[ubuntu/hardy-security] krb5, krb5_1.6.dfsg.3~beta1-2ubuntu1.6_i386_translations.tar.gz, krb5_1.6.dfsg.3~beta1-2ubuntu1.6_amd64_translations.tar.gz, krb5_1.6.dfsg.3~beta1-2ubuntu1.6_sparc_translations.tar.gz (delayed), krb5_1.6.dfsg.3~beta1-2ubuntu1.6_ia64_translations.tar.gz, krb5_1.6.dfsg.3~beta1-2ubuntu1.6_powerpc_translations.tar.gz, krb5_1.6.dfsg.3~beta1-2ubuntu1.6_hppa_translations.tar.gz, krb5_1.6.dfsg.3~beta1-2ubuntu1.6_lpia_translations.tar.gz 1.6.dfsg.3~beta1-2ubuntu1.6 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu Dec 9 14:05:13 GMT 2010
krb5 (1.6.dfsg.3~beta1-2ubuntu1.6) hardy-security; urgency=low
* SECURITY UPDATE: message forgery and privilege escalation via
unacceptable checksums
- src/lib/crypto/krb/dk/derive.c, src/lib/crypto/krb/keyed_checksum_types.c,
src/lib/krb5/krb/mk_safe.c, src/lib/krb5/krb/preauth2.c,
src/plugins/preauth/pkinit/pkinit_srv.c: patched inline, thanks to
upstream.
- CVE-2010-1323
- MITKRB5-SA-2010-007
Date: Wed, 08 Dec 2010 10:27:14 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/krb5/1.6.dfsg.3~beta1-2ubuntu1.6
-------------- next part --------------
Format: 1.7
Date: Wed, 08 Dec 2010 10:27:14 -0500
Source: krb5
Binary: libkadm55 libkrb53 krb5-user krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd krb5-kdc krb5-admin-server libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc
Architecture: source
Version: 1.6.dfsg.3~beta1-2ubuntu1.6
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
krb5-admin-server - MIT Kerberos master server (kadmind)
krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos
krb5-doc - Documentation for MIT Kerberos
krb5-ftpd - Secure FTP server supporting MIT Kerberos
krb5-kdc - MIT Kerberos key server (KDC)
krb5-pkinit - Pkinit Plugin for MIT Kerberos
krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos
krb5-telnetd - Secure telnet server supporting MIT Kerberos
krb5-user - Basic programs to authenticate using MIT Kerberos
libkadm55 - MIT Kerberos administration runtime libraries
libkrb5-dbg - Debugging files for MIT Kerberos
libkrb5-dev - Headers and development libraries for MIT Kerberos
libkrb53 - MIT Kerberos runtime libraries
Changes:
krb5 (1.6.dfsg.3~beta1-2ubuntu1.6) hardy-security; urgency=low
.
* SECURITY UPDATE: message forgery and privilege escalation via
unacceptable checksums
- src/lib/crypto/krb/dk/derive.c, src/lib/crypto/krb/keyed_checksum_types.c,
src/lib/krb5/krb/mk_safe.c, src/lib/krb5/krb/preauth2.c,
src/plugins/preauth/pkinit/pkinit_srv.c: patched inline, thanks to
upstream.
- CVE-2010-1323
- MITKRB5-SA-2010-007
Files:
12b32e420a2a4f71f263fc72a9670434 1737 net standard krb5_1.6.dfsg.3~beta1-2ubuntu1.6.dsc
8a226347e8bcf47b201a05b0ec189d6d 1751252 net standard krb5_1.6.dfsg.3~beta1-2ubuntu1.6.diff.gz
Original-Maintainer: Sam Hartman <hartmans at debian.org>
More information about the Hardy-changes
mailing list