Format: 1.8 Date: Fri, 06 Feb 2015 15:26:22 -0500 Source: krb5 Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-otp krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit9 libkadm5srv-mit8 libkadm5clnt-mit9 libk5crypto3 libkdb5-7 libkrb5support0 libkrad0 krb5-gss-samples krb5-locales libkrad-dev Architecture: all i386_translations i386 Version: 1.12+dfsg-2ubuntu5.1 Distribution: trusty Urgency: medium Maintainer: Ubuntu/amd64 Build Daemon <buildd@allspice.buildd> Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com> Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-doc - Documentation for MIT Kerberos krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-locales - Internationalization support for MIT Kerberos krb5-multidev - Development files for MIT Kerberos without Heimdal conflict krb5-otp - OTP plugin for MIT Kerberos krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit9 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit8 - transitional dummy package for libkadm5srv-mit9 libkadm5srv-mit9 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-7 - MIT Kerberos runtime libraries - Kerberos database libkrad-dev - MIT Kerberos RADIUS Library Development libkrad0 - MIT Kerberos runtime libraries - RADIUS library libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Changes: krb5 (1.12+dfsg-2ubuntu5.1) trusty-security; urgency=medium . * SECURITY UPDATE: ticket forging via old keys - debian/patches/CVE-2014-5321.patch: return only new keys in src/lib/kadm5/srv/svr_principal.c. - CVE-2014-5321 * SECURITY UPDATE: use-after-free and double-free memory access violations - debian/patches/CVE-2014-5352.patch: properly handle context deletion in src/lib/gssapi/krb5/context_time.c, src/lib/gssapi/krb5/export_sec_context.c, src/lib/gssapi/krb5/gssapiP_krb5.h, src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/inq_context.c, src/lib/gssapi/krb5/k5seal.c, src/lib/gssapi/krb5/k5sealiov.c, src/lib/gssapi/krb5/k5unseal.c, src/lib/gssapi/krb5/k5unsealiov.c, src/lib/gssapi/krb5/lucid_context.c, src/lib/gssapi/krb5/prf.c, src/lib/gssapi/krb5/process_context_token.c, src/lib/gssapi/krb5/wrap_size_limit.c. - CVE-2014-5352 * SECURITY UPDATE: denial of service via LDAP query with no results - debian/patches/CVE-2014-5353.patch: properly handle policy name in src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c. - CVE-2014-5353 * SECURITY UPDATE: denial of service via database entry for a keyless principal - debian/patches/CVE-2014-5354.patch: support keyless principals in src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c. - CVE-2014-5354 * SECURITY UPDATE: denial