strict checking for null pointers
+ disable assert and return when db is locked
+ applied inline from upstream
- CVE-2011-1528 and CVE-2011-1529
- MITKRB5-SA-2011-006
Date: Tue, 11 Oct 2011 06:52:39 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/krb5/1.8.1+dfsg-5ubuntu0.8
-------------- next part --------------
Format: 1.8
Date: Tue, 11 Oct 2011 06:52:39 -0700
Source: krb5
Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit7 libkadm5clnt-mit7 libk5crypto3 libkdb5-4 libkrb5support0
Architecture: source
Version: 1.8.1+dfsg-5ubuntu0.8
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description:
krb5-admin-server - MIT Kerberos master server (kadmind)
krb5-doc - Documentation for MIT Kerberos
krb5-kdc - MIT Kerberos key server (KDC)
krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
krb5-multidev - Development files for MIT Kerberos without Heimdal conflict
krb5-pkinit - PKINIT plugin for MIT Kerberos
krb5-user - Basic programs to authenticate using MIT Kerberos
libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
libkadm5clnt-mit7 - MIT Kerberos runtime libraries - Administration Clients
libkadm5srv-mit7 - MIT Kerberos runtime libraries - KDC and Admin Server
libkdb5-4 - MIT Kerberos runtime libraries - Kerberos database
libkrb5-3 - MIT Kerberos runtime libraries
libkrb5-dbg - Debugging files for MIT Kerberos
libkrb5-dev - Headers and development libraries for MIT Kerberos
libkrb5support0 - MIT Kerberos runtime libraries - Support library
Changes:
krb5 (1.8.1+dfsg-5ubuntu0.8) maverick-security; urgency=low
.
* SECURITY UPDATE: fix multiple kdc DoS issues:
- db2/lockout.c, ldap/libkdb_ldap/ldap_principal2.c,
ldap/libkdb_ldap/lockout.c:
+ more strict checking for null pointers
+ disable assert and return when db is locked
+ applied inline from upstream
- CVE-2011-1528 and CVE-2011-1529
- MITKRB5-SA-2011-006
Checksums-Sha1:
cb7830f336af1b30a33e44e2bc82f7d70b238cef 2323 krb5_1.8.1+dfsg-5ubuntu0.8.dsc
76a088dc41ab49d7f9296fe899533b7318faac5f 135961 krb5_1.8.1+dfsg-5ubuntu0.8.diff.gz
Checksums-Sha256:
086d11dd789f9d3c15e5f2c4fc3ea9915cdecbd35dafbba3d1c3085934952140 2323 krb5_1.8.1+dfsg-5ubuntu0.8.dsc
c48f8496646868fa10d5d53ff595870e2b7e2c75ef916f529e01334930d0c8ed 135961 krb5_1.8.1+dfsg-5ubuntu0.8.diff.gz
Files:
67d137a7ce144c94e3da889af4de0161 2323 net standard krb5_1.8.1+dfsg-5ubuntu0.8.dsc
37d467c96342f60cd3e1edb4be2a03ce 135961 net standard krb5_1.8.1+dfsg-5ubuntu0.8.diff.gz
Original-Maintainer: Sam Hartman <hartmans at debian.org>
More information about the Maverick-changes
mailing list