[Bug 671672] [NEW] Sync krb5 1.8.3+dfsg-2 (main) from Debian unstable (main)
Kees Cook
kees at ubuntu.com
Fri Nov 5 23:36:46 GMT 2010
Public bug reported:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
affects ubuntu/krb5
status confirmed
importance wishlist
subscribe ubuntu-archive
done
Please sync krb5 1.8.3+dfsg-2 (main) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
Ubuntu changes are in Debian too now (MITKRB5-SA-2010-006)
Changelog entries since current natty version 1.8.1+dfsg-5ubuntu0.1:
krb5 (1.8.3+dfsg-2) unstable; urgency=high
* MITKRB5-SA-2010-006 [CVE-2010-1322]: null pointer dereference in
kdc_authdata.c leading to KDC crash, Closes: #599237
* Fix two memory leaks in krb5_get_init_creds path; one of these memory
leaks is quite common for any application such as PAM or kinit that
gets initial credentials, thanks Bastian Blank, Closes: #598032
* Install doc/CHANGES only in krb5-doc, not in all packages, saves
several megabytes on most Debian systems, Closes: #599562
-- Sam Hartman <hartmans at debian.org> Wed, 13 Oct 2010 10:41:19 -0400
krb5 (1.8.3+dfsg-1) unstable; urgency=low
* New Upstream release; only change is version bump from beta1 to final
* Bring back a libkrb53 oldlibs package. Note that this is technically a
policy violation because it doesn't provide libdes425.so.3 or
libkrb4.so.2 and thus provides a different ABI. However, some
packages, such as postgres8.4 require the lenny version to be present
for the squeeze transition, so we cannot force the removal of
libkrb53's reverse dependencies. We can conflict or break with lenny
packages that will not work with this libkrb53, but we may break
out-of-archive packages without notice. Absent someone coming up with
a patch to the modern libk5crypto-3 that allows it to work with the
lenny libkrb53 (a weekend's worth of work proved this would be quite
difficult), this is the best solution we've come up with, Closes: #596678
-- Sam Hartman <hartmans at debian.org> Sun, 19 Sep 2010 14:59:46 -0400
krb5 (1.8.3+dfsg~beta1-2) unstable; urgency=low
* Remove documentation that has moved to the krb5-appl package and is
not shipped upstream from Debian diff
-- Sam Hartman <hartmans at debian.org> Tue, 10 Aug 2010 15:33:15 -0400
krb5 (1.8.3+dfsg~beta1-1) unstable; urgency=low
* New Upstream version
* Add breaks with libkrb53 because libdes425 cannot work with new
libk5crypto3 (Closes: #557929)
* You want this version: it fixes an incompatibility with how PACs are
verified with Windows 2008
* As a result of libkrb53 breaks, we no longer get into problems with
krb5int_hmac, Closes: #566988
* Note that libkdb5-4 breaks rather than conflicts libkadm5srv6, Closes:
#565429
* Start kdc before x display managers, Closes: #588536
-- Sam Hartman <hartmans at debian.org> Thu, 05 Aug 2010 12:15:50 -0400
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Kees Cook <kees at outflux.net>
iQIcBAEBCgAGBQJM1JULAAoJEIly9N/cbcAmGMsP/RaoAMd60/WBWDkBJJnSjsu2
GgvQkeZPfYtXhV68dAZRMTsVAtQOz2+LC2EvFcY8NO+h9a4xezFXAGgIw46Th2Qj
aXcHgqHQKPEY3s28qBtI0j3AeVWmHWQ7QCj7MkFoaB5E9baVH7EQOdoNF+KKfDXn
SgqC0U1jq0IP4aFTfOnw89ypYhMvBnkJZyoJcLQN3wwjtju3kw6EhyRW3M6Z1N/B
vPL1FNoASJgqQVIFpKYbaFck9yC79H1v1YCRXK8o4UFg3TFW3QPAqj5U4fx3+mNP
M1EYBaT+txT5XTN/cTAQwy0NCOdBviSMtgiwn8bpR+gGmC8xZvyYLIZlu2J9lu/I
Srn5icCWBO1wiYe63Kw+J1hI+VAPo+ale06TGCGGg3u2tZd8a9v0GyxpPeM8dn87
uau6EZIbbGvQv4ADmx11YmqjT7DIXyYtCD4QImEdeNMHQgaueaplUY8zStLab1ZH
UJxwtBYwy/0Ntg6dDDho01sBPufa918MgGES3O2/aTR6295IZwhVpKM7qSIrHdAP
AkOFUWMU8tPKXKR8BD1ejSD4K3mpoIgqvaoGS04m4FAPNjz6DhlpCwA5Y7D8flLm
KmTa/5WQbEGUQA4TUnhysnSx5psMQpynDc4699V47nlV97jzjyuC3Mi3q2CX5SC7
D46k8ZhW9nlnRu0xg08x
=YLbr
-----END PGP SIGNATURE-----
** Affects: krb5 (Ubuntu)
Importance: Wishlist
Status: Confirmed
--
Sync krb5 1.8.3+dfsg-2 (main) from Debian unstable (main)
https://bugs.launchpad.net/bugs/671672
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list