Debian Package Tracker

From: Sam Hartman <hartmans@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted krb5 1.4.3-1 (source i386 all)
Date: Sat, 19 Nov 2005 20:17:13 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 19 Nov 2005 16:20:56 -0500
Source: krb5
Binary: krb5-doc libkrb5-dev krb5-rsh-server krb5-user krb5-ftpd libkadm55 libkrb53 krb5-clients krb5-telnetd krb5-kdc krb5-admin-server
Architecture: source i386 all
Version: 1.4.3-1
Distribution: experimental
Urgency: high
Maintainer: Sam Hartman <hartmans@debian.org>
Changed-By: Sam Hartman <hartmans@debian.org>
Description: 
 krb5-admin-server - MIT Kerberos master server (kadmind)
 krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos
 krb5-doc   - Documentation for MIT Kerberos
 krb5-ftpd  - Secure FTP server supporting MIT Kerberos
 krb5-kdc   - MIT Kerberos key server (KDC)
 krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos
 krb5-telnetd - Secure telnet server supporting MIT Kerberos
 krb5-user  - Basic programs to authenticate using MIT Kerberos
 libkadm55  - MIT Kerberos administration runtime libraries
 libkrb5-dev - Headers and development libraries for MIT Kerberos
 libkrb53   - MIT Kerberos runtime libraries
Closes: 78953 96437 135517 154381 154384 157736 165521 244595 262916 264366 264941 269685 271456 274763 289358 292512 293077 293182 306883 307748 311977 312172 314609 315618 319704 324305 329709
Changes: 
 krb5 (1.4.3-1) experimental; urgency=low
 .
   * New upstream release
       * Install ac_check_krb5 for use by aclocal
 .
 krb5 (1.4.2-1) UNRELEASED; urgency=low
 .
   * New upstream version.  (Closes: #293077)
     - kadmind4, v5passwdd, and v5passwd are no longer included.
     - Increase the libkrb53 shlibs version dependency.  Programs linked
       against this version will not work with an older libkrb53.
     - Rebuild should fix link problems on powerpc.  (Closes: #329709)
   * Re-enable optimization on m68k to stop hiding the toolchain problem.
   * Don't build crypto code -O3.  It uncovers too many gcc bugs.
   * Fix compilation on Hurd.  Thanks, Michael Banck.  (Closes: #324305)
   * Always initialize the output token in gss_init_sec_context, even with
     an unknown mechanism.  (Closes: #311977)
   * rcp should fall back to /usr/bin/netkit-rcp, not /usr/bin/rpc.
   * Add the missing shared library depends for libkadm55.
   * Use dh_install rather than dh_movefiles and enable --fail-missing to
     be sure to pick up any new upstream files.
   * Avoid test -a in maintainer scripts.
   * Expand and reformat the documentation and sample kdc.conf file.
   * Add a doc-base file for the krb425 migration guide.
   * Ignore lintian warnings about the library package names.  We'll fix
     them the next time upstream changes SONAMEs.
   * Conflict with packages that used internal symbols not part of the
     public ABI
   * Use "MIT Kerberos" rather than krb5 in the krb5-doc short description.
   * Remove the saved patches that have been applied upstream or are no
     longer applied to the package, update the remaining patches, and move
     them into debian/patches.
   * Break out the other patches of interest for ease submitting them
     upstream.
   * Translation updates.
     - Vietnamese, thanks Clytie Siddall.  (Closes: #319704)
 .
 krb5 (1.3.6-5) unstable; urgency=high
 .
   * Disable optimization on m68k to attempt to work around a gcc 4.0 bug.
 .
 krb5 (1.3.6-4) unstable; urgency=high
 .
   [ Russ Allbery ]
   * Fix a mistake in variable names that caused the package to be built
     without optimization.
   * Allow whitespace before comments in krb5.conf.  Thanks, Jeremie
     Koenig.  (Closes: #314609)
   * GCC 4.0 compile fixes, thanks Daniel Schepler.  (Closes: #315618)
   * Avoid "say yes" in debconf templates.  (Closes: #306883)
   * Update Czech translation, thanks Miroslav Kure.
   * Update French translation, thanks Christian Perrier.  (Closes: #307748)
   * Update Portuguese (Brazil) translation, thanks André Luís Lopes.
   * New Vietnamese translation, thanks Clytie Siddall.  (Closes: #312172)
   * Update standards version to 3.6.2 (no changes required).
   * DAK can now handle not repeating maintainers in uploaders.
 .
