-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 26 Jun 2007 09:05:45 -0700
Source: krb5
Binary: krb5-doc libkrb5-dev krb5-rsh-server krb5-user krb5-ftpd libkadm55 libkrb53 krb5-clients krb5-telnetd krb5-kdc krb5-admin-server
Architecture: source i386 all
Version: 1.3.6-2sarge5
Distribution: oldstable-security
Urgency: emergency
Maintainer: Sam Hartman <hartmans@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description:
krb5-admin-server - Mit Kerberos master server (kadmind)
krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos
krb5-doc - Documentation for krb5
krb5-ftpd - Secure FTP server supporting MIT Kerberos
krb5-kdc - Mit Kerberos key server (KDC)
krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos
krb5-telnetd - Secure telnet server supporting MIT Kerberos
krb5-user - Basic programs to authenticate using MIT Kerberos
libkadm55 - MIT Kerberos administration runtime libraries
libkrb5-dev - Headers and development libraries for MIT Kerberos
libkrb53 - MIT Kerberos runtime libraries
Changes:
krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency
.
* MIT-SA-2007-4: The kadmin RPC library can free an uninitialized
pointer or write past the end of a stack buffer. This may lead to
execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443)
* MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that
may lead to execution of arbitrary code. (CVE-2007-2798)
Files:
b600466763baa4f89a8fed5a832eb9d3 782 net standard krb5_1.3.6-2sarge5.dsc
0e9dfa39e8db2e0ce871ba40c46c925e 669293 net standard krb5_1.3.6-2sarge5.diff.gz
58c01536ff87db5d3492264349fe844c 718836 doc optional krb5-doc_1.3.6-2sarge5_all.deb
1c0b1e4889d92cc0c97daadc189aa743 165626 libs optional libkadm55_1.3.6-2sarge5_i386.deb
28cb1b7e93d7e9b242c26e3fadb14bb5 349298 libs standard libkrb53_1.3.6-2sarge5_i386.deb
acb7e4b04bf386e8594e449fd9a95dc8 127798 net optional krb5-user_1.3.6-2sarge5_i386.deb
964c7c623b644452dfe58f2ee2b86dc0 191416 net optional krb5-clients_1.3.6-2sarge5_i386.deb
5a79c1c8d595581fdcc27ccdcda612a2 75788 net optional krb5-rsh-server_1.3.6-2sarge5_i386.deb
7a361e5a8227cf636453ca3aefc54c9b 52786 net extra krb5-ftpd_1.3.6-2sarge5_i386.deb
037209dc7761a16fc5282e6b373a8fca 57662 net extra krb5-telnetd_1.3.6-2sarge5_i386.deb
a4af925389a4d55abc9704f05ac052b1 116206 net optional krb5-kdc_1.3.6-2sarge5_i386.deb
44f32bde8d022a5470a42140d1bcb954 95562 net optional krb5-admin-server_1.3.6-2sarge5_i386.deb
8aac1db731617b5015c45e51e6b30f20 574668 libdevel extra libkrb5-dev_1.3.6-2sarge5_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGqgFMhuANDBmkLRkRAkBfAKCXS8PgafcFmImORggxx8Crwmf/fgCeM+NB
Be8DFLKpRa540FgyXgcqI/o=
=VzJ7
-----END PGP SIGNATURE-----
Accepted:
krb5-admin-server_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/krb5-admin-server_1.3.6-2sarge5_i386.deb
krb5-clients_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/krb5-clients_1.3.6-2sarge5_i386.deb
krb5-doc_1.3.6-2sarge5_all.deb
to pool/main/k/krb5/krb5-doc_1.3.6-2sarge5_all.deb
krb5-ftpd_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/krb5-ftpd_1.3.6-2sarge5_i386.deb
krb5-kdc_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/krb5-kdc_1.3.6-2sarge5_i386.deb
krb5-rsh-server_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/krb5-rsh-server_1.3.6-2sarge5_i386.deb
krb5-telnetd_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/krb5-telnetd_1.3.6-2sarge5_i386.deb
krb5-user_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/krb5-user_1.3.6-2sarge5_i386.deb
krb5_1.3.6-2sarge5.diff.gz
to pool/main/k/krb5/krb5_1.3.6-2sarge5.diff.gz
krb5_1.3.6-2sarge5.dsc
to pool/main/k/krb5/krb5_1.3.6-2sarge5.dsc
libkadm55_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/libkadm55_1.3.6-2sarge5_i386.deb
libkrb5-dev_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/libkrb5-dev_1.3.6-2sarge5_i386.deb
libkrb53_1.3.6-2sarge5_i386.deb
to pool/main/k/krb5/libkrb53_1.3.6-2sarge5_i386.deb
