Kali Linux Package Tracker
Register | Log in

krb5 1.12.1+dfsg-19+deb8u1 has been added to Kali Sana Security

News for package krb5

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: krb5
Binary: krb5-user, krb5-kdc, krb5-kdc-ldap, krb5-admin-server, krb5-multidev, libkrb5-dev, libkrb5-dbg, krb5-pkinit, krb5-otp, krb5-doc, libkrb5-3, libgssapi-krb5-2, libgssrpc4, libkadm5srv-mit9, libkadm5clnt-mit9, libk5crypto3, libkdb5-7, libkrb5support0, libkrad0, krb5-gss-samples, krb5-locales, libkrad-dev
Architecture: any all
Version: 1.12.1+dfsg-19+deb8u1
Maintainer: Sam Hartman <[email protected]>
Uploaders: Russ Allbery <[email protected]>, Benjamin Kaduk <[email protected]>
Homepage: http://web.mit.edu/kerberos/
Standards-Version: 3.9.5
Vcs-Browser: http://git.debian.org/?p=pkg-k5-afs/debian-krb5-2013.git
Vcs-Git: git://git.debian.org/git/pkg-k5-afs/debian-krb5-2013.git
Build-Depends: debhelper (>= 8.1.3), byacc | bison, comerr-dev, docbook-to-man, doxygen, libkeyutils-dev [linux-any], libldap2-dev, libncurses5-dev, libssl-dev, ss-dev, libverto-dev (>= 0.2.4), pkg-config, dh-systemd
Build-Depends-Indep: python-cheetah, python-lxml, python-sphinx, doxygen-latex
Package-List:
 krb5-admin-server deb net optional arch=any
 krb5-doc deb doc optional arch=all
 krb5-gss-samples deb net extra arch=any
 krb5-kdc deb net optional arch=any
 krb5-kdc-ldap deb net extra arch=any
 krb5-locales deb localization standard arch=all
 krb5-multidev deb libdevel optional arch=any
 krb5-otp deb net extra arch=any
 krb5-pkinit deb net extra arch=any
 krb5-user deb net optional arch=any
 libgssapi-krb5-2 deb libs standard arch=any
 libgssrpc4 deb libs standard arch=any
 libk5crypto3 deb libs standard arch=any
 libkadm5clnt-mit9 deb libs standard arch=any
 libkadm5srv-mit9 deb libs standard arch=any
 libkdb5-7 deb libs standard arch=any
 libkrad-dev deb libdevel extra arch=any
 libkrad0 deb libs standard arch=any
 libkrb5-3 deb libs standard arch=any
 libkrb5-dbg deb debug extra arch=any
 libkrb5-dev deb libdevel extra arch=any
 libkrb5support0 deb libs standard arch=any
Checksums-Sha1:
 d211e7d605bd992d33b7cbca1da14d68f0770258 11792370 krb5_1.12.1+dfsg.orig.tar.gz
 5e694b245486d6c7faaada4fe8758acfbaec6e7e 120776 krb5_1.12.1+dfsg-19+deb8u1.debian.tar.xz
Checksums-Sha256:
 eb29959f1e9f8d71e7401f5809daefae067296eb5b0da1176366280a16bdd784 11792370 krb5_1.12.1+dfsg.orig.tar.gz
 0e61a1ba59d3f25a0a40022fd8a316c917e3c4ca9bb7b604646e949fd91d592f 120776 krb5_1.12.1+dfsg-19+deb8u1.debian.tar.xz
Files:
 dd0367010b3d2385d9f23db25457a0bf 11792370 krb5_1.12.1+dfsg.orig.tar.gz
 d1f9a984af597b08307f41b160a73367 120776 krb5_1.12.1+dfsg-19+deb8u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWO67PAAoJEAVMuPMTQ89E7lMP/j3AWXgiK9HzvWOE0uPvKhr5
5vF9Uhws15JQ6xiNylsdovlv/M7VXsMGT0MNz3VLKNPdo+cT1O4SM9TaorimTgTp
6tRZBfdJpOW5Uv2rnlS0f6IkZcNwrOTGVTAj4sF8avDRvLaP+GkLMTZ6rGShT+Aw
gr4pDG7SsaXTKgGD/rDXO7Giastbhn1FD53gPpBHYOobiUoFU75KRqKJR1ET893b
P/YKbBlDbUdwCOICJs5IqxUf679V4kobBe97OpxWFEuLUWoG6CeYPtRBvx/A+n1S
zR284M4LWO9rxB3+9yZ5cbAN9VRbq5juig6QAI4477k+3PfuNLfJQX1jmIDqzH9j
dDKZBQkMs6rRLdRyxgP2AwRVB80tXYot0614F+Oaj7iIRQLs1d5rjX5t+fme01su
AUhI4z/taLbKRtJTJrNpdHbZoBzyjmZnNx5fwQ5TqCmhpMms0gMQUb1Pw9MJM8F6
PV7exAi9Y0uB2HkGjprPebPXCSw8cM7RsgII22/G9njagSPVDRfFJWTlbBUyE3s3
UvU04USFIYRLNaGY0IkiuzWVFEZQOe+p8pTDqwyrMLOaf6eC+xOmsolxGq9MwG58
7TSQSIhfKb3vpqBU0CoYByfH/1K7EqJK7/ZXQopgFX5N7dY+tEBCqxG9qiu58D6l
B4ihuUrEJAP4175NDRKy
=OdQN
-----END PGP SIGNATURE-----

Changes:
krb5 (1.12.1+dfsg-19+deb8u1) jessie-security; urgency=high

  * Import upstream patches for four CVEs:
    - CVE-2015-2695: SPNEGO context aliasing during establishment,
      Closes: #803083
    - CVE-2015-2696: IAKERB context aliasing during establishment,
      Closes: #803084
    - CVE-2015-2697: unsafe string handling in TGS processing,
      Closes: #803088
    - CVE-2015-2698: regression (memory corruption) in patch for CVE-2015-2696
  * In addition to CVE-2015-2698, the upstream patches for CVE-2015-2695
    and CVE-2015-2696 introduced regressions preventing the use of
    gss_import_sec_context() with contexts established using IAKERB
    or SPNEGO; the fixes for those regressions are included here.

 -- Benjamin Kaduk <[email protected]>  Wed, 04 Nov 2015 22:05:10 -0500