[ubuntu/precise-security] krb5, krb5_1.10+dfsg~beta1-2ubuntu0.3_powerpc_translations.tar.gz, krb5_1.10+dfsg~beta1-2ubuntu0.3_armel_translations.tar.gz, krb5_1.10+dfsg~beta1-2ubuntu0.3_amd64_translations.tar.gz, krb5_1.10+dfsg~beta1-2ubuntu0.3_i386_translations.tar.gz, krb5_1.10+dfsg~beta1-2ubuntu0.3_armhf_translations.tar.gz 1.10+dfsg~beta1-2ubuntu0.3 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Tue Jul 31 18:33:34 UTC 2012 

krb5 (1.10+dfsg~beta1-2ubuntu0.3) precise-security; urgency=low

  * SECURITY UPDATE: KDC heap corruption and crash vulnerabilities
    - debian/patches/MITKRB5-SA-2012-001.patch: initialize pointers both
      at allocation and assignment time
    - CVE-2012-1015, CVE-2012-1014
  * SECURITY UPDATE: denial of service in kadmind (LP: #1009422)
    - debian/patches/krb5-CVE-2012-1013.patch: check for null password
    - CVE-2012-1013
  * SECURITY UPDATE: insufficient ACL checking on get_strings/set_string
    - debian/patches/krb5-CVE-2012-1012.patch: make the access
      controls for get_strings/set_string mirror those of
      get_principal/modify_principal
    - CVE-2012-1012

Date: Thu, 26 Jul 2012 14:29:35 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/krb5/1.10+dfsg~beta1-2ubuntu0.3
-------------- next part --------------
Format: 1.8
Date: Thu, 26 Jul 2012 14:29:35 -0700
Source: krb5
Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit8 libkadm5clnt-mit8 libk5crypto3 libkdb5-6 libkrb5support0 krb5-gss-samples krb5-locales libkrb53
Architecture: source
Version: 1.10+dfsg~beta1-2ubuntu0.3
Distribution: precise-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 krb5-admin-server - MIT Kerberos master server (kadmind)
 krb5-doc   - Documentation for MIT Kerberos
 krb5-gss-samples - MIT Kerberos GSS Sample applications
 krb5-kdc   - MIT Kerberos key server (KDC)
 krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
 krb5-locales - Internationalization support for MIT Kerberos
 krb5-multidev - Development files for MIT Kerberos without Heimdal conflict
 krb5-pkinit - PKINIT plugin for MIT Kerberos
 krb5-user  - Basic programs to authenticate using MIT Kerberos
 libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
 libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
 libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
 libkadm5clnt-mit8 - MIT Kerberos runtime libraries - Administration Clients
 libkadm5srv-mit8 - MIT Kerberos runtime libraries - KDC and Admin Server
 libkdb5-6  - MIT Kerberos runtime libraries - Kerberos database
 libkrb5-3  - MIT Kerberos runtime libraries
 libkrb5-dbg - Debugging files for MIT Kerberos
 libkrb5-dev - Headers and development libraries for MIT Kerberos
 libkrb53   - transitional package for MIT Kerberos libraries
 libkrb5support0 - MIT Kerberos runtime libraries - Support library
Launchpad-Bugs-Fixed: 1009422
Changes: 
 krb5 (1.10+dfsg~beta1-2ubuntu0.3) precise-security; urgency=low
 .
   * SECURITY UPDATE: KDC heap corruption and crash vulnerabilities
     - debian/patches/MITKRB5-SA-2012-001.patch: initialize pointers both
       at allocation and assignment time
     - CVE-2012-1015, CVE-2012-1014
   * SECURITY UPDATE: denial of service in kadmind (LP: #1009422)
     - debian/patches/krb5-CVE-2012-1013.patch: check for null password
     - CVE-2012-1013
   * SECURITY UPDATE: insufficient ACL checking on get_strings/set_string
     - debian/patches/krb5-CVE-2012-1012.patch: make the access
       controls for get_strings/set_string mirror those of
       get_principal/modify_principal
     - CVE-2012-1012
Checksums-Sha1: 
 02a417a3a2460be0d96f40fc28c0a30046a72da3 3108 krb5_1.10+dfsg~beta1-2ubuntu0.3.dsc
 851ab44821984abef084de2fac6745341b78aca6 116779 krb5_1.10+dfsg~beta1-2ubuntu0.3.debian.tar.gz
Checksums-Sha256: 
 29888876e09da13ced163a7eb6aea6e446ffb57a9b9fe8a02c6edf80ffcc320d 3108 krb5_1.10+dfsg~beta1-2ubuntu0.3.dsc
 dadd200ce37e99ba70a55838527d561e9da9d13fec284b9b3a673951a6a3ef4e 116779 krb5_1.10+dfsg~beta1-2ubuntu0.3.debian.tar.gz
Files: 
 79864f35bed8edbb9b5c871a2a74efb8 3108 net standard krb5_1.10+dfsg~beta1-2ubuntu0.3.dsc
 5cfb288f083f187edfdf62912a7d2302 116779 net standard krb5_1.10+dfsg~beta1-2ubuntu0.3.debian.tar.gz
Original-Maintainer: Sam Hartman <hartmans at debian.org>

More information about the Precise-changes mailing list