Publishing details
Changelog
krb5 (1.10+dfsg~beta1-2ubuntu0.7) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via udp ping-pong
- debian/patches/CVE-2002-2443.patch: don't respond to improper packets
in src/kadmin/server/schpw.c.
- CVE-2002-2443
* SECURITY UPDATE: denial of service via incorrect null bytes
- d/p/0030-Fix-krb5_read_message-handling-CVE-2014-5355.patch:
properly handle null bytes in src/appl/user_user/server.c,
src/lib/krb5/krb/recvauth.c.
- CVE-2015-5355
* SECURITY UPDATE: SPNEGO context aliasing bugs
- d/p/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
src/lib/gssapi/spnego/spnego_mech.c.
- d/p/0035-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
in src/lib/gssapi/spnego/spnego_mech.c.
- CVE-2015-2695
* SECURITY UPDATE: IAKERB context aliasing bugs
- d/p/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
- d/p/0033-Fix-two-IAKERB-comments.patch: fix comments in
src/lib/gssapi/krb5/iakerb.c.
- CVE-2015-2696
* SECURITY UPDATE: KDC crash via invalid string processing
- d/p/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
- CVE-2015-2697
* SECURITY UPDATE: memory corruption in IAKERB context export/import
- d/p/0034-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
dereferencing the context_handle pointer before casting it in
and implement implement an IAKERB gss_import_sec_context() function
in src/lib/gssapi/krb5/gssapiP_krb5.h,
src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
- CVE-2015-2698
-- Marc Deslauriers <email address hidden> Wed, 11 Nov 2015 09:16:52 -0500
Builds
Built packages
-
krb5-admin-server
MIT Kerberos master server (kadmind)
-
krb5-admin-server-dbgsym
debug symbols for package krb5-admin-server
-
krb5-doc
Documentation for MIT Kerberos
-
krb5-gss-samples
MIT Kerberos GSS Sample applications
-
krb5-gss-samples-dbgsym
debug symbols for package krb5-gss-samples
-
krb5-kdc
MIT Kerberos key server (KDC)
-
krb5-kdc-dbgsym
debug symbols for package krb5-kdc
-
krb5-kdc-ldap
MIT Kerberos key server (KDC) LDAP plugin
-
krb5-kdc-ldap-dbgsym
debug symbols for package krb5-kdc-ldap
-
krb5-locales
Internationalization support for MIT Kerberos
-
krb5-multidev
Development files for MIT Kerberos without Heimdal conflict
-
krb5-pkinit
PKINIT plugin for MIT Kerberos
-
krb5-pkinit-dbgsym
debug symbols for package krb5-pkinit
-
krb5-user
Basic programs to authenticate using MIT Kerberos
-
krb5-user-dbgsym
debug symbols for package krb5-user
-
libgssapi-krb5-2
MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
-
libgssapi-krb5-2-dbgsym
debug symbols for package libgssapi-krb5-2
-
libgssrpc4
MIT Kerberos runtime libraries - GSS enabled ONCRPC
-
libgssrpc4-dbgsym
debug symbols for package libgssrpc4
-
libk5crypto3
MIT Kerberos runtime libraries - Crypto Library
-
libk5crypto3-dbgsym
debug symbols for package libk5crypto3
-
libkadm5clnt-mit8
MIT Kerberos runtime libraries - Administration Clients
-
libkadm5clnt-mit8-dbgsym
debug symbols for package libkadm5clnt-mit8
-
libkadm5srv-mit8
MIT Kerberos runtime libraries - KDC and Admin Server
-
libkadm5srv-mit8-dbgsym
debug symbols for package libkadm5srv-mit8
-
libkdb5-6
MIT Kerberos runtime libraries - Kerberos database
-
libkdb5-6-dbgsym
debug symbols for package libkdb5-6
-
libkrb5-3
MIT Kerberos runtime libraries
-
libkrb5-3-dbgsym
debug symbols for package libkrb5-3
-
libkrb5-dbg
Debugging files for MIT Kerberos
-
libkrb5-dev
Headers and development libraries for MIT Kerberos
-
libkrb53
transitional package for MIT Kerberos libraries
-
libkrb5support0
MIT Kerberos runtime libraries - Support library
-
libkrb5support0-dbgsym
debug symbols for package libkrb5support0
Package files