Accepted krb5 1.4.4-8 (source i386 all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted krb5 1.4.4-8 (source i386 all)
From: Sam Hartman <hartmans@debian.org>
Date: Tue, 03 Apr 2007 19:02:05 +0000
Message-id: <[🔎] E1HYoGb-0005Ry-3U@ries.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 11 Mar 2007 19:08:52 -0400
Source: krb5
Binary: krb5-doc libkrb5-dev krb5-rsh-server krb5-user krb5-ftpd libkadm55 libkrb53 krb5-clients krb5-telnetd krb5-kdc krb5-admin-server libkrb5-dbg
Architecture: source i386 all
Version: 1.4.4-8
Distribution: unstable
Urgency: emergency
Maintainer: Sam Hartman <hartmans@debian.org>
Changed-By: Sam Hartman <hartmans@debian.org>
Description: 
 krb5-admin-server - MIT Kerberos master server (kadmind)
 krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos
 krb5-doc   - Documentation for MIT Kerberos
 krb5-ftpd  - Secure FTP server supporting MIT Kerberos
 krb5-kdc   - MIT Kerberos key server (KDC)
 krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos
 krb5-telnetd - Secure telnet server supporting MIT Kerberos
 krb5-user  - Basic programs to authenticate using MIT Kerberos
 libkadm55  - MIT Kerberos administration runtime libraries
 libkrb5-dbg - Debugging files for MIT Kerberos
 libkrb5-dev - Headers and development libraries for MIT Kerberos
 libkrb53   - MIT Kerberos runtime libraries
Closes: 414382
Changes: 
 krb5 (1.4.4-8) unstable; urgency=emergency
 .
   * MIT-SA-2007-1: telnet allows  login as an arbitrary user when
     presented with a specially crafted username; CVE-2007-0956
   * krb5_klog_syslog has a trivial buffer overflow that can be exploited
     by network data; CVE-2007-0957.  The upstream patch is very intrusive
     because it fixes each call to syslog to have proper length checking as
     well as the actual krb5_klog_syslog internals to use vsnprintf rather
     than vsprintf.  I have chosen to only include the change to
     krb5_klog_syslog for sarge.  This is sufficient to fix the problem but
     is much smaller and less intrusive.   (MIT-SA-2007-2)
   * MIT-SA-2007-3: The GSS-API library can cause a double free if
     applications treat certain errors decoding a message as errors that
     require freeing the output buffer.  At least the gssapi rpc library
     does this, so kadmind is vulnerable.    Fix the gssapi library because
     the spec allows applications to treat errors this way.  CVE-2007-1216
   * New Japanese translation, thanks TANAKA Atushi, Closes: #414382
Files: 
 b1cfae2eab8636ee3a2f532e5b57b38b 866 net standard krb5_1.4.4-8.dsc
 a9753b63f09b1a614a3ff2abcbd99401 1585233 net standard krb5_1.4.4-8.diff.gz
 c546a01412cc97542779ed4ef0542f97 1811718 doc optional krb5-doc_1.4.4-8_all.deb
 764b770fdf72d7af9f8ebf78d89f0c54 173598 libs optional libkadm55_1.4.4-8_i386.deb
 d1770cf7f368a3d5268fe7b52c8fc6f0 407936 libs standard libkrb53_1.4.4-8_i386.deb
 ddfadb4b430b0229f0ac5db253533079 123774 net optional krb5-user_1.4.4-8_i386.deb
 3b24088c4ba0624c98ef1fd10f981d05 196070 net optional krb5-clients_1.4.4-8_i386.deb
 9d0d43f3963e1534525a3180fe59df1f 79858 net optional krb5-rsh-server_1.4.4-8_i386.deb
 79a0ad56e3c34965087b374e2d2076f0 57796 net extra krb5-ftpd_1.4.4-8_i386.deb
 a5a470ce065ede329c8554ac3db96cee 61986 net extra krb5-telnetd_1.4.4-8_i386.deb
 cdc6d97a0e17f0bbfa7be867de4675aa 132802 net optional krb5-kdc_1.4.4-8_i386.deb
 58bcde41c0cdd90672374b648e8b071d 78002 net optional krb5-admin-server_1.4.4-8_i386.deb
 62210af6feda85a0e2e12befada41f3a 679664 libdevel extra libkrb5-dev_1.4.4-8_i386.deb
 d4ab5b4b2f85b61c6cea0d879b0a73b9 1037432 libdevel extra libkrb5-dbg_1.4.4-8_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGEqFw/I12czyGJg8RAlMCAJoCrAwDC0+yxShqSVOqW3ZoabJrfwCg63DE
No481i4X7BFEX6T40Sz+EFk=
=Y05B
-----END PGP SIGNATURE-----


Accepted:
krb5-admin-server_1.4.4-8_i386.deb
  to pool/main/k/krb5/krb5-admin-server_1.4.4-8_i386.deb
krb5-clients_1.4.4-8_i386.deb
  to pool/main/k/krb5/krb5-clients_1.4.4-8_i386.deb
krb5-doc_1.4.4-8_all.deb
  to pool/main/k/krb5/krb5-doc_1.4.4-8_all.deb
krb5-ftpd_1.4.4-8_i386.deb
  to pool/main/k/krb5/krb5-ftpd_1.4.4-8_i386.deb
krb5-kdc_1.4.4-8_i386.deb
  to pool/main/k/krb5/krb5-kdc_1.4.4-8_i386.deb
krb5-rsh-server_1.4.4-8_i386.deb
  to pool/main/k/krb5/krb5-rsh-server_1.4.4-8_i386.deb
krb5-telnetd_1.4.4-8_i386.deb
  to pool/main/k/krb5/krb5-telnetd_1.4.4-8_i386.deb
krb5-user_1.4.4-8_i386.deb
  to pool/main/k/krb5/krb5-user_1.4.4-8_i386.deb
krb5_1.4.4-8.diff.gz
  to pool/main/k/krb5/krb5_1.4.4-8.diff.gz
krb5_1.4.4-8.dsc
  to pool/main/k/krb5/krb5_1.4.4-8.dsc
libkadm55_1.4.4-8_i386.deb
  to pool/main/k/krb5/libkadm55_1.4.4-8_i386.deb
libkrb5-dbg_1.4.4-8_i386.deb
  to pool/main/k/krb5/libkrb5-dbg_1.4.4-8_i386.deb
libkrb5-dev_1.4.4-8_i386.deb
  to pool/main/k/krb5/libkrb5-dev_1.4.4-8_i386.deb
libkrb53_1.4.4-8_i386.deb
  to pool/main/k/krb5/libkrb53_1.4.4-8_i386.deb

Reply to:

Prev by Date: Accepted evolution-data-server 1.8.2-2 (source i386 all)
Next by Date: Accepted autopkgtest 0.8.0 (source all)
Previous by thread: Accepted evolution-data-server 1.8.2-2 (source i386 all)
Next by thread: Accepted autopkgtest 0.8.0 (source all)
Index(es):
- Date
- Thread