Format: 1.8 Date: Fri, 11 Jan 2019 13:46:00 -0200 Source: krb5 Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-otp krb5-k5tls krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit9 libkadm5clnt-mit9 libk5crypto3 libkdb5-8 libkrb5support0 libkrad0 krb5-gss-samples krb5-locales libkrad-dev Architecture: source Version: 1.13.2+dfsg-5ubuntu2.1 Distribution: xenial-security Urgency: medium Maintainer: Ubuntu Developers Changed-By: Eduardo Barretto Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-doc - Documentation for MIT Kerberos krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-k5tls - TLS plugin for MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-locales - Internationalization support for MIT Kerberos krb5-multidev - Development files for MIT Kerberos without Heimdal conflict krb5-otp - OTP plugin for MIT Kerberos krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit9 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit9 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-8 - MIT Kerberos runtime libraries - Kerberos database libkrad-dev - MIT Kerberos RADIUS Library Development libkrad0 - MIT Kerberos runtime libraries - RADIUS library libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Changes: krb5 (1.13.2+dfsg-5ubuntu2.1) xenial-security; urgency=medium . * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to modify a principal - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on empty arg - CVE-2016-3119 * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon is restricted - CVE-2016-3120 * SECURITY UPDATE: KDC assertion failure - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status assertion failures - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment - CVE-2017-11368 * SECURITY UPDATE: Double free vulnerability - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept failure - CVE-2017-11462 * SECURITY UPDATE: Authenticated kadmin with permission to add principals to an LDAP Kerberos can DoS or bypass DN container check. - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN checking - CVE-2018-5729 - CVE-2018-5730 Checksums-Sha1: bc5b1fced9433bc2aae0bab0d21394fdabf486d7 3520 krb5_1.13.2+dfsg-5ubuntu2.1.dsc 95ae0e5ae4cb4bae09842ad65bb046411745098c 113600 krb5_1.13.2+dfsg-5ubuntu2.1.debian.tar.xz Checksums-Sha256: d32e3a18bd00e7446c67d28c4c70bb96ec80da9b0e9215d4d8531100e1f91952 3520 krb5_1.13.2+dfsg-5ubuntu2.1.dsc 2536a14f7a186c9076d8fb8053be04842300ab000046b4d53c8fa8c9959f1efd 113600 krb5_1.13.2+dfsg-5ubuntu2.1.debian.tar.xz Files: a17dc57731075b1356479cd19c3e561a 3520 net standard krb5_1.13.2+dfsg-5ubuntu2.1.dsc 59a084fdfb7de9672aa34402ef3b4628 113600 net standard krb5_1.13.2+dfsg-5ubuntu2.1.debian.tar.xz Original-Maintainer: Sam Hartman