Bug#693931: Please unblock krb5 1.10.1+dfsg-3
package: release.debian.org
Hi. This includes a fix that causes many gss-using applications to
crash on some systems and a fix requested by the security team.
Removing the call to unload gss plugins does create a bit of a leak if
libgssapi_krb5 is dlclosed and dlopened repeatedly, plugins are
involved, and the plugins do not trigger a circular reference. That's
rare. Normally either plugins are not involved, or there is a circular
reference. Also, I no of no application that loads and unloads
libgssapi_krb5. I think the memory leak is better than a crash of
unrelated applications. Upstream and I are discussing longer-term
solutions.
krb5 (1.10.1+dfsg-3) unstable; urgency=low
* Kadmind crash only triggered by admin users, cve-2012-1013, Closes:
#687647
* Don't unload GSS-API plugins to avoid crashing applications that use
GSS-API on systems with plugins installed, Closes: #693741
-- Sam Hartman <hartmans@debian.org> Mon, 19 Nov 2012 17:35:04 -0500
Reply to: