Publishing details
Changelog
krb5 (1.13.2+dfsg-5) unstable; urgency=high
* Security Update
* Verify decoded kadmin C strings [CVE-2015-8629]
CVE-2015-8629: An authenticated attacker can cause kadmind to read
beyond the end of allocated memory by sending a string without a
terminating zero byte. Information leakage may be possible for an
attacker with permission to modify the database. (Closes: #813296)
* Check for null kadm5 policy name [CVE-2015-8630]
CVE-2015-8630: An authenticated attacker with permission to modify a
principal entry can cause kadmind to dereference a null pointer by
supplying a null policy value but including KADM5_POLICY in the mask.
(Closes: #813127)
* Fix leaks in kadmin server stubs [CVE-2015-8631]
CVE-2015-8631: An authenticated attacker can cause kadmind to leak
memory by supplying a null principal name in a request which uses one.
Repeating these requests will eventually cause kadmind to exhaust all
available memory. (Closes: #813126)
-- Sam Hartman <email address hidden> Tue, 23 Feb 2016 08:54:09 -0500
Builds
Built packages
-
krb5-admin-server
MIT Kerberos master server (kadmind)
-
krb5-admin-server-dbgsym
debug symbols for package krb5-admin-server
-
krb5-doc
Documentation for MIT Kerberos
-
krb5-gss-samples
MIT Kerberos GSS Sample applications
-
krb5-gss-samples-dbgsym
debug symbols for package krb5-gss-samples
-
krb5-k5tls
TLS plugin for MIT Kerberos
-
krb5-k5tls-dbgsym
debug symbols for package krb5-k5tls
-
krb5-kdc
MIT Kerberos key server (KDC)
-
krb5-kdc-dbgsym
debug symbols for package krb5-kdc
-
krb5-kdc-ldap
MIT Kerberos key server (KDC) LDAP plugin
-
krb5-kdc-ldap-dbgsym
debug symbols for package krb5-kdc-ldap
-
krb5-locales
Internationalization support for MIT Kerberos
-
krb5-multidev
Development files for MIT Kerberos without Heimdal conflict
-
krb5-multidev-dbgsym
debug symbols for package krb5-multidev
-
krb5-otp
OTP plugin for MIT Kerberos
-
krb5-otp-dbgsym
debug symbols for package krb5-otp
-
krb5-pkinit
PKINIT plugin for MIT Kerberos
-
krb5-pkinit-dbgsym
debug symbols for package krb5-pkinit
-
krb5-user
Basic programs to authenticate using MIT Kerberos
-
krb5-user-dbgsym
debug symbols for package krb5-user
-
libgssapi-krb5-2
MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
-
libgssapi-krb5-2-dbgsym
debug symbols for package libgssapi-krb5-2
-
libgssrpc4
MIT Kerberos runtime libraries - GSS enabled ONCRPC
-
libgssrpc4-dbgsym
debug symbols for package libgssrpc4
-
libk5crypto3
MIT Kerberos runtime libraries - Crypto Library
-
libk5crypto3-dbgsym
debug symbols for package libk5crypto3
-
libkadm5clnt-mit9
MIT Kerberos runtime libraries - Administration Clients
-
libkadm5clnt-mit9-dbgsym
debug symbols for package libkadm5clnt-mit9
-
libkadm5srv-mit9
MIT Kerberos runtime libraries - KDC and Admin Server
-
libkadm5srv-mit9-dbgsym
debug symbols for package libkadm5srv-mit9
-
libkdb5-8
MIT Kerberos runtime libraries - Kerberos database
-
libkdb5-8-dbgsym
debug symbols for package libkdb5-8
-
libkrad-dev
MIT Kerberos RADIUS Library Development
-
libkrad-dev-dbgsym
debug symbols for package libkrad-dev
-
libkrad0
MIT Kerberos runtime libraries - RADIUS library
-
libkrad0-dbgsym
debug symbols for package libkrad0
-
libkrb5-3
MIT Kerberos runtime libraries
-
libkrb5-3-dbgsym
debug symbols for package libkrb5-3
-
libkrb5-dbg
Debugging files for MIT Kerberos
-
libkrb5-dev
Headers and development libraries for MIT Kerberos
-
libkrb5-dev-dbgsym
debug symbols for package libkrb5-dev
-
libkrb5support0
MIT Kerberos runtime libraries - Support library
-
libkrb5support0-dbgsym
debug symbols for package libkrb5support0
Package files