[ubuntu/natty] krb5 1.8.3+dfsg-4ubuntu1 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Wed Feb 16 18:35:32 UTC 2011 

krb5 (1.8.3+dfsg-4ubuntu1) natty; urgency=low

  * SECURITY UPDATE: kpropd denial of service via invalid network input
    - src/slave/kpropd.c: don't return on kpropd child exit; applied
      inline.
    - CVE-2010-4022
    - MITKRB5-SA-2011-001
  * SECURITY UPDATE: kdc denial of service from unauthenticated remote
    attackers
    - src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h,
      src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c,
      src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c,
      src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c:
      applied inline
    - CVE-2011-0281
    - CVE-2011-0282
    - MITKRB5-SA-2011-002

Date: Fri, 11 Feb 2011 10:48:06 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/krb5/1.8.3+dfsg-4ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 11 Feb 2011 10:48:06 -0800
Source: krb5
Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit7 libkadm5clnt-mit7 libk5crypto3 libkdb5-4 libkrb5support0 libkrb53
Architecture: source
Version: 1.8.3+dfsg-4ubuntu1
Distribution: natty
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 krb5-admin-server - MIT Kerberos master server (kadmind)
 krb5-doc   - Documentation for MIT Kerberos
 krb5-kdc   - MIT Kerberos key server (KDC)
 krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
 krb5-multidev - Development files for MIT Kerberos without Heimdal conflict
 krb5-pkinit - PKINIT plugin for MIT Kerberos
 krb5-user  - Basic programs to authenticate using MIT Kerberos
 libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
 libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
 libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
 libkadm5clnt-mit7 - MIT Kerberos runtime libraries - Administration Clients
 libkadm5srv-mit7 - MIT Kerberos runtime libraries - KDC and Admin Server
 libkdb5-4  - MIT Kerberos runtime libraries - Kerberos database
 libkrb5-3  - MIT Kerberos runtime libraries
 libkrb5-dbg - Debugging files for MIT Kerberos
 libkrb5-dev - Headers and development libraries for MIT Kerberos
 libkrb53   - transitional package for MIT Kerberos libraries
 libkrb5support0 - MIT Kerberos runtime libraries - Support library
Changes: 
 krb5 (1.8.3+dfsg-4ubuntu1) natty; urgency=low
 .
   * SECURITY UPDATE: kpropd denial of service via invalid network input
     - src/slave/kpropd.c: don't return on kpropd child exit; applied
       inline.
     - CVE-2010-4022
     - MITKRB5-SA-2011-001
   * SECURITY UPDATE: kdc denial of service from unauthenticated remote
     attackers
     - src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h,
       src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c,
       src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c,
       src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c:
       applied inline
     - CVE-2011-0281
     - CVE-2011-0282
     - MITKRB5-SA-2011-002
Checksums-Sha1: 
 055d35c578dfd4738b814da9256910d0117d1e61 2325 krb5_1.8.3+dfsg-4ubuntu1.dsc
 4fa1bfab9ed91bc658a5492e8211bdaa9eec9825 106308 krb5_1.8.3+dfsg-4ubuntu1.diff.gz
Checksums-Sha256: 
 e6124fd79298feaef1c94ed76006fb36e4cba1d5eab7c7d02342e02ba06a6b35 2325 krb5_1.8.3+dfsg-4ubuntu1.dsc
 27bec33194925e738557e06e69c93a73e9e91441c6ea130d7bdc75d64d374f36 106308 krb5_1.8.3+dfsg-4ubuntu1.diff.gz
Files: 
 032f4fce5e1c10762bcbc7424410afe2 2325 net standard krb5_1.8.3+dfsg-4ubuntu1.dsc
 21155daaee0ec7700418b246d7ea2c72 106308 net standard krb5_1.8.3+dfsg-4ubuntu1.diff.gz
Original-Maintainer: Sam Hartman <hartmans at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCgAGBQJNXBgnAAoJEFHb3FjMVZVzAzkP+gIqG0gbAu732JcFtBt/ddhg
2IqYEroe5ZY0vZCAu4NYflc7qo9KARfjom3g4iayOXyC/0gwX/W08Tjg9N9tIpRI
KmbfpQGcXZxENyWmenrnMyrmofiZ7TUJkycpbZutmZ5+UNwoilO9T7zKDwfbFenS
Yu8cPjfGXW5VgUbpboaoYoZ4ikSmHjGpttg4Os1Q051Qk44SRT+VN17TK9/F6i+z
ed3eO1OalQoTU5QepkHhH8MMiFRsg66wc+juLXNRLjHtymdE2P+4vaSLvgk3JXqr
b6s0dqd+w4w2yev/VQTWbtZbFYe5M2cS3vilMfzyEe61o5v3To5FlGJRKpgw6y6z
Kap2fQ6wMKtbQE1S9jKbl5soHEQxlAcAcv5K/lnklijqPb+FVLHRs26YXXRvFEwZ
0JaDq4dK19vTw7UxeQPHicc5Fw8Jt3Cke23/QHPcL9xpecv8SHNz2JCk+Q3pEYtS
uMCVXRzRLSbJOrCcrV9L1P2rSGfcd/8A0a+u7/HVlqLN0n9QhNLFsIUJA/sa5Iqx
RwwgzXh9uPPIhOXLlRUesNqF5de8fp90zEeMkCZJmQlNlY6/cBjTqGUCaBDhKuBM
bL39I+2Hx04y8pt7T6f3K5gBuPLFARyU3Ce5IOv1GEy7f4lzHDwGl+OAXMAO9v80
zHfCMqtyXVFIXuAYzgr3
=qWvg
-----END PGP SIGNATURE-----

More information about the Natty-changes mailing list