heimdal 7.8.git20221115.a6cf945+dfsg-1 source package in Debian
Changelog
heimdal (7.8.git20221115.a6cf945+dfsg-1) unstable; urgency=medium * New upstream version. * Numerous security fixes (Closes: #1024187). * asn1: Invalid free in ASN.1 codec (CVE-2022-44640) * krb5: PAC parse integer overflows (CVE-2022-42898) * gsskrb5: Use constant-time memcmp() for arcfour unwrap (CVE-2022-3437) * gsskrb5: Use constant-time memcmp() in unwrap_des3() (CVE-2022-3437) * gsskrb5: Don't pass NULL pointers to memcpy() in DES unwrap (CVE-2022-3437) * gsskrb5: Avoid undefined behaviour in _gssapi_verify_pad() (CVE-2022-3437) * gsskrb5: Check the result of _gsskrb5_get_mech() (CVE-2022-3437) * gsskrb5: Check buffer length against overflow for DES{,3} unwrap (CVE-2022-3437) * gsskrb5: Check for overflow in _gsskrb5_get_mech() (CVE-2022-3437) * gsskrb5: Pass correct length to _gssapi_verify_pad() (CVE-2022-3437) * libhx509: Fix denial of service vulnerability (CVE-2022-41916) * spnego: send_reject when no mech selected (CVE-2021-44758) * Fix regression in _krb5_get_int64 on 32 bit systems. https://github.com/heimdal/heimdal/pull/1025 * Increment soname for libroken. * Increment soname for libhcrypto. * Remove legacy shared library version requirements. * Add symbols to libkadm5srv8. -- Brian May <email address hidden> Sun, 27 Nov 2022 10:44:26 +1100
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
heimdal_7.8.git20221115.a6cf945+dfsg-1.dsc | 3.5 KiB | 5fde9874fe0a68780767e672bc5c3a55bee31f7dec51e70d88667e1e3fcfc998 |
heimdal_7.8.git20221115.a6cf945+dfsg.orig.tar.xz | 7.4 MiB | 36f52dab41bec015cc3f42f75ae97895744722b7bdfa18d1d5f0ff36ee01b712 |
heimdal_7.8.git20221115.a6cf945+dfsg-1.debian.tar.xz | 125.0 KiB | c2b2969cdfa31dc79c7d928379693319607cf5c83c4546c8234487a4d5a48b80 |
No changes file available.