[Bug 730817] [NEW] Please sync krb5-1.8.3+dfsg-5 from Debian Unstable.
Chuck Short
chuck.short at canonical.com
Mon Mar 7 18:38:03 UTC 2011
Public bug reported:
Please sync krb5-1.8.3+dfsg-5 from Debian Unstable. The Ubuntu changes
can be dropped the CVE fixes are in the debian package as well. The
changelog summary is the following:
krb5 (1.8.3+dfsg-5) unstable; urgency=low
* KDC/LDAP DOS (CVE-2010-4022, CVE-2011-0281, and CVE-2011-0282,
Closes: #613487
* Fix delegation of credentials against Windows servers; significant
interoperability issue, Closes: #611906
* Set nt-srv-inst on TGS names to work against W2K8R2 KDCs, Closes:
#616429
* Don't fail authentication when PAC verification fails; support hmac-
md5 checksums even for non-RC4 keys, Closes: #616728
-- Sam Hartman <hartmans at debian.org> Sun, 06 Mar 2011 18:08:35 -0500
This also fixes LP: #723840.
Thanks
chuck
** Affects: krb5 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in ubuntu.
https://bugs.launchpad.net/bugs/730817
Title:
Please sync krb5-1.8.3+dfsg-5 from Debian Unstable.
More information about the Ubuntu-server-bugs
mailing list