lp://staging/ubuntu/gutsy/krb5

Created by James Westby and last modified
Get this branch:
bzr branch lp://staging/ubuntu/gutsy/krb5
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

21. By LaMont Jones

Trigger rebuild for hppa.

20. By Sam Hartman

* mit-sa-2007-6:
    - CVE 2007-3999 rpc library buffer overflow
    - CVE 2007-uninitialized kadmin pointer

19. By Russ Allbery

* Don't depend on libkeyutils-dev on non-Linux architectures. Thanks,
  Petr Salinger. (Closes: #430215)
* Restore support for the RUN_KADMIND setting as written by debconf.
  Thanks, Christoph Neerfeld. (Closes: #429535)
* Wrap the build-depends line now that dpkg in oldstable supports this.
* Update debconf templates and debian/control long package descriptions
  as suggested by the debian-l10n-english team as part of the Smith
  review project. Thanks to Christian Perrier for the coordination
  work. (Closes: #428195)
* Debconf translation updates:
  - Galician, thanks Jacobo Tarrio. (Closes: #429511)
  - Portuguese, thanks Miguel Figueiredo. (Closes: #429592)
  - Basque, thanks Piarres Beobide. (Closes: #429637)
  - Japanese, thanks TANAKA, Atushi. (Closes: #429844)
  - Vietnamese, thanks Clytie Siddall. (Closes: #429907)
  - German, thanks Helge Kreutzmann. (Closes: #430561)
  - Czech, thanks Miroslav Kure. (Closes: #431203)
  - Russian, thanks Yuri Kozlov. (Closes: #431247)
  - French, thanks Christian Perrier.

18. By Russ Allbery

* MIT-SA-2007-4: The kadmin RPC library can free an uninitialized
  pointer or write past the end of a stack buffer. This may lead to
  execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443)
* MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that
  may lead to execution of arbitrary code. (CVE-2007-2798)

17. By Sam Hartman

* Make --deps switch to krb5-config include dependent libraries; otherwise do not, Closes: #422985
* Include copyright statement for remaining IETF draft, Closes: #393380

16. By Sam Hartman

Upstream bug #5552: krb5_get_init_creds needs to not dereference
gic_opts if it is null. Instead, assume that it is default options,
Closes: #422687

15. By Kees Cook

* SECURITY UPDATE: arbitrary login via telnet, arbitrary code execution
  via syslog buffer overflows, and heap corruption via GSS api.
* src/appl/telnet/telnetd/{state,sys_term}.c: MIT-SA-2007-1 fix from
  upstream (CVE-2007-0956).
* src/lib/kadm5/logger.c: MIT-SA-2007-2 fix from Debian, based on
  upstream fixes (CVE-2007-0957).
* src/lib/gssapi/krb5/k5unseal.c: MIT-SA-2007-3 fix from upstream
  (CVE-2007-1216).

14. By Martin Pitt

* SECURITY UPDATE: Remote privilege escalation.
* src/lib/rpc/svc.c:
  - Do not call an uninitialized pointer.
  - Patch provided by upstream.
  - References:
    CVE-2006-6143
    http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt

13. By Andrew Mitchell

* Merge from debian unstable, remaining changes:
  - Change netbase dependencies to update-inetd dependencies as
    update-inetd is its own package now.

12. By Tollef Fog Heen

Change netbase dependencies to update-inetd dependencies as
update-inetd is its own package now.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/lucid/krb5
This branch contains Public information 
Everyone can see this information.

Subscribers