-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: krb5 Binary: krb5-user, krb5-kdc, krb5-kdc-ldap, krb5-admin-server, krb5-multidev, libkrb5-dev, libkrb5-dbg, krb5-pkinit, krb5-otp, krb5-k5tls, krb5-doc, libkrb5-3, libgssapi-krb5-2, libgssrpc4, libkadm5srv-mit9, libkadm5clnt-mit9, libk5crypto3, libkdb5-8, libkrb5support0, libkrad0, krb5-gss-samples, krb5-locales, libkrad-dev Architecture: any all Version: 1.13.2+dfsg-4 Maintainer: Sam Hartman <[email protected]> Uploaders: Russ Allbery <[email protected]>, Benjamin Kaduk <[email protected]> Homepage: http://web.mit.edu/kerberos/ Standards-Version: 3.9.6 Vcs-Browser: http://git.debian.org/?p=pkg-k5-afs/debian-krb5-2013.git Vcs-Git: git://git.debian.org/git/pkg-k5-afs/debian-krb5-2013.git Build-Depends: debhelper (>= 8.1.3), byacc | bison, comerr-dev, docbook-to-man, doxygen, libkeyutils-dev [linux-any], libldap2-dev, libncurses5-dev, libssl-dev, ss-dev, libverto-dev (>= 0.2.4), pkg-config, dh-systemd Build-Depends-Indep: python, python-cheetah, python-lxml, python-sphinx, doxygen-latex Package-List: krb5-admin-server deb net optional arch=any krb5-doc deb doc optional arch=all krb5-gss-samples deb net extra arch=any krb5-k5tls deb net extra arch=any krb5-kdc deb net optional arch=any krb5-kdc-ldap deb net extra arch=any krb5-locales deb localization standard arch=all krb5-multidev deb libdevel optional arch=any krb5-otp deb net extra arch=any krb5-pkinit deb net extra arch=any krb5-user deb net optional arch=any libgssapi-krb5-2 deb libs standard arch=any libgssrpc4 deb libs standard arch=any libk5crypto3 deb libs standard arch=any libkadm5clnt-mit9 deb libs standard arch=any libkadm5srv-mit9 deb libs standard arch=any libkdb5-8 deb libs standard arch=any libkrad-dev deb libdevel extra arch=any libkrad0 deb libs standard arch=any libkrb5-3 deb libs standard arch=any libkrb5-dbg deb debug extra arch=any libkrb5-dev deb libdevel extra arch=any libkrb5support0 deb libs standard arch=any Checksums-Sha1: 2de0f519bb7c51612e2816a9dc64d966ac6e97b2 11884064 krb5_1.13.2+dfsg.orig.tar.gz c0dc6e705cca2681c94e54b4588a46c8dcb41fc2 99124 krb5_1.13.2+dfsg-4.debian.tar.xz Checksums-Sha256: a7af3953e4ab52b17f80bdfc2fc7471b66b512b128520796e2b993554543873a 11884064 krb5_1.13.2+dfsg.orig.tar.gz 414ab670c5cd7e536c24e61bd7fe8429e3f8071ee8a42396bdb5b73fe1c8cfbc 99124 krb5_1.13.2+dfsg-4.debian.tar.xz Files: b9b16449b2e584a7360cdeed12687484 11884064 krb5_1.13.2+dfsg.orig.tar.gz 93681196962b3d0bc2c90f43a02d04ea 99124 krb5_1.13.2+dfsg-4.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQGgBAEBCgAGBQJWOtJrAAoJECjZpvNk63USSAwMINK5H8O89uXmjKox/ppaVv/v 9HCYv4dB5CRe8w2DyV4zMvSgmPS1k+vIzVVyHcvU5FJUy+SxT/Ng6NwPma4mYHcp mDd3aJtw/izxNKq6SXiqWjk/Oheu30I+pmZbunoqbY5N4zC10SUhqsYr1GipaCm0 VtOKPFz6TcWixnqTlgZcnCY44frHZ2MuPHoxMUIJ3HvScTUHrMhTHvU5ROMp+3rj 7bpty3x83Z3re/Qb17xEUkY7ABeDBgKG4HTWJNp2BOkfxlHUjcTSLVrgALKzcBLm AfFcKizYgT/CXAQ6qDbA1/fvWT0Q9DyBY/KMVSzNHohRzu1P/48x96BHrkUlcE9T SZdjDX6IdU5urFXDRikxsAMBLiSddqYpz4DOHXItgfQmEIFnRveneyXEsy0/KUpd b8wE9sR6IYPjJWqB6qtQETge7oO8ggQS05w/DwbdJbfKSqubvQqb2rgKNog/sHE/ tjwoi7CgMJiwPEAl1XrtNUe6i9vbOh17VDU05nMnPpoF0qw= =54Rh -----END PGP SIGNATURE----- Changes: krb5 (1.13.2+dfsg-4) unstable; urgency=high * Import upstream patches fixing regressions in the previous upload: - CVE-2015-2698: the patch for CVE-2015-2696 caused memory corruption for applications calling gss_export_sec_context() on contexts established using the IAKERB mechanism. - Supply gss_import_sec_context implementations for SPNEGO and IAKERB, which were not implemented due to the erroneous belief that the exported context tokens would be tagged with the underlying context's mechanism. -- Benjamin Kaduk <[email protected]> Wed, 04 Nov 2015 22:47:22 -0500