Re: [SRM] update request for krb5 for significant interop and security issues
On Wed, 2011-03-16 at 11:58 -0400, Sam Hartman wrote:
> I'd like permission to upload the following patch to s-p-u.
> I've coordinated with the security team for the security issues and our
> mutual agreement is that they should be addressed in a point release.
Apologies for the slightly delay in getting back to you while we were
getting the point release finalised and, well, released.
> +krb5 (1.8.3+dfsg-4squeeze1) stable; urgency=low
> +
> + * Fix double free with pkinit on KDC, CVE-2011-0284, Closes: #618517
> + * Updated Danish debconf translations, thanks Joe Dalton, Closes:
> + #584282
> + * KDC/LDAP DOS (CVE-2010-4022, CVE-2011-0281, and CVE-2011-0282,
> + Closes: #613487
> + * Fix delegation of credentials against Windows servers; significant
> + interoperability issue, Closes: #611906
Based on a process of elimination, this is the changes to
lib/crypto/krb/checksum/hmac_md5.c and
lib/gssapi/krb5/init_sec_context.c ?
> +# Dansih translation krb5.
^^^^^^
:-)
[...]
> +"Content-Type: text/plain; charset=ISO-8859-1\n"
> +"Content-Type: text/plain; charset=UTF-8\n"
[...]
> -msgstr "Sætter et Kerberos-rige op"
> +msgstr "Sætter et Kerberos-rige op"
The encoding here (and in a few other places) looks broken, although I
note that the equivalent sections of the file in unstable seem okay. Is
this purely a mail transmission issue, or with the .po file itself in
the proposed package?
Regards,
Adam
Reply to: