-
krb5 (1.10+dfsg~beta1-2ubuntu0.7) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via udp ping-pong
- debian/patches/CVE-2002-2443.patch: don't respond to improper packets
in src/kadmin/server/schpw.c.
- CVE-2002-2443
* SECURITY UPDATE: denial of service via incorrect null bytes
- d/p/0030-Fix-krb5_read_message-handling-CVE-2014-5355.patch:
properly handle null bytes in src/appl/user_user/server.c,
src/lib/krb5/krb/recvauth.c.
- CVE-2015-5355
* SECURITY UPDATE: SPNEGO context aliasing bugs
- d/p/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
src/lib/gssapi/spnego/spnego_mech.c.
- d/p/0035-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
in src/lib/gssapi/spnego/spnego_mech.c.
- CVE-2015-2695
* SECURITY UPDATE: IAKERB context aliasing bugs
- d/p/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
- d/p/0033-Fix-two-IAKERB-comments.patch: fix comments in
src/lib/gssapi/krb5/iakerb.c.
- CVE-2015-2696
* SECURITY UPDATE: KDC crash via invalid string processing
- d/p/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
- CVE-2015-2697
* SECURITY UPDATE: memory corruption in IAKERB context export/import
- d/p/0034-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
dereferencing the context_handle pointer before casting it in
and implement implement an IAKERB gss_import_sec_context() function
in src/lib/gssapi/krb5/gssapiP_krb5.h,
src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
- CVE-2015-2698
-- Marc Deslauriers <email address hidden> Wed, 11 Nov 2015 09:16:52 -0500
-
krb5 (1.10+dfsg~beta1-2ubuntu0.6) precise-security; urgency=medium
* SECURITY UPDATE: ticket forging via old keys
- debian/patches/CVE-2014-5321.patch: return only new keys in
src/lib/kadm5/srv/svr_principal.c.
- CVE-2014-5321
* SECURITY UPDATE: use-after-free and double-free memory access
violations
- debian/patches/CVE-2014-5352.patch: properly handle context deletion
in src/lib/gssapi/krb5/context_time.c,
src/lib/gssapi/krb5/export_sec_context.c,
src/lib/gssapi/krb5/gssapiP_krb5.h,
src/lib/gssapi/krb5/gssapi_krb5.c,
src/lib/gssapi/krb5/inq_context.c,
src/lib/gssapi/krb5/k5seal.c,
src/lib/gssapi/krb5/k5sealiov.c,
src/lib/gssapi/krb5/k5unseal.c,
src/lib/gssapi/krb5/k5unsealiov.c,
src/lib/gssapi/krb5/lucid_context.c,
src/lib/gssapi/krb5/prf.c,
src/lib/gssapi/krb5/process_context_token.c,
src/lib/gssapi/krb5/wrap_size_limit.c.
- CVE-2014-5352
* SECURITY UPDATE: denial of service via LDAP query with no results
- debian/patches/CVE-2014-5353.patch: properly handle policy name in
src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c.
- CVE-2014-5353
* SECURITY UPDATE: denial of service via database entry for a keyless
principal
- debian/patches/CVE-2014-5354.patch: support keyless principals in
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c.
- CVE-2014-5354
* SECURITY UPDATE: denial of service or code execution in kadmind XDR
data processing
- debian/patches/CVE-2014-9421.patch: fix double free in
src/lib/kadm5/kadm_rpc_xdr.c, src/lib/rpc/auth_gssapi_misc.c.
- CVE-2014-9421
* SECURITY UPDATE: impersonation attack via two-component server
principals
- debian/patches/CVE-2014-9422.patch: fix kadmind server validation in
src/kadmin/server/kadm_rpc_svc.c.
- CVE-2014-9422
* SECURITY UPDATE: gssrpc data leakage
- debian/patches/CVE-2014-9423.patch: fix leakage in
src/lib/rpc/svc_auth_gss.c.
- CVE-2014-9423
-- Marc Deslauriers <email address hidden> Fri, 06 Feb 2015 15:37:18 -0500
-
krb5 (1.10+dfsg~beta1-2ubuntu0.5) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted Draft 9 request
- debian/patches/CVE-2012-1016.patch: don't check for an agility KDF
identifier in src/plugins/preauth/pkinit/pkinit_srv.c.
- CVE-2012-1016
* SECURITY UPDATE: denial of service via malformed KRB5_PADATA_PK_AS_REQ
AS-REQ request
- debian/patches/CVE-2013-1415.patch: don't dereference null pointer
in src/plugins/preauth/pkinit/pkinit_crypto_openssl.c.
- CVE-2013-1415
* SECURITY UPDATE: denial of service via crafted TGS-REQ request
- debian/patches/CVE-2013-1416.patch: don't pass null pointer to
strlcpy() in src/kdc/do_tgs_req.c.
- CVE-2013-1416
* SECURITY UPDATE: multi-realm denial of service via crafted request
- debian/patches/CVE-2013-1418.patch: don't dereference a null
pointer in src/kdc/main.c.
- CVE-2013-1418
- CVE-2013-6800
* SECURITY UPDATE: denial of service via invalid tokens
- debian/patches/CVE-2014-4341-4342.patch: handle invalid tokens in
src/lib/gssapi/krb5/k5unseal.c, src/lib/gssapi/krb5/k5unsealiov.c.
- CVE-2014-4341
- CVE-2014-4342
* SECURITY UPDATE: denial of service via double-free in SPNEGO
- debian/patches/CVE-2014-4343.patch: fix double-free in
src/lib/gssapi/spnego/spnego_mech.c.
- CVE-2014-4343
* SECURITY UPDATE: denial of service via null deref in SPNEGO acceptor
- debian/patches/CVE-2014-4344.patch: validate REMAIN in
src/lib/gssapi/spnego/spnego_mech.c.
- CVE-2014-4344
* SECURITY UPDATE: denial of service and possible code execution in
kadmind with LDAP backend
- debian/patches/CVE-2014-4345.patch: fix off-by-one in
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
- CVE-2014-4345
-- Marc Deslauriers <email address hidden> Fri, 08 Aug 2014 15:02:11 -0400
-
krb5 (1.10+dfsg~beta1-2ubuntu0.3) precise-security; urgency=low
* SECURITY UPDATE: KDC heap corruption and crash vulnerabilities
- debian/patches/MITKRB5-SA-2012-001.patch: initialize pointers both
at allocation and assignment time
- CVE-2012-1015, CVE-2012-1014
* SECURITY UPDATE: denial of service in kadmind (LP: #1009422)
- debian/patches/krb5-CVE-2012-1013.patch: check for null password
- CVE-2012-1013
* SECURITY UPDATE: insufficient ACL checking on get_strings/set_string
- debian/patches/krb5-CVE-2012-1012.patch: make the access
controls for get_strings/set_string mirror those of
get_principal/modify_principal
- CVE-2012-1012
-- Steve Beattie <email address hidden> Thu, 26 Jul 2012 14:29:35 -0700
-
krb5 (1.10+dfsg~beta1-2ubuntu0.2) precise-proposed; urgency=low
* Re-introduce libkrb53 as a transitional package to libkrb5-3.
Also revert the Conflicts against libkrb53 to the old versioned
Break/Replaces. (LP: #1007314)
-- Stephane Graber <email address hidden> Wed, 18 Jul 2012 17:41:48 -0400
-
krb5 (1.10+dfsg~beta1-2ubuntu0.1) precise-proposed; urgency=low
* debian/patches/preauth-context.patch: fix preauth context initialisation
(LP: #988520).
-- Robie Basak <email address hidden> Tue, 15 May 2012 02:33:57 +0000
-
krb5 (1.10+dfsg~beta1-2) unstable; urgency=low
* Oops, actually fix build flags, Closes: #655248
-- Sam Hartman <email address hidden> Fri, 13 Jan 2012 17:39:34 -0500
-
krb5 (1.10+dfsg~alpha2-1) unstable; urgency=low
* New upstream Version
-- Sam Hartman <email address hidden> Tue, 27 Dec 2011 06:02:35 -0500
-
krb5 (1.10+dfsg~alpha1-6ubuntu1) precise; urgency=low
* fix LP: #907227 - Drop Breaks on libsmbclient to 2:3.5.11~dfsg-4ubuntu3
since that will be the version in Ubuntu which would be built against the
version of libkrb5-3 with the private symbols
(see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650541)
- update debian/control
* Mark Debian Vcs-* entries as XS-Debian-Vcs-*
- update debian/control
-- Micah Gersten <email address hidden> Wed, 21 Dec 2011 03:50:56 -0600
-
krb5 (1.10+dfsg~alpha1-6) unstable; urgency=low
* Fix segfault with unknown hostnames in krb5_sname_to_principal,
Closes: #650671
* Indicate that this library breaks libsmbclient versions that depend on
krb5_locate_kdc, Closes: #650603, #650611
-- Sam Hartman <email address hidden> Thu, 01 Dec 2011 19:34:41 -0500
-
krb5 (1.9.1+dfsg-3ubuntu1) precise; urgency=low
* Merge from Debian testing, remaining changes:
- db2/lockout.c, ldap/libkdb_ldap/ldap_principal2.c,
ldap/libkdb_ldap/lockout.c:
+ more strict checking for null pointers
+ disable assert iand return when db is locked
+ applied inline
- CVE-2011-1527, CVE-2011-1528, and CVE-2011-1529
* Dropped changes, included in Debian:
- Build for multiarch, with pre-depends on multi-arch support virtual package.
- Add Breaks: on old versions fo external packages (i.e., ssd) using
/usr/lib/krb5 due to the path tranisition
- src/lib/krb5/krb/get_creds.c: cherry pick an upstream fix to allow
clients to work against older versions of KDCs that don't support the
"canonicalize" option.
-- Steve Langasek <email address hidden> Sun, 13 Nov 2011 18:24:17 -0800
-
krb5 (1.9.1+dfsg-1ubuntu2.1) oneiric-proposed; urgency=low
* src/lib/krb5/krb/get_creds.c: cherry pick an upstream fix to allow
clients to work against older versions of KDCs that don't support the
"canonicalize" option. LP: #874130.
-- Steve Langasek <email address hidden> Tue, 18 Oct 2011 18:40:10 -0700
-
krb5 (1.9.1+dfsg-1ubuntu1) oneiric; urgency=low
* Merge from debian unstable. Remaining changes:
- Build for multiarch, with pre-depends on multi-arch support virtual package.
- Add Breaks: on old versions fo external packages (i.e., ssd) using
/usr/lib/krb5 due to the path tranisition
krb5 (1.9.1+dfsg-1) unstable; urgency=low
* New upstream version
* Fix g_make_token_header when no token type is passed
* Support absolute paths for GSS-API mechanisms
* Add gss_authorize_localname, gss_userok, gss_pname_to_uid
* Fix gss_acquire_cred handling with empty mech set; fix
accept_sec_context handling in this case too
* Permit importing anonymous name with empty buffer
* New Translations:
- Dutch: Thanks Vincent Zweije, Closes: #624173
- Danish, Thanks Joe Dalton, Closes: #626530
* Fix kadmin free of null pointer on change password, Closes: #622681
krb5 (1.9+dfsg-2) unstable; urgency=low
* In the interest of testing other GSS-API mechanisms it is desirable to
install the gss-server and gss-client application. These are useful to
people developing new GSS-API mechanisms within Debian.
-- Chuck Short <email address hidden> Sat, 04 Jun 2011 07:43:48 +0100