[ubuntu/plucky-proposed] krb5 1.21.3-4ubuntu1 (Accepted)
Nicolas Campuzano Jimenez
nicolas.campuzano at canonical.com
Wed Feb 5 03:59:17 UTC 2025
krb5 (1.21.3-4ubuntu1) plucky; urgency=medium
* SECURITY UPDATE: Use of MD5-based message authentication over plaintext
communications could lead to forgery attacks.
- debian/patches/CVE-2024-3596.patch: Secure Response Authentication
by adding support for the Message-Authenticator attribute in non-EAP
authentication methods.
- CVE-2024-3596
* Update libk5crypto3 symbols: add k5_hmac_md5 symbol.
Date: Tue, 04 Feb 2025 11:30:48 -0500
Changed-By: Nicolas Campuzano Jimenez <nicolas.campuzano at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/krb5/1.21.3-4ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 04 Feb 2025 11:30:48 -0500
Source: krb5
Built-For-Profiles: noudeb
Architecture: source
Version: 1.21.3-4ubuntu1
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Nicolas Campuzano Jimenez <nicolas.campuzano at canonical.com>
Changes:
krb5 (1.21.3-4ubuntu1) plucky; urgency=medium
.
* SECURITY UPDATE: Use of MD5-based message authentication over plaintext
communications could lead to forgery attacks.
- debian/patches/CVE-2024-3596.patch: Secure Response Authentication
by adding support for the Message-Authenticator attribute in non-EAP
authentication methods.
- CVE-2024-3596
* Update libk5crypto3 symbols: add k5_hmac_md5 symbol.
Checksums-Sha1:
b9b016947b2e0dff7455429e3113c46924cbd745 3782 krb5_1.21.3-4ubuntu1.dsc
82f3093aa1941ee236a2bc7c10de892702f8c43b 108772 krb5_1.21.3-4ubuntu1.debian.tar.xz
33c89d776582029f0aa9c09e9b30faa9f5d52e40 6917 krb5_1.21.3-4ubuntu1_source.buildinfo
Checksums-Sha256:
3fe5f7cc6be1f4d3d574b0961e36fac040e7b714f28a9da903ae51153488f5c9 3782 krb5_1.21.3-4ubuntu1.dsc
a10640a2be5d3fdbb8ab32977f5e4a2b5572063154d9b0fb2324089ec1236160 108772 krb5_1.21.3-4ubuntu1.debian.tar.xz
e9c6307535ae52ebae90dec7a476a81c8b29f06612426ca79bb284f98ec66df2 6917 krb5_1.21.3-4ubuntu1_source.buildinfo
Files:
eb1c8c35e215eaacc6ad50efcc4ee8fd 3782 net optional krb5_1.21.3-4ubuntu1.dsc
c6b0a8332abd5e06256c2b529c61ae17 108772 net optional krb5_1.21.3-4ubuntu1.debian.tar.xz
55bf05eaff7ba7f68cf17b046471c883 6917 net optional krb5_1.21.3-4ubuntu1_source.buildinfo
Original-Maintainer: Sam Hartman <hartmans at debian.org>
More information about the plucky-changes
mailing list