lp://staging/ubuntu/gutsy/krb5
- Get this branch:
- bzr branch lp://staging/ubuntu/gutsy/krb5
Branch merges
Branch information
Recent revisions
- 20. By Sam Hartman
-
* mit-sa-2007-6:
- CVE 2007-3999 rpc library buffer overflow
- CVE 2007-uninitialized kadmin pointer - 19. By Russ Allbery
-
* Don't depend on libkeyutils-dev on non-Linux architectures. Thanks,
Petr Salinger. (Closes: #430215)
* Restore support for the RUN_KADMIND setting as written by debconf.
Thanks, Christoph Neerfeld. (Closes: #429535)
* Wrap the build-depends line now that dpkg in oldstable supports this.
* Update debconf templates and debian/control long package descriptions
as suggested by the debian-l10n-english team as part of the Smith
review project. Thanks to Christian Perrier for the coordination
work. (Closes: #428195)
* Debconf translation updates:
- Galician, thanks Jacobo Tarrio. (Closes: #429511)
- Portuguese, thanks Miguel Figueiredo. (Closes: #429592)
- Basque, thanks Piarres Beobide. (Closes: #429637)
- Japanese, thanks TANAKA, Atushi. (Closes: #429844)
- Vietnamese, thanks Clytie Siddall. (Closes: #429907)
- German, thanks Helge Kreutzmann. (Closes: #430561)
- Czech, thanks Miroslav Kure. (Closes: #431203)
- Russian, thanks Yuri Kozlov. (Closes: #431247)
- French, thanks Christian Perrier. - 18. By Russ Allbery
-
* MIT-SA-2007-4: The kadmin RPC library can free an uninitialized
pointer or write past the end of a stack buffer. This may lead to
execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443)
* MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that
may lead to execution of arbitrary code. (CVE-2007-2798) - 17. By Sam Hartman
-
* Make --deps switch to krb5-config include dependent libraries; otherwise do not, Closes: #422985
* Include copyright statement for remaining IETF draft, Closes: #393380 - 16. By Sam Hartman
-
Upstream bug #5552: krb5_get_init_creds needs to not dereference
gic_opts if it is null. Instead, assume that it is default options,
Closes: #422687 - 15. By Kees Cook
-
* SECURITY UPDATE: arbitrary login via telnet, arbitrary code execution
via syslog buffer overflows, and heap corruption via GSS api.
* src/appl/telnet/ telnetd/ {state, sys_term} .c: MIT-SA-2007-1 fix from
upstream (CVE-2007-0956).
* src/lib/kadm5/logger. c: MIT-SA-2007-2 fix from Debian, based on
upstream fixes (CVE-2007-0957).
* src/lib/gssapi/ krb5/k5unseal. c: MIT-SA-2007-3 fix from upstream
(CVE-2007-1216). - 14. By Martin Pitt
-
* SECURITY UPDATE: Remote privilege escalation.
* src/lib/rpc/svc.c:
- Do not call an uninitialized pointer.
- Patch provided by upstream.
- References:
CVE-2006-6143
http://web.mit. edu/kerberos/ www/advisories/ MITKRB5- SA-2006- 002-rpc. txt - 13. By Andrew Mitchell
-
* Merge from debian unstable, remaining changes:
- Change netbase dependencies to update-inetd dependencies as
update-inetd is its own package now. - 12. By Tollef Fog Heen
-
Change netbase dependencies to update-inetd dependencies as
update-inetd is its own package now.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/lucid/krb5