[Bug 730817] [NEW] Please sync krb5-1.8.3+dfsg-5 from Debian Unstable.

Launchpad Bug Tracker 730817 at bugs.launchpad.net
Mon Mar 7 18:38:22 UTC 2011


You have been subscribed to a public bug by Chuck Short (zulcss):

Please sync krb5-1.8.3+dfsg-5 from Debian Unstable. The Ubuntu changes
can be dropped the CVE fixes are in the debian package as well. The
changelog summary is the following:

krb5 (1.8.3+dfsg-5) unstable; urgency=low

   * KDC/LDAP DOS    (CVE-2010-4022, CVE-2011-0281, and CVE-2011-0282,
     Closes: #613487
   * Fix delegation of credentials against Windows servers; significant
     interoperability issue, Closes: #611906
   * Set nt-srv-inst on TGS names to work against W2K8R2 KDCs, Closes:
     #616429
   * Don't fail authentication when PAC verification fails; support hmac-
     md5 checksums even for non-RC4 keys, Closes: #616728

 -- Sam Hartman <hartmans at debian.org>  Sun, 06 Mar 2011 18:08:35 -0500

This also fixes LP: #723840.

Thanks
chuck

** Affects: krb5 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
Please sync krb5-1.8.3+dfsg-5 from Debian Unstable.
https://bugs.launchpad.net/bugs/730817
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is a direct subscriber.



More information about the ubuntu-archive mailing list