Ubuntu
krb5 package

Change logs for krb5 source package in Focal

  1. Focal (20.04)
  2. Change log 
  • krb5 (1.17-6ubuntu4.4) focal-security; urgency=medium

  * SECURITY UPDATE: freeing of uninitialized memory
    - debian/patches/CVE-2023-36054.patch: ensure array count consistency in
      kadm5 RPC.
    - CVE-2023-36054

 -- Camila Camargo de Matos <email address hidden>  Tue, 24 Oct 2023 13:53:43 -0300
  • krb5 (1.17-6ubuntu4.3) focal-security; urgency=medium

  * SECURITY UPDATE: Null pointer dereference issue
    - debian/patches/CVE-2021-36222.patch: Fix KDC null deref on bad
      encrypted challenge
    - debian/patches/CVE-2021-37750.patch: Fix KDC null deref on TGS inner
      body null server
    - CVE-2021-36222
    - CVE-2021-37750

 -- Nishit Majithia <email address hidden>  Wed, 15 Mar 2023 19:47:40 +0530
  • krb5 (1.17-6ubuntu4.2) focal-security; urgency=medium

  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2022-42898.patch: add buffer length checks in
      krb5_pac_parse() in src/lib/krb5/krb/pac.c and a test case for
      invalid buffers in src/lib/krb5/krb/t_pac.c.
    - CVE-2022-42898

 -- Rodrigo Figueiredo Zaiden <email address hidden>  Fri, 20 Jan 2023 08:14:35 -0300
  • krb5 (1.17-6ubuntu4.1) focal-security; urgency=medium

  * SECURITY UPDATE: Unbounded recursion
    - debian/patches/CVE-2020-28196.patch: adds recursion limit for ASN.1
      indefinite lenghts in src/lib/krb5/asn.1/asn1_encode.c.
    - CVE-2020-28196

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 11 Nov 2020 11:23:12 -0300
  • krb5 (1.17-6ubuntu4) focal; urgency=medium

  * No-change rebuild with fixed binutils on arm64.

 -- Matthias Klose <email address hidden>  Sat, 08 Feb 2020 11:05:44 +0000
  • krb5 (1.17-6ubuntu3) focal; urgency=medium

  * d/p/1000-doc-tools-py3.patch, d/rules, d/control: use python3 for
    doc building (LP: #1858496)

 -- Andreas Hasenack <email address hidden>  Thu, 09 Jan 2020 11:11:49 -0300
  • krb5 (1.17-6ubuntu2) focal; urgency=medium

  * Build-depend on python2.

 -- Dimitri John Ledkov <email address hidden>  Thu, 09 Jan 2020 03:08:25 +0000
  • krb5 (1.17-6ubuntu1) focal; urgency=medium

  * d/control: add "Multi-Arch: foreign" to allow krb5-doc to be used as
    a dependency of architecture-dependent packages. In particular, this
    lets krb5-doc:i386 be installed on an amd64 host. See
    https://lists.ubuntu.com/archives/ubuntu-devel/2019-December/040859.html
    for details.

 -- Andreas Hasenack <email address hidden>  Mon, 06 Jan 2020 16:24:39 -0300
  • krb5 (1.17-6) unstable; urgency=medium

  * Stop depending on texlive-generic-extra, which is no longer built,
    Closes: #933286

 -- Sam Hartman <email address hidden>  Thu, 01 Aug 2019 14:15:13 -0400