-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 20 Nov 2010 14:50:54 -0500 Source: krb5 Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit7 libkadm5clnt-mit7 libk5crypto3 libkdb5-4 libkrb5support0 libkrb53 Architecture: source all amd64 Version: 1.8.3+dfsg-3 Distribution: unstable Urgency: emergency Maintainer: Sam Hartman <hartmans@debian.org> Changed-By: Sam Hartman <hartmans@debian.org> Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-doc - Documentation for MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-multidev - Development files for MIT Kerberos without Heimdal conflict krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit7 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit7 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-4 - MIT Kerberos runtime libraries - Kerberos database libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb53 - transitional package for MIT Kerberos libraries libkrb5support0 - MIT Kerberos runtime libraries - Support library Closes: 601533 Changes: krb5 (1.8.3+dfsg-3) unstable; urgency=emergency . * MITKRB5