Publishing details
Changelog
krb5 (1.12+dfsg-2ubuntu5.4) trusty-security; urgency=medium
* SECURITY UPDATE: DoS (out-of-bounds read) via a crafted string
- debian/patches/CVE-2015-8629.patch: Verify decode kadmin C strings
- CVE-2015-8629
* SECURITY UPDATE: DoS (NULL pointer dereference) by specifying KADM5_POLICY
with a NULL policy name
- debian/patches/CVE-2015-8630.patch: Check for null kadm5 policy name
- CVE-2015-8630
* SECURITY UPDATE: DoS (memory consumption) via a request specifying a NULL
principal name
- debian/patches/CVE-2015-8631.patch: Fix leaks in kadmin server stubs
- CVE-2015-8631
* SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
modify a principal
- debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
empty arg
- CVE-2016-3119
* SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
- debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
is restricted
- CVE-2016-3120
* SECURITY UPDATE: KDC assertion failure
- debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
assertion failures
- debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
- CVE-2017-11368
* SECURITY UPDATE: Double free vulnerability
- debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
failure
- CVE-2017-11462
* SECURITY UPDATE: Authenticated kadmin with permission to add principals
to an LDAP Kerberos can DoS or bypass DN container check.
- debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
checking
- CVE-2018-5729
- CVE-2018-5730
-- Eduardo Barretto <email address hidden> Wed, 09 Jan 2019 14:01:22 -0200
Builds
Built packages
-
krb5-admin-server
MIT Kerberos master server (kadmind)
-
krb5-admin-server-dbgsym
debug symbols for package krb5-admin-server
-
krb5-doc
Documentation for MIT Kerberos
-
krb5-gss-samples
MIT Kerberos GSS Sample applications
-
krb5-gss-samples-dbgsym
debug symbols for package krb5-gss-samples
-
krb5-kdc
MIT Kerberos key server (KDC)
-
krb5-kdc-dbgsym
debug symbols for package krb5-kdc
-
krb5-kdc-ldap
MIT Kerberos key server (KDC) LDAP plugin
-
krb5-kdc-ldap-dbgsym
debug symbols for package krb5-kdc-ldap
-
krb5-locales
Internationalization support for MIT Kerberos
-
krb5-multidev
Development files for MIT Kerberos without Heimdal conflict
-
krb5-otp
OTP plugin for MIT Kerberos
-
krb5-otp-dbgsym
debug symbols for package krb5-otp
-
krb5-pkinit
PKINIT plugin for MIT Kerberos
-
krb5-pkinit-dbgsym
debug symbols for package krb5-pkinit
-
krb5-user
Basic programs to authenticate using MIT Kerberos
-
krb5-user-dbgsym
debug symbols for package krb5-user
-
libgssapi-krb5-2
MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
-
libgssapi-krb5-2-dbgsym
debug symbols for package libgssapi-krb5-2
-
libgssrpc4
MIT Kerberos runtime libraries - GSS enabled ONCRPC
-
libgssrpc4-dbgsym
debug symbols for package libgssrpc4
-
libk5crypto3
MIT Kerberos runtime libraries - Crypto Library
-
libk5crypto3-dbgsym
debug symbols for package libk5crypto3
-
libkadm5clnt-mit9
MIT Kerberos runtime libraries - Administration Clients
-
libkadm5clnt-mit9-dbgsym
debug symbols for package libkadm5clnt-mit9
-
libkadm5srv-mit8
transitional dummy package for libkadm5srv-mit9
-
libkadm5srv-mit9
MIT Kerberos runtime libraries - KDC and Admin Server
-
libkadm5srv-mit9-dbgsym
debug symbols for package libkadm5srv-mit9
-
libkdb5-7
MIT Kerberos runtime libraries - Kerberos database
-
libkdb5-7-dbgsym
debug symbols for package libkdb5-7
-
libkrad-dev
MIT Kerberos RADIUS Library Development
-
libkrad0
MIT Kerberos runtime libraries - RADIUS library
-
libkrad0-dbgsym
debug symbols for package libkrad0
-
libkrb5-3
MIT Kerberos runtime libraries
-
libkrb5-3-dbgsym
debug symbols for package libkrb5-3
-
libkrb5-dbg
Debugging files for MIT Kerberos
-
libkrb5-dev
Headers and development libraries for MIT Kerberos
-
libkrb5support0
MIT Kerberos runtime libraries - Support library
-
libkrb5support0-dbgsym
debug symbols for package libkrb5support0
Package files