of service or code execution in kadmind XDR data processing - debian/patches/CVE-2014-9421.patch: fix double free in src/lib/kadm5/kadm_rpc_xdr.c, src/lib/rpc/auth_gssapi_misc.c. - CVE-2014-9421 * SECURITY UPDATE: impersonation attack via two-component server principals - debian/patches/CVE-2014-9422.patch: fix kadmind server validation in src/kadmin/server/kadm_rpc_svc.c. - CVE-2014-9422 * SECURITY UPDATE: gssrpc data leakage - debian/patches/CVE-2014-9423.patch: fix leakage in src/lib/gssapi/mechglue/mglueP.h, src/lib/rpc/svc_auth_gss.c. - CVE-2014-9423 Checksums-Sha1: 8f4f5b5396ae52bff1d00acd6196a574b424222b 2045812 krb5-doc_1.12+dfsg-2ubuntu5.1_all.deb e367d7bf72dd394aa3e39475c7b2d67493e6d539 13174 krb5-locales_1.12+dfsg-2ubuntu5.1_all.deb 308040233adc490b4c9af22c66eb95069aab87a3 64096 krb5_1.12+dfsg-2ubuntu5.1_i386_translations.tar.gz 3e707b3a3cad81f5e18718e4801f86270b0b7923 92694 krb5-user_1.12+dfsg-2ubuntu5.1_i386.deb a569f343cc8ac1b2b12c9b8ecc86b0c8668013a7 167656 krb5-kdc_1.12+dfsg-2ubuntu5.1_i386.deb 38fd947d91c587000de03dffa0245f6d4db57c11 76472 krb5-kdc-ldap_1.12+dfsg-2ubuntu5.1_i386.deb 50c5a32ec6286faa61867356ef7c795e320e5306 79850 krb5-admin-server_1.12+dfsg-2ubuntu5.1_i386.deb c1361856ec0bcfda4902d8348a093c524f925a16 110952 krb5-multidev_1.12+dfsg-2ubuntu5.1_i386.deb 06a6135ede7790d5a0fe4c72aa51a465a37baeb6 14426 libkrb5-dev_1.12+dfsg-2ubuntu5.1_i386.deb d467c9388019cfc393831db8eed708c68b8bffd2 1358694 libkrb5-dbg_1.12+dfsg-2ubuntu5.1_i386.deb 45019a9b431b477fe92e2d530cfbcfeb44996086 50606 krb5-pkinit_1.12+dfsg-2ubuntu5.1_i386.deb 3b1aa7eca3ba4f287c72c31f888c4dea6b401876 16758 krb5-otp_1.12+dfsg-2ubuntu5.1_i386.deb f94b9f211148923119d58ce660bf6e318d65e91b 259528 libkrb5-3_1.12+dfsg-2ubuntu5.1_i386.deb d2788554b1098e9feb60221425a201bf58973db9 111276 libgssapi-krb5-2_1.12+dfsg-2ubuntu5.1_i386.deb cf1a07cd8105ad265a59fc041803cc8dc99a7101 52358 libgssrpc4_1.12+dfsg-2ubuntu5.1_i386.deb c294368616f387980d6c7cc77ebaee2178d604d3 49820 libkadm5srv-mit9_1.12+dfsg-2ubuntu5.1_i386.deb 6f9fc7ecef1238c6ba5096e17601db7d3c13a5f4 9556 libkadm5srv-mit8_1.12+dfsg-2ubuntu5.1_i386.deb bfbb22b34c035a2461c8e075ae7832532b022e00 35360 libkadm5clnt-mit9_1.12+dfsg-2ubuntu5.1_i386.deb 4942c2a2296bfcba4e519a18434de6a3a6201e8c 77822 libk5crypto3_1.12+dfsg-2ubuntu5.1_i386.deb b87aab4690f0650062b78b10b997699def84705e 36028 libkdb5-7_1.12+dfsg-2ubuntu5.1_i386.deb 4880c8ee24328bf8ecd60142b361a376630ae01a 30672 libkrb5support0_1.12+dfsg-2ubuntu5.1_i386.deb 2b837595c9d193f52120b2675fd64be95b23f4d3 20842 libkrad0_1.12+dfsg-2ubuntu5.1_i386.deb 99dcc3a4d14a27bf9c00aafb814e2a37b23d4ce4 25164 krb5-gss-samples_1.12+dfsg-2ubuntu5.1_i386.deb 8e33d916f553dd8005710db22d155d39d2ebc691 11880 libkrad-dev_1.12+dfsg-2ubuntu5.1_i386.deb Checksums-Sha256: 6b3cdc2d72d3b46888a795f1af816b59f8049a0a486c853c38622198f1deffbd 2045812 krb5-doc_1.12+dfsg-2ubuntu5.1_all.deb e36c7e48dd118a0ec521ef2d5cb35733e6dd1233bac2800eccb10f62dde12067 13174 krb5-locales_1.12+dfsg-2ubuntu5.1_all.deb 0f7ad1b0ca028f301ffab66fba5651071aa9d5063545c424e75371874a88fb29 64096 krb5_1.12+dfsg-2ubuntu5.1_i386_translations.tar.gz e9a37116ba0439c37cf6d2ac45b1277761a7d03004b5d13c741b36b958926024 92694 krb5-user_1.12+dfsg-2ubuntu5.1_i386.deb 3052149ae5bfc1ef2b7bf9fce2e0cb4476d3a8ebc48d0a39e7ad8b33530b68bd 167656 krb5-kdc_1.12+dfsg-2ubuntu5.1_i386.deb a162577916b74b92e5544d296ec89ec97d32cb168faef3a0a9eca7f582353547 76472 krb5-kdc-ldap_1.12+dfsg-2ubuntu5.1_i386.deb 82a078f4731381b1664bb082cf96097791fd394a39d7a4ea61107a6ff7758cc6 79850 krb5-admin-server_1.12+dfsg-2ubuntu5.1_i386.deb e190415667829d00a3dd5bdbd5c8d686cce3a3afc961f5f299174f391a87e54a 110952 krb5-multidev_1.12+dfsg-2ubuntu5.1_i386.deb 57d17f4747720ae5b8f3432dcb001d356b639b3f14ac43852449f8c930884187 14426 libkrb5-dev_1.12+dfsg-2ubuntu5.1_i386.deb 3ce0b891b0cd4629483456c6c6ea601b6b4dd20fe1f36d2102d69e18d08a6d69 1358694 libkrb5-dbg_1.12+dfsg-2ubuntu5.1_i386.deb f0470b0900dd11ecb8d608f46c60312f84d9757d7eb6d85e0f37baa0f6b4de98 50606 krb5-pkinit_1.12+dfsg-2ubuntu5.1_i386.deb 515630f3b07dd0ff61716971914d712a5ba8a5e67ec08537a4af595b34206efa 16758 krb5-otp_1.12+dfsg-2ubuntu5.1_i386.deb 3492ab32ce479054a83d1cb5e59a7a7c264e2a89ec74d0a7525b3e73f7015873 259528 libkrb5-3_1.12+dfsg-2ubuntu5.1_i386.deb a4169d31202ef8165a0aba3108ee750d74e11274c75e452fc32c17cc57e935aa 111276 libgssapi-krb5-2_1.12+dfsg-2ubuntu5.1_i386.deb 52c5cc3a09b6d655ef5e5562393959303d1930f8915e6e9286aec3ebbc9e35a2 52358 libgssrpc4_1.12+dfsg-2ubuntu5.1_i386.deb 8650db0c1b5f87c3844d01533cf54fe2014c1a306b24e8e377d50134746ef85b 49820 libkadm5srv-mit9_1.12+dfsg-2ubuntu5.1_i386.deb 127af57cc5251951b2fffd4a4c8c828e7ab324f3a2067be0d1973c41429f2181 9556 libkadm5srv-mit8_1.12+dfsg-2ubuntu5.1_i386.deb aceb90819c98b24d1064f774306901d6f50b53d2e27e2cfa14119a20c4ca91d7 35360 libkadm5clnt-mit9_1.12+dfsg-2ubuntu5.1_i386.deb d5aca39dbf77e49837e45f4412c9f57fd9a1d2789a8acd2271d170e58cb641cf 77822 libk5crypto3_1.12+dfsg-2ubuntu5.1_i386.deb 59f69a0c0e2f462b54133f0c1058a8fc6a92290c1aa2b86285c5264fa1c71090 36028 libkdb5-7_1.12+dfsg-2ubuntu5.1_i386.deb ae2bb3eb5d521c5e606136365d9fa1d780a3b847ced93f5973183fc1c43ab69b 30672 libkrb5support0_1.12+dfsg-2ubuntu5.1_i386.deb 17be4caae891c91cdc70f84f9d6c2a2f4ed5dcb81ad425715d1f7a23b65bd32e 20842 libkrad0_1.12+dfsg-2ubuntu5.1_i386.deb d51c4f8120bcc44bda04b69312cdbc6f443a1cbe2a92a79a589d6eadf9c09595 25164 krb5-gss-samples_1.12+dfsg-2ubuntu5.1_i386.deb 448ecf51bfc5d0690bf9fe4f4a7eb26fa6f310fb085fc2e12c4895a45ff68960 11880 libkrad-dev_1.12+dfsg-2ubuntu5.1_i386.deb Files: 362835570fea2b135160e07c6b7fe7fa 2045812 doc optional krb5-doc_1.12+dfsg-2ubuntu5.1_all.deb 1013d2f0727c61ec2e94f77b7adb13dc 13174 localization standard krb5-locales_1.12+dfsg-2ubuntu5.1_all.deb d444df21abbae1bf152cbe84f06548d5 64096 raw-translations - krb5_1.12+dfsg-2ubuntu5.1_i386_translations.tar.gz 898b57eb418566776fcb305c463d8506 92694 net optional krb5-user_1.12+dfsg-2ubuntu5.1_i386.deb 71651d4fcbe508e085bc86876c8bb4d9 167656 net optional krb5-kdc_1.12+dfsg-2ubuntu5.1_i386.deb 15be52aa71db114e9e17b38d8cc07d60 76472 net extra krb5-kdc-ldap_1.12+dfsg-2ubuntu5.1_i386.deb 58cb7bdc273eab8abde29a0e07b3a1d1 79850 net optional krb5-admin-server_1.12+dfsg-2ubuntu5.1_i386.deb f539d5cba2a10ace5e27f1c0a8fc0af5 110952 libdevel optional krb5-multidev_1.12+dfsg-2ubuntu5.1_i386.deb ad4f0d80dd9cc76f39ae8a8e2ea30de2 14426 libdevel extra libkrb5-dev_1.12+dfsg-2ubuntu5.1_i386.deb 7b4899a0caaaad9c0ea0386c3f4f6b25 1358694 debug extra libkrb5-dbg_1.12+dfsg-2ubuntu5.1_i386.deb b024b1611eed4708eff0e3b697193692 50606 net extra krb5-pkinit_1.12+dfsg-2ubuntu5.1_i386.deb d59cadf5e93514c78f94feb45eda752f 16758 net extra krb5-otp_1.12+dfsg-2ubuntu5.1_i386.deb 9a710eeb8c7157183bffc98ef5d4ce31 259528 libs standard libkrb5-3_1.12+dfsg-2ubuntu5.1_i386.deb 73fd934f56daa9258678a1da46d0d27f 111276 libs standard libgssapi-krb5-2_1.12+dfsg-2ubuntu5.1_i386.deb 105f5b255e8429c392f5d4b5e007d10c 52358 libs standard libgssrpc4_1.12+dfsg-2ubuntu5.1_i386.deb 2b305b31911726c06acb4a30524141d8 49820 libs standard libkadm5srv-mit9_1.12+dfsg-2ubuntu5.1_i386.deb 1ba16f9fdd3d580d6b584db4bfed0291 9556 oldlibs extra libkadm5srv-mit8_1.12+dfsg-2ubuntu5.1_i386.deb 70a8c2e561784c8afe9d56b7d5a8ca59 35360 libs standard libkadm5clnt-mit9_1.12+dfsg-2ubuntu5.1_i386.deb 9846b25139d69aab073f1fa04e024792 77822 libs standard libk5crypto3_1.12+dfsg-2ubuntu5.1_i386.deb 89daae360fb8d5e61030adcac7c1df62 36028 libs standard libkdb5-7_1.12+dfsg-2ubuntu5.1_i386.deb 437a1b9b6568f5cf4d390b6ac17361bb 30672 libs standard libkrb5support0_1.12+dfsg-2ubuntu5.1_i386.deb 0c72578a3a64ef6a4a3f07f1310a6ef2 20842 libs standard libkrad0_1.12+dfsg-2ubuntu5.1_i386.deb 0c93aca39088a6c546c1c5e6010f3e32 25164 net extra krb5-gss-samples_1.12+dfsg-2ubuntu5.1_i386.deb 0044a35ebc5b2b1df6c79be26497e783 11880 libdevel extra libkrad-dev_1.12+dfsg-2ubuntu5.1_i386.deb Original-Maintainer: Sam Hartman <hartmans@debian.org>