[ubuntu/plucky-proposed] krb5 1.21.3-4ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Feb 25 20:06:22 UTC 2025 

krb5 (1.21.3-4ubuntu2) plucky; urgency=medium

  * SECURITY UPDATE: denial of service via two memory leaks
    - debian/patches/CVE-2024-26458.patch: fix two unlikely memory leaks in
      src/lib/gssapi/krb5/k5sealv3.c, src/lib/rpc/pmap_rmt.c.
    - CVE-2024-26458
    - CVE-2024-26461
  * SECURITY UPDATE: kadmind DoS via iprop log file
    - debian/patches/CVE-2025-24528.patch: prevent overflow when
      calculating ulog block size in src/lib/kdb/kdb_log.c.
    - CVE-2025-24528

Date: Tue, 25 Feb 2025 10:22:31 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/krb5/1.21.3-4ubuntu2
-------------- next part --------------
Format: 1.8
Date: Tue, 25 Feb 2025 10:22:31 -0500
Source: krb5
Built-For-Profiles: noudeb
Architecture: source
Version: 1.21.3-4ubuntu2
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 krb5 (1.21.3-4ubuntu2) plucky; urgency=medium
 .
   * SECURITY UPDATE: denial of service via two memory leaks
     - debian/patches/CVE-2024-26458.patch: fix two unlikely memory leaks in
       src/lib/gssapi/krb5/k5sealv3.c, src/lib/rpc/pmap_rmt.c.
     - CVE-2024-26458
     - CVE-2024-26461
   * SECURITY UPDATE: kadmind DoS via iprop log file
     - debian/patches/CVE-2025-24528.patch: prevent overflow when
       calculating ulog block size in src/lib/kdb/kdb_log.c.
     - CVE-2025-24528
Checksums-Sha1:
 fecc2d92cb9b2c18794f759d9956ae0587e25008 4090 krb5_1.21.3-4ubuntu2.dsc
 29d291e596356421b69d8b0ec03470bd5147f293 110988 krb5_1.21.3-4ubuntu2.debian.tar.xz
 c0551645df999934dd0570c9d824cedeafc56e5c 7206 krb5_1.21.3-4ubuntu2_source.buildinfo
Checksums-Sha256:
 5fc4b1965b3fefca20244c172777aa887e7fde5dff624413d636b3c0d82c7873 4090 krb5_1.21.3-4ubuntu2.dsc
 18454f9561707b467852fe0e5274dd02a2cd632fe8618ea9730d2df6ddc83232 110988 krb5_1.21.3-4ubuntu2.debian.tar.xz
 648ce0bf5643a76ddd87a7a727bf33be3703083428c4f0fdb8b7b2698f4f5c77 7206 krb5_1.21.3-4ubuntu2_source.buildinfo
Files:
 180825cf32a8a705024957670b3e83a4 4090 net optional krb5_1.21.3-4ubuntu2.dsc
 ee2d5cf6a8622033b7ddc20935f2af92 110988 net optional krb5_1.21.3-4ubuntu2.debian.tar.xz
 7e55c0b8585c575576557a5e4843617e 7206 net optional krb5_1.21.3-4ubuntu2_source.buildinfo
Original-Maintainer: Sam Hartman <hartmans at debian.org>

More information about the plucky-changes mailing list