   [ Sam Hartman ]
   * Fix double free in krb5_recvauth; critical because it is in the code
     path for kpropd and may allow arbitrary code execution.
     (CAN-2005-1689)
   * krb5_unparse_name overflows allocated storage by one byte on 0 element
     principal name.  (CAN-2005-1175, VU#885830)
   * Do not free unallocated storage in the KDC's TCP request handling
     path.  (CAN-2005-1174, VU#259798)
 .
 krb5 (1.3.6-3) unstable; urgency=low
 .
   * krb5-kdc: Install a commented-out line for kpropd with update-inetd.
     Add dependency on netbase for update-inetd.  (Closes: #293182)
   * krb5-kdc: Ask with debconf whether the user wishes to delete the KDC
     database on purge, modelled after how postgresql handles the same
     situation.  (Closes: #289358)
   * Close leak in the arcfour crypto support.  Thanks, fumihiko kakuma.
     (Closes: #244595)
   * krb5-config should never return -I/usr/include.  (Closes: #165521)
   * Write manual pages for fakeka, krb524init, kadmind4, and v5passwdd.
     Backport from upstream the manual pages for krb5-config and krb524d.
     (Closes: #78953, #96437)
   * Fix paths in manual pages to match the Debian defaults.  Fix service
     in the inetd.conf example in the kpropd man page to work with Debian
     /etc/services.  (Closes: #157736)
   * Fix references to kerberos(1) in the rlogin and kinit man pages and
     include kerberos.1 in krb5-doc.  (Closes: #154381, #154384)
   * Add more detailed information about each package to the extended
     descriptions.  (Closes: #135517)
   * krb5-doc: Include info pages.  (Closes: #292512)
   * krb5-doc: Fix two minor variable name problems in the texinfo docs.
   * Let dh_installdebconf set the debconf dependency.
   * Update standards version to 3.6.1.
     - Support noopt in DEB_BUILD_OPTIONS.
     - Let debhelper take care of calling ldconfig appropriately.
     - Remove calls to dh_undocumented.
     - Remove lintian overrides for links to the undocumented man page.
     - Install kdc.conf template in /usr/share/krb5-kdc rather than
       /usr/share/krb5 (policy 10.7.3 states the directory should be named
       after the package).
     - Symlink the kdc.conf template to /usr/share/doc/krb5-kdc/examples
       per policy 10.7.3 since it's also a useful example.
   * Update debhelper compatibility level to V4.
     - Remove all *.conffiles control files.  They're no longer needed.
   * rules generally cleaned up.  Commented out and unused debhelper programs
     removed as the set being run wasn't comprehensive anyway.  Invocation
     order now matches the debhelper examples.
   * Removed (s) from copyright to make lintian happier.
   * Removed unnecessary lintian override for libkrb53.
   * Add lintian overrides for the duplicate dependencies on krb5 libraries.
 .
 krb5 (1.3.6-2) unstable; urgency=high
 .
   * Package priority to standard
   * Fix buffer overflow in slc_add_reply in telnet.c (CAN-2005-0469)
   * Fix telnet.c env_opt_add buffer overflow (CAN-2005-0468)
   * Note that both of these vulnerabilities are client-side
     vulnerabilities that can be exploited only by a server.
 .
 krb5 (1.3.6-1) unstable; urgency=medium
 .
   * New upstream version
   * Changing a password afwter the size of password history has been
     reduced may  double free or write past end of an arry; fix
     (CAN-2004-1189 / CERT VU#948033)
   * Conflict between krb5-kdc and kerberos4kth-kdc; also deals with
     krb5-admin-server conflict indirectly, Closes: #274763
 .
 krb5 (1.3.5-1) unstable; urgency=low
 .
   * New pt_br debconf translation, Cluses: #278734
   * New upstream version
   * Part of the fix to #261712: allow ftpd to build on gnu/bsd
 .
 krb5 (1.3.4-4) unstable; urgency=high
 .
   * Fix what is hopefully the last remnant of the patch to gettextize the
     debconf without making the code consistent, thanks Thimo Neubauer,
     Closes: #271456
   * Fix krb5_newrealm man page to better describe dependencies, thanks
     Rachel Elizabeth Dillon , Closes: #269685
 .
 krb5 (1.3.4-3) unstable; urgency=high
 .
   * Initial Czech translations thanks to  Miroslav Kure, Closes: #264366
   * Updated French debconf translation, thanks Martin Quinson, Closes: #264941
   * KDC and clients double-free on error conditions (CAN-2004-0642  VU#795632)
   *krb5_rd_cred() double-frees on error conditions(CAN-2004-0643 , CERT
     VU#866472 )
   * ASN.1 decoder in MIT Kerberos 5 releases krb5-1.3.4 and
     earlier allows unauthenticated remote attackers to induce
     infinite loop, causing denial of service, including in KDC
     code  (CAN-2004-0644 , CERT VU#550464)
   * Fix double free in krb524d  handling of encrypted ticket contents
     (CAN-2004-0772)
 .
 krb5 (1.3.4-2) unstable; urgency=low
 .
   * Fix doc-base files, Closes: #262916
Files: 
 c2c44e3164fc1292657f5e039a5acd96 832 net standard krb5_1.4.3-1.dsc
 43fe621ecb849a83ee014dfb856c54af 7279788 net standard krb5_1.4.3.orig.tar.gz
 c6170a1d68f0e6ebe540cf7c0ae3131b 1440560 net standard krb5_1.4.3-1.diff.gz
 2cf883a417993ac57891719bf84c5aaa 855708 doc optional krb5-doc_1.4.3-1_all.deb
 a367e0a5ec356d1db9a05298116b3342 167278 libs optional libkadm55_1.4.3-1_i386.deb
 df184ba3f24bee9357725f3c9c6c5967 353634 libs standard libkrb53_1.4.3-1_i386.deb
 7d02a8749ff4d1397a08e3436785dded 118210 net optional krb5-user_1.4.3-1_i386.deb
 e92904656438e03e2343de62152cd8ff 189552 net optional krb5-clients_1.4.3-1_i386.deb
 553b5d5f677e5aa1572e99647a218b23 75082 net optional krb5-rsh-server_1.4.3-1_i386.deb
 afb1b3d8254cebd6d54c4373fe2cb5ea 53744 net extra krb5-ftpd_1.4.3-1_i386.deb
 07da5eef6d91ac772c1e1328f4165242 58866 net extra krb5-telnetd_1.4.3-1_i386.deb
 a301c2648e1ea0b06ca4e491fd477742 120300 net optional krb5-kdc_1.4.3-1_i386.deb
 f9790a8464d767c6986f0d95e5095b8a 70766 net optional krb5-admin-server_1.4.3-1_i386.deb
 4ddfb3f27c5df309b41f1765c72869c8 80130 libdevel extra libkrb5-dev_1.4.3-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDf/Tv/I12czyGJg8RAnUDAJ482T9GQLLnyxR9tMq8EPM4Wc37wQCfaJhA
i6wm6xst8F3Xayue1qAJCvQ=
=hH4Z
-----END PGP SIGNATURE-----


Accepted:
krb5-admin-server_1.4.3-1_i386.deb
  to pool/main/k/krb5/krb5-admin-server_1.4.3-1_i386.deb
krb5-clients_1.4.3-1_i386.deb
  to pool/main/k/krb5/krb5-clients_1.4.3-1_i386.deb
krb5-doc_1.4.3-1_all.deb
  to pool/main/k/krb5/krb5-doc_1.4.3-1_all.deb
krb5-ftpd_1.4.3-1_i386.deb
  to pool/main/k/krb5/krb5-ftpd_1.4.3-1_i386.deb
krb5-kdc_1.4.3-1_i386.deb
  to pool/main/k/krb5/krb5-kdc_1.4.3-1_i386.deb
krb5-rsh-server_1.4.3-1_i386.deb
  to pool/main/k/krb5/krb5-rsh-server_1.4.3-1_i386.deb
krb5-telnetd_1.4.3-1_i386.deb
  to pool/main/k/krb5/krb5-telnetd_1.4.3-1_i386.deb
krb5-user_1.4.3-1_i386.deb
  to pool/main/k/krb5/krb5-user_1.4.3-1_i386.deb
krb5_1.4.3-1.diff.gz
  to pool/main/k/krb5/krb5_1.4.3-1.diff.gz
krb5_1.4.3-1.dsc
  to pool/main/k/krb5/krb5_1.4.3-1.dsc
krb5_1.4.3.orig.tar.gz
  to pool/main/k/krb5/krb5_1.4.3.orig.tar.gz
libkadm55_1.4.3-1_i386.deb
  to pool/main/k/krb5/libkadm55_1.4.3-1_i386.deb
libkrb5-dev_1.4.3-1_i386.deb
  to pool/main/k/krb5/libkrb5-dev_1.4.3-1_i386.deb
libkrb53_1.4.3-1_i386.deb
  to pool/main/k/krb5/libkrb53_1.4.3-1_i386.deb
News for package krb5
