[ubuntu/natty] krb5 1.8.3+dfsg-2 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Nov 8 11:16:13 GMT 2010 

krb5 (1.8.3+dfsg-2) unstable; urgency=high

  * MITKRB5-SA-2010-006 [CVE-2010-1322]: null pointer dereference in
    kdc_authdata.c leading to KDC crash, Closes: #599237
  * Fix two memory leaks in krb5_get_init_creds path; one of these memory
    leaks is quite common for any application such as PAM or kinit that
    gets initial credentials, thanks Bastian Blank, Closes: #598032
  * Install doc/CHANGES only in krb5-doc, not in all packages, saves
    several megabytes on most Debian systems, Closes: #599562

krb5 (1.8.3+dfsg-1) unstable; urgency=low

  * New Upstream release; only change is version bump from beta1 to final 
  * Bring back a libkrb53 oldlibs package. Note that this is technically a
    policy violation because it doesn't provide libdes425.so.3 or
    libkrb4.so.2 and thus provides a different ABI. However, some
    packages, such as postgres8.4 require the lenny version to be present
    for the squeeze transition, so we cannot force the removal of
    libkrb53's reverse dependencies. We can conflict or break with lenny
    packages that will not work with this libkrb53, but we may break
    out-of-archive packages without notice. Absent someone coming up with
    a patch to the modern libk5crypto-3 that allows it to work with the
    lenny libkrb53 (a weekend's worth of work proved this would be quite
    difficult), this is the best solution we've come up with, Closes: #596678

krb5 (1.8.3+dfsg~beta1-2) unstable; urgency=low

  * Remove documentation that has moved to the krb5-appl package and is
    not shipped upstream from Debian diff

krb5 (1.8.3+dfsg~beta1-1) unstable; urgency=low

  * New Upstream version
  * Add breaks with libkrb53 because libdes425 cannot work with new
    libk5crypto3 (Closes: #557929)
  * You want this version: it fixes an incompatibility with how PACs are
    verified with Windows 2008
  * As a result of libkrb53 breaks, we no longer get into problems with
    krb5int_hmac, Closes: #566988 
  * Note that libkdb5-4 breaks rather than conflicts libkadm5srv6, Closes:
    #565429
  * Start kdc  before x display managers, Closes: #588536

Date: Mon,  08 Nov 2010 11:14:51 +0000
Changed-By: Kees Cook <kees at ubuntu.com>
Maintainer: Sam Hartman <hartmans at debian.org>
Origin: Debian/unstable
https://launchpad.net/ubuntu/natty/+source/krb5/1.8.3+dfsg-2
-------------- next part --------------
Origin: Debian/unstable
Format: 1.7
Date: Mon,  08 Nov 2010 11:14:51 +0000
Source: krb5
Binary: krb5-user, krb5-kdc, krb5-kdc-ldap, krb5-admin-server, krb5-multidev, libkrb5-dev, libkrb5-dbg, krb5-pkinit, krb5-doc, libkrb5-3, libgssapi-krb5-2, libgssrpc4, libkadm5srv-mit7, libkadm5clnt-mit7, libk5crypto3, libkdb5-4, libkrb5support0, libkrb53
Architecture: source
Version: 1.8.3+dfsg-2
Distribution: natty
Urgency: high
Maintainer: Sam Hartman <hartmans at debian.org>
Changed-By: Kees Cook <kees at ubuntu.com>
Closes: 557929 565429 566988 588536 596678 598032 599237 599562
Files:
 6b208637412557edd7ac84face327f72 1575 net standard krb5_1.8.3+dfsg-2.dsc
 832d97716605693953abd5a3d0119c1c 98814 net standard krb5_1.8.3+dfsg-2.diff.gz
 a8bba2ef00a4afb18a2bdeec1deb6462 11564633 net standard krb5_1.8.3+dfsg.orig.tar.gz
Changes:
 krb5 (1.8.3+dfsg-2) unstable; urgency=high
 .
   * MITKRB5-SA-2010-006 [CVE-2010-1322]: null pointer dereference in
     kdc_authdata.c leading to KDC crash, Closes: #599237
   * Fix two memory leaks in krb5_get_init_creds path; one of these memory
     leaks is quite common for any application such as PAM or kinit that
     gets initial credentials, thanks Bastian Blank, Closes: #598032
   * Install doc/CHANGES only in krb5-doc, not in all packages, saves
     several megabytes on most Debian systems, Closes: #599562
 .
 krb5 (1.8.3+dfsg-1) unstable; urgency=low
 .
   * New Upstream release; only change is version bump from beta1 to final 
   * Bring back a libkrb53 oldlibs package. Note that this is technically a
     policy violation because it doesn't provide libdes425.so.3 or
     libkrb4.so.2 and thus provides a different ABI. However, some
     packages, such as postgres8.4 require the lenny version to be present
     for the squeeze transition, so we cannot force the removal of
     libkrb53's reverse dependencies. We can conflict or break with lenny
     packages that will not work with this libkrb53, but we may break
     out-of-archive packages without notice. Absent someone coming up with
     a patch to the modern libk5crypto-3 that allows it to work with the
     lenny libkrb53 (a weekend's worth of work proved this would be quite
     difficult), this is the best solution we've come up with, Closes: #596678
 .
 krb5 (1.8.3+dfsg~beta1-2) unstable; urgency=low
 .
   * Remove documentation that has moved to the krb5-appl package and is
     not shipped upstream from Debian diff
 .
 krb5 (1.8.3+dfsg~beta1-1) unstable; urgency=low
 .
   * New Upstream version
   * Add breaks with libkrb53 because libdes425 cannot work with new
     libk5crypto3 (Closes: #557929)
   * You want this version: it fixes an incompatibility with how PACs are
     verified with Windows 2008
   * As a result of libkrb53 breaks, we no longer get into problems with
     krb5int_hmac, Closes: #566988 
   * Note that libkdb5-4 breaks rather than conflicts libkadm5srv6, Closes:
     #565429
   * Start kdc  before x display managers, Closes: #588536

More information about the Natty-changes mailing list