-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 03 Jan 2010 15:31:06 -0500 Source: krb5 Binary: libkadm55 libkrb53 krb5-user krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd krb5-kdc krb5-kdc-ldap krb5-admin-server libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc Architecture: source all i386 Version: 1.6.dfsg.4~beta1-5lenny2 Distribution: stable-security Urgency: high Maintainer: Sam Hartman <hartmans@debian.org> Changed-By: Sam Hartman <hartmans@debian.org> Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos krb5-doc - Documentation for MIT Kerberos krb5-ftpd - Secure FTP server supporting MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos krb5-telnetd - Secure telnet server supporting MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libkadm55 - MIT Kerberos administration runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb53 - MIT Kerberos runtime libraries Changes: krb5 (1.6.dfsg.4~beta1-5lenny2) stable-security; urgency=high . * cve-2009-4212, MIT-KRB5-SA-2009-004: Integer underflows in AES and RC4 decriptions. This can definitely lead to a DOS attack and potentially may leae to execution of unexpected code. It's potentially possible that arbitrary code could be executed, although much more likely that permuted heap contents or buffers not under attacker control will be executed. Checksums-Sha1: 16b70ec758e2c056457a9b9fd1c2bfb09d60fe6a 1536 krb5_1.6.dfsg.4~beta1-5lenny2.dsc f6a73295bc939489e86a720e535163788b1fddb5 847479 krb5_1.6.dfsg.4~beta1-5lenny2.diff.gz b2534602c9939462cf80fb06941bc48cce4c8594 2148814 krb5-doc_1.6.dfsg.4~beta1-5lenny2_all.deb 1a2af845ceac7b6133f979297d38dbe08f6c9fbc 153804 libkadm55_1.6.dfsg.4~beta1-5lenny2_i386.deb 811118b9d76752c37e83a58adf57625dfc37a80c 481642 libkrb53_1.6.dfsg.4~beta1-5lenny2_i386.deb 4eac9ee1d938591ffb8e5719f238abf5c8358aa5 137568 krb5-user_1.6.dfsg.4~beta1-5lenny2_i386.deb be1c0ae0701122f2f5f1ca6a164d171c3dc48900 210378 krb5-clients_1.6.dfsg.4~beta1-5lenny2_i386.deb 9b41ea5aff19097f55721b5598ee4e009ba9dcea 88312 krb5-rsh-server_1.6.dfsg.4~beta1-5lenny2_i386.deb c3ee948ad52fb30e1c1b3844c4c2926062e628a2 64352 krb5-ftpd_1.6.dfsg.4~beta1-5lenny2_i386.deb 6537cc32ee4671f697474f610ab0a480a678f01c 70898 krb5-telnetd_1.6.dfsg.4~beta1-5lenny2_i386.deb f502653d3d4d07d6a1614e42091d5d7cfeb248ef 186216 krb5-kdc_1.6.dfsg.4~beta1-5lenny2_i386.deb 0f84623b9e04b50707989f771d6a0d2d20f83a2a 102830 krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny2_i386.deb b2680b22d6fd24b96c6a2c58cd6c15ee9e72c8e2 87556 krb5-admin-server_1.6.dfsg.4~beta1-5lenny2_i386.deb 5b2ac0e028b5960929b27f334685a9fd7c30db84 92704 libkrb5-dev_1.6.dfsg.4~beta1-5lenny2_i386.deb 648154fc671614179a47b924d7ac3a5e5540c8ee 1413950 libkrb5-dbg_1.6.dfsg.4~beta1-5lenny2_i386.deb 14403ca67baad5a4a99bb37faf929dce07588f03 65240 krb5-pkinit_1.6.dfsg.4~beta1-5lenny2_i386.deb Checksums-Sha256: 02b7b3203415c46a10e67677410c6b620e4d0b3743c76802c43d1098b302e324 1536 krb5_1.6.dfsg.4~beta1-5lenny2.dsc 3b427478bdd8d89b01fb1e9413f2fb160c2b6babc6eba21b80ff5e9a1cc45c49 847479 krb5_1.6.dfsg.4~beta1-5lenny2.diff.gz e9d0462a0ff01af0bc4a1afea151559f232907a8d0f428d44d498727fd54a7e7 2148814 krb5-doc_1.6.dfsg.4~beta1-5lenny2_all.deb 8877e7e37a520f39b50e65beda8a1c71364edc7d277c9972b3e4b0816eaae1d0 153804 libkadm55_1.6.dfsg.4~beta1-5lenny2_i386.deb 8b450774d49ed910aa8c064b69dc3ee478f7f949b0bc339086fdf1a007fca47b 481642 libkrb53_1.6.dfsg.4~beta1-5lenny2_i386.deb 6c988ecd0f094e20de252b0a5375f047e578cd22311f8fb2b798f4d7c33d677f 137568 krb5-user_1.6.dfsg.4~beta1-5lenny2_i386.deb 02662c1db4230940ce11552800827225170d6b06a4e0144bdd58b78c36c4348a 210378 krb5-clients_1.6.dfsg.4~beta1-5lenny2_i386.deb d76f088b26afb1ad6fd6e5021eba2e5e4fb049440518e84d1896a7ee74f86e89 88312 krb5-rsh-server_1.6.dfsg.4~beta1-5lenny2_i386.deb 73579c6d3b17e90d334a23fad6f4f737ad82342f975529b044fadd9b2c51724b 64352 krb5-ftpd_1.6.dfsg.4~beta1-5lenny2_i386.deb 133627bf358047ef50e601b09c7a0cf12ec584bc4679986083c2daccffcd99bb 70898 krb5-telnetd_1.6.dfsg.4~beta1-5lenny2_i386.deb 6747fd7c843581a6a0c5004548384cb72d036b75fa00d6d656446cf84017d163 186216 krb5-kdc_1.6.dfsg.4~beta1-5lenny2_i386.deb a631fe638bd8fa865006e48a20e215ffcd71051385bf68edb13e1f9e68a3f9f0 102830 krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny2_i386.deb 35b97cc768926fce8c5b5fe6d886d3af8eb238335435685c40d10c5aff4cba3b 87556 krb5-admin-server_1.6.dfsg.4~beta1-5lenny2_i386.deb d9299823a72a91a212ed08d263f97867f083577cf64e16e6a029c12df87df0e2 92704 libkrb5-dev_1.6.dfsg.4~beta1-5lenny2_i386.deb 752fe2948c15a5f993e3c98c777f172eee48ab84a1f1181765dc265102733b15 1413950 libkrb5-dbg_1.6.dfsg.4~beta1-5lenny2_i386.deb 5c9fe863bbdfea75cdd4d704d525e74766c2a25ef65f8acb86f298cfcf160ee8 65240 krb5-pkinit_1.6.dfsg.4~beta1-5lenny2_i386.deb Files: 517483a1b196783a6b930ce5279b35e8 1536 net standard krb5_1.6.dfsg.4~beta1-5lenny2.dsc 4863ad37f712731b55e989f650681cf6 847479 net standard krb5_1.6.dfsg.4~beta1-5lenny2.diff.gz 033ed1efe5d8f0f156fc494706c808b5 2148814 doc optional krb5-doc_1.6.dfsg.4~beta1-5lenny2_all.deb 7849b458fd30c031168ec4d95aacee66 153804 libs optional libkadm55_1.6.dfsg.4~beta1-5lenny2_i386.deb 04ebe294248341111f1de90d9bc43fae 481642 libs standard libkrb53_1.6.dfsg.4~beta1-5lenny2_i386.deb 730328f701319ac74f2a13654af52e1a 137568 net optional krb5-user_1.6.dfsg.4~beta1-5lenny2_i386.deb dfbd50409d17aab6392e730b98dafbca 210378 net optional krb5-clients_1.6.dfsg.4~beta1-5lenny2_i386.deb b3bb0f731ea641305db2337209805297 88312 net optional krb5-rsh-server_1.6.dfsg.4~beta1-5lenny2_i386.deb e7397761d38609dcb1dbc89dd563f13f 64352 net extra krb5-ftpd_1.6.dfsg.4~beta1-5lenny2_i386.deb f0a680d86b77d362f82f14a8e280b307 70898 net extra krb5-telnetd_1.6.dfsg.4~beta1-5lenny2_i386.deb 4e892700eda91de2bee99398963deb69 186216 net optional krb5-kdc_1.6.dfsg.4~beta1-5lenny2_i386.deb 0757e35a188349c39632761e01f23a56 102830 net extra krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny2_i386.deb f3c9bc00276872a9b154324afd41e705 87556 net optional krb5-admin-server_1.6.dfsg.4~beta1-5lenny2_i386.deb f42ade4fdc92a8ab38d4ddf96432a9bd 92704 libdevel extra libkrb5-dev_1.6.dfsg.4~beta1-5lenny2_i386.deb e802d6567ed223d6beca19b7d6272389 1413950 libdevel extra libkrb5-dbg_1.6.dfsg.4~beta1-5lenny2_i386.deb 665d15a9b1e44a7424b35cfcadd39474 65240 net extra krb5-pkinit_1.6.dfsg.4~beta1-5lenny2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAktGXRQACgkQ/I12czyGJg+zwgCg0bGBNn4bZR2dlxiAAeE2ewBd DtIAmQGkLUfPRLHquGqy8HsD86cFM34N =U9ly -----END PGP SIGNATURE----- Accepted: krb5-admin-server_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny2_i386.deb krb5-clients_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny2_i386.deb krb5-doc_1.6.dfsg.4~beta1-5lenny2_all.deb to main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5lenny2_all.deb krb5-ftpd_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny2_i386.deb krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny2_i386.deb krb5-kdc_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny2_i386.deb krb5-pkinit_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny2_i386.deb krb5-rsh-server_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny2_i386.deb krb5-telnetd_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny2_i386.deb krb5-user_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny2_i386.deb krb5_1.6.dfsg.4~beta1-5lenny2.diff.gz to main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny2.diff.gz krb5_1.6.dfsg.4~beta1-5lenny2.dsc to main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny2.dsc libkadm55_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny2_i386.deb libkrb5-dbg_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny2_i386.deb libkrb5-dev_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny2_i386.deb libkrb53_1.6.dfsg.4~beta1-5lenny2_i386.deb to main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny2_i386.deb