[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

testing krb5 for Squeeze LTS

Hi,

I uploaded version 1.8.3+dfsg-4squeeze9 of krb5 to:
 https://people.debian.org/~alteholz/packages/squeeze-lts/krb5/amd64/
 https://people.debian.org/~alteholz/packages/squeeze-lts/krb5/i386/

Please give it a try and tell me about any problems you met.

Changes:
  * MITKRB5-SA-2015-001
     - CVE-2014-5352: gss_process_context_token() incorrectly frees context
     - CVE-2014-9421: kadmind doubly frees partial deserialization results
     - CVE-2014-9422: kadmind incorrectly validates server principal name
     - CVE-2014-9423: libgssrpc server applications leak uninitialized bytes

Thanks!
 Thorsten
Reply to: