-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 30 Mar 2020 19:46:43 -0700 Binary: libpam-heimdal libpam-heimdal-dbgsym libpam-krb5 libpam-krb5-dbgsym Source: libpam-krb5 Architecture: amd64 source Version: 4.9-1 Distribution: unstable Urgency: high Maintainer: Russ Allbery <rra@debian.org> Changed-By: Russ Allbery <rra@debian.org> Closes: 871699 Description: libpam-heimdal - PAM module for Heimdal Kerberos libpam-krb5 - PAM module for MIT Kerberos Changes: libpam-krb5 (4.9-1) unstable; urgency=high . * New upstream release. - Fix potential one-byte buffer overflow when relaying prompts from the underlying Kerberos library. (CVE-2020-10595) - Support use_pkinit with MIT Kerberos. (Closes: #871699) - Reject passwords as long or longer than PAM_MAX_RESP_SIZE (512 octets) to avoid denial of service attacks. - Use explicit_bzero to erase passwords before freeing. - Return more accurate errors from the Kerberos prompter function. - Fix an edge-case memory leak in pam_chauthtok. * Update to debhelper compatibility level V12. - Depend on debhelper-compat instead of debhelper. * Update standards version to 4.5.0 (no changes required). * Refresh upstream signing key. Checksums-Sha1: 739fe416845921cf4a40cd01aa5377901cdc5e2d 1806 libpam-krb5_4.9-1.dsc b37899ef082bf27ed778c924029cbe7cd6ce653e 424932 libpam-krb5_4.9.orig.tar.xz ffd23ede7094eaa342c5d8ba3e3cf8935f67d3a7 26168 libpam-krb5_4.9-1.debian.tar.xz 51ee0e9ca557039bee7156f8e2d07abcc2989536 62868 libpam-heimdal-dbgsym_4.9-1_amd64.deb 08d5ed1542909301f9551c3225ecfe7d80aee1d0 88744 libpam-heimdal_4.9-1_amd64.deb 4ab86904d5d245479d46062cfb19bd810a475dd6 61396 libpam-krb5-dbgsym_4.9-1_amd64.deb 461e8621280a89cc69fc186a0c1e67bc77adb953 7612 libpam-krb5_4.9-1_amd64.buildinfo 3fb7e90406d53ecee79ac9ec9cf8d6c57d634b1b 91924 libpam-krb5_4.9-1_amd64.deb Checksums-Sha256: 0e6437ff7c99688f3eea12b534e119a845657c769aed05870744a0266cf673a5 1806 libpam-krb5_4.9-1.dsc 915445fd492c8afde497090760035043edba44660d1c53ce8cb6477b0f80b6f3 424932 libpam-krb5_4.9.orig.tar.xz 17be307d8a5f5d709c166ff23e5b2bc5667f2f6f99bec22359a54bc3feb4e191 26168 libpam-krb5_4.9-1.debian.tar.xz 5fdf1bb87c2f05ffff5fb6186a8423d017375dd130ba9ea148be8e5f702adace 62868 libpam-heimdal-dbgsym_4.9-1_amd64.deb 68c0fa48d90661f9b2f03ec083a66ab0eea088ba9a6e795d48e01c0eb4e484e4 88744 libpam-heimdal_4.9-1_amd64.deb ecf3ca57e43eb29c64aeb4423e42ebbd1fd2fe91f8dda278f982d76b9bbdd1ca 61396 libpam-krb5-dbgsym_4.9-1_amd64.deb 058a516a4b9cbfb4a2daa39e2490453778bea0185a0cfde2bccba3a9ca2bf782 7612 libpam-krb5_4.9-1_amd64.buildinfo 996e477badc1f171ba81ff79e8ce5758b3479a084370ba12ba753810fc85e3de 91924 libpam-krb5_4.9-1_amd64.deb Files: ea1ec32bbb04ccda253db3deb1c4c8fb 1806 admin optional libpam-krb5_4.9-1.dsc 97d9375dd6d5a5847b37a578003bf2c6 424932 admin optional libpam-krb5_4.9.orig.tar.xz d09d5a8213e7babb225b521b1f7a455c 26168 admin optional libpam-krb5_4.9-1.debian.tar.xz 3b6b921df12210450100c5d3b5d4a753 62868 debug optional libpam-heimdal-dbgsym_4.9-1_amd64.deb cfe86b0e4217adb2589cb30a5c0dbca6 88744 admin optional libpam-heimdal_4.9-1_amd64.deb 1e29e290282925eeeae2b963d7f216c3 61396 debug optional libpam-krb5-dbgsym_4.9-1_amd64.deb 9f6ca0ab67b27b3a296cb015d926cc4c 7612 admin optional libpam-krb5_4.9-1_amd64.buildinfo 9c2454bd9eb301f9fdb6e046eb6d7c5b 91924 admin optional libpam-krb5_4.9-1_amd64.deb -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE1zk0tJZ0z1zNmsJ4fYAxXFc23nUFAl6CtSAACgkQfYAxXFc2 3nUtXggAvx9u0fksji5G6HaUEQ2LpDljBjjQfZSoulhvgfiUgkqKhwbBcsqJEZEw LtxR9/sSRFyf3FMIn4IpI/kAOn8I4OCqhGbVuPPmFf43xAUVj4qgw+ScSOz4Ec1E NXLNqdQRb4Qt7rrMbjWAToANii52sujxx5BikBH6axMTHTwH2s9Oewuq/OtHwNbR TMcK2RyKs0rxlo15qJObtG/B6wLPJgDqDm8U8QWZ7ePrmyMXbFvX6N09wtFqMe2+ 2ok+5BZr9+YScmI8LJ1ihtY28WmpPg+DV6EQhE1OC1oTmRLNM9NuoVlWYmE2fuAG stWzwPKPrbdu4wnb253sr/5vIYih8w== =Q4oQ -----END PGP SIGNATURE-----
