-
krb5 (1.17-6ubuntu4.4) focal-security; urgency=medium
* SECURITY UPDATE: freeing of uninitialized memory
- debian/patches/CVE-2023-36054.patch: ensure array count consistency in
kadm5 RPC.
- CVE-2023-36054
-- Camila Camargo de Matos <email address hidden> Tue, 24 Oct 2023 13:53:43 -0300
-
krb5 (1.17-6ubuntu4.3) focal-security; urgency=medium
* SECURITY UPDATE: Null pointer dereference issue
- debian/patches/CVE-2021-36222.patch: Fix KDC null deref on bad
encrypted challenge
- debian/patches/CVE-2021-37750.patch: Fix KDC null deref on TGS inner
body null server
- CVE-2021-36222
- CVE-2021-37750
-- Nishit Majithia <email address hidden> Wed, 15 Mar 2023 19:47:40 +0530
-
krb5 (1.17-6ubuntu4.2) focal-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2022-42898.patch: add buffer length checks in
krb5_pac_parse() in src/lib/krb5/krb/pac.c and a test case for
invalid buffers in src/lib/krb5/krb/t_pac.c.
- CVE-2022-42898
-- Rodrigo Figueiredo Zaiden <email address hidden> Fri, 20 Jan 2023 08:14:35 -0300
-
krb5 (1.17-6ubuntu4.1) focal-security; urgency=medium
* SECURITY UPDATE: Unbounded recursion
- debian/patches/CVE-2020-28196.patch: adds recursion limit for ASN.1
indefinite lenghts in src/lib/krb5/asn.1/asn1_encode.c.
- CVE-2020-28196
-- <email address hidden> (Leonidas S. Barbosa) Wed, 11 Nov 2020 11:23:12 -0300
-
krb5 (1.17-6ubuntu4) focal; urgency=medium
* No-change rebuild with fixed binutils on arm64.
-- Matthias Klose <email address hidden> Sat, 08 Feb 2020 11:05:44 +0000
-
krb5 (1.17-6ubuntu3) focal; urgency=medium
* d/p/1000-doc-tools-py3.patch, d/rules, d/control: use python3 for
doc building (LP: #1858496)
-- Andreas Hasenack <email address hidden> Thu, 09 Jan 2020 11:11:49 -0300
-
krb5 (1.17-6ubuntu2) focal; urgency=medium
* Build-depend on python2.
-- Dimitri John Ledkov <email address hidden> Thu, 09 Jan 2020 03:08:25 +0000
-
krb5 (1.17-6ubuntu1) focal; urgency=medium
* d/control: add "Multi-Arch: foreign" to allow krb5-doc to be used as
a dependency of architecture-dependent packages. In particular, this
lets krb5-doc:i386 be installed on an amd64 host. See
https://lists.ubuntu.com/archives/ubuntu-devel/2019-December/040859.html
for details.
-- Andreas Hasenack <email address hidden> Mon, 06 Jan 2020 16:24:39 -0300
-
krb5 (1.17-6) unstable; urgency=medium
* Stop depending on texlive-generic-extra, which is no longer built,
Closes: #933286
-- Sam Hartman <email address hidden> Thu, 01 Aug 2019 14:15:13 -0400