krb5 1.10+dfsg~beta1-2ubuntu0.7 source package in Ubuntu
Changelog
krb5 (1.10+dfsg~beta1-2ubuntu0.7) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via udp ping-pong
- debian/patches/CVE-2002-2443.patch: don't respond to improper packets
in src/kadmin/server/schpw.c.
- CVE-2002-2443
* SECURITY UPDATE: denial of service via incorrect null bytes
- d/p/0030-Fix-krb5_read_message-handling-CVE-2014-5355.patch:
properly handle null bytes in src/appl/user_user/server.c,
src/lib/krb5/krb/recvauth.c.
- CVE-2015-5355
* SECURITY UPDATE: SPNEGO context aliasing bugs
- d/p/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
src/lib/gssapi/spnego/spnego_mech.c.
- d/p/0035-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
in src/lib/gssapi/spnego/spnego_mech.c.
- CVE-2015-2695
* SECURITY UPDATE: IAKERB context aliasing bugs
- d/p/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
- d/p/0033-Fix-two-IAKERB-comments.patch: fix comments in
src/lib/gssapi/krb5/iakerb.c.
- CVE-2015-2696
* SECURITY UPDATE: KDC crash via invalid string processing
- d/p/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
- CVE-2015-2697
* SECURITY UPDATE: memory corruption in IAKERB context export/import
- d/p/0034-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
dereferencing the context_handle pointer before casting it in
and implement implement an IAKERB gss_import_sec_context() function
in src/lib/gssapi/krb5/gssapiP_krb5.h,
src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
- CVE-2015-2698
-- Marc Deslauriers <email address hidden> Wed, 11 Nov 2015 09:16:52 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Precise
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Precise | updates | main | net | |
| Precise | security | main | net |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| krb5_1.10+dfsg~beta1.orig.tar.gz | 10.1 MiB | a2d5367618d5a4c8ae89f7a2f7eb908494fd39ae55cd4e30e753c9a092541b3a |
| krb5_1.10+dfsg~beta1-2ubuntu0.7.debian.tar.gz | 143.3 KiB | a3cf747aa685e3aaeabe200b267aa419ecef2e84efeda0b8a38131f4854ade33 |
| krb5_1.10+dfsg~beta1-2ubuntu0.7.dsc | 3.0 KiB | fc0b049cc0614baffa77030507e7dcd97e1ccb1c36614f8421303b392bc6b9e1 |
Available diffs
Binary packages built by this source
- krb5-admin-server: MIT Kerberos master server (kadmind)
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the Kerberos master server (kadmind), which handles
account creations and deletions, password changes, and other
administrative commands via the Kerberos admin protocol. It also
contains the command used by the master KDC to propagate its database to
slave KDCs. This package is generally only used on the master KDC for a
Kerberos realm.
- krb5-admin-server-dbgsym: debug symbols for package krb5-admin-server
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the Kerberos master server (kadmind), which handles
account creations and deletions, password changes, and other
administrative commands via the Kerberos admin protocol. It also
contains the command used by the master KDC to propagate its database to
slave KDCs. This package is generally only used on the master KDC for a
Kerberos realm.
- krb5-doc: Documentation for MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the installation, administrator, and user reference
manuals for MIT Kerberos and the man pages for the MIT Kerberos
configuration files.
- krb5-gss-samples: MIT Kerberos GSS Sample applications
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains bgss-sample and gss-server, programs used to
test GSS-API mechanisms. These programs are most commonly used in
testing newly developed GSS-API mechanisms or in testing events
between Kerberos or GSS implementations.
- krb5-gss-samples-dbgsym: debug symbols for package krb5-gss-samples
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains bgss-sample and gss-server, programs used to
test GSS-API mechanisms. These programs are most commonly used in
testing newly developed GSS-API mechanisms or in testing events
between Kerberos or GSS implementations.
- krb5-kdc: MIT Kerberos key server (KDC)
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the Kerberos key server (KDC). The KDC manages all
authentication credentials for a Kerberos realm, holds the master keys
for the realm, and responds to authentication requests. This package
should be installed on both master and slave KDCs.
- krb5-kdc-dbgsym: debug symbols for package krb5-kdc
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the Kerberos key server (KDC). The KDC manages all
authentication credentials for a Kerberos realm, holds the master keys
for the realm, and responds to authentication requests. This package
should be installed on both master and slave KDCs.
- krb5-kdc-ldap: MIT Kerberos key server (KDC) LDAP plugin
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the LDAP plugin for the Kerberos key server (KDC)
and supporting utilities. This plugin allows the KDC data to be stored
in an LDAP server rather than the default local database. It should be
installed on both master and slave KDCs that use LDAP as a storage
backend.
- krb5-kdc-ldap-dbgsym: debug symbols for package krb5-kdc-ldap
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the LDAP plugin for the Kerberos key server (KDC)
and supporting utilities. This plugin allows the KDC data to be stored
in an LDAP server rather than the default local database. It should be
installed on both master and slave KDCs that use LDAP as a storage
backend.
- krb5-locales: Internationalization support for MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains internationalized messages for MIT Kerberos.
- krb5-multidev: Development files for MIT Kerberos without Heimdal conflict
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
Most users wishing to build applications against MIT Kerberos should
install libkrb5-dev. However, that package conflicts with heimdal-dev.
This package installs libraries and headers in /usr/include/mit-krb5 and
/usr/lib/mit-krb5 and can be installed along side heimdal-multidev, which
provides the same facilities for Heimdal.
- krb5-pkinit: PKINIT plugin for MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains a plugin for the PKINIT protocol, which allows
Kerberos tickets to be obtained using public-key credentials such as
X.509 certificates or a smart card. This plugin can be used by the
client libraries and the KDC.
- krb5-pkinit-dbgsym: debug symbols for package krb5-pkinit
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains a plugin for the PKINIT protocol, which allows
Kerberos tickets to be obtained using public-key credentials such as
X.509 certificates or a smart card. This plugin can be used by the
client libraries and the KDC.
- krb5-user: Basic programs to authenticate using MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the basic programs to authenticate to MIT Kerberos,
change passwords, and talk to the admin server (to create and delete
principals, list principals, etc.).
- krb5-user-dbgsym: debug symbols for package krb5-user
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the basic programs to authenticate to MIT Kerberos,
change passwords, and talk to the admin server (to create and delete
principals, list principals, etc.).
- libgssapi-krb5-2: MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime library for the MIT Kerberos
implementation of GSS-API used by applications and Kerberos clients.
- libgssapi-krb5-2-dbgsym: debug symbols for package libgssapi-krb5-2
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime library for the MIT Kerberos
implementation of GSS-API used by applications and Kerberos clients.
- libgssrpc4: MIT Kerberos runtime libraries - GSS enabled ONCRPC
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains an RPC library used by the Kerberos administrative
programs and potentially other applications.
- libgssrpc4-dbgsym: debug symbols for package libgssrpc4
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains an RPC library used by the Kerberos administrative
programs and potentially other applications.
- libk5crypto3: MIT Kerberos runtime libraries - Crypto Library
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime cryptography libraries used by
applications and Kerberos clients.
- libk5crypto3-dbgsym: debug symbols for package libk5crypto3
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime cryptography libraries used by
applications and Kerberos clients.
- libkadm5clnt-mit8: MIT Kerberos runtime libraries - Administration Clients
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime library used by clients of the Kerberos
administration protocol.
- libkadm5clnt-mit8-dbgsym: debug symbols for package libkadm5clnt-mit8
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime library used by clients of the Kerberos
administration protocol.
- libkadm5srv-mit8: MIT Kerberos runtime libraries - KDC and Admin Server
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime library used by Kerberos administrative
servers.
- libkadm5srv-mit8-dbgsym: debug symbols for package libkadm5srv-mit8
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime library used by Kerberos administrative
servers.
- libkdb5-6: MIT Kerberos runtime libraries - Kerberos database
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the internal Kerberos database libraries.
- libkdb5-6-dbgsym: debug symbols for package libkdb5-6
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the internal Kerberos database libraries.
- libkrb5-3: MIT Kerberos runtime libraries
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime library for the main Kerberos v5 API
used by applications and Kerberos clients.
- libkrb5-3-dbgsym: debug symbols for package libkrb5-3
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the runtime library for the main Kerberos v5 API
used by applications and Kerberos clients.
- libkrb5-dbg: Debugging files for MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the debugging information for the MIT Kerberos
libraries. Install this package if you need to trace problems inside the
MIT Kerberos libraries with a debugger.
- libkrb5-dev: Headers and development libraries for MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains the symlinks, headers, and development libraries
needed to compile and link programs that use the Kerberos libraries.
- libkrb53: transitional package for MIT Kerberos libraries
This package provides transitions to allow previously installed
packages that do not depend on krb4 libraries to continue to
function. This package may be removed if unneeded.
- libkrb5support0: MIT Kerberos runtime libraries - Support library
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains an internal runtime support library used by other
Kerberos libraries.
- libkrb5support0-dbgsym: debug symbols for package libkrb5support0
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service. That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos V5.
.
This package contains an internal runtime support library used by other
Kerberos libraries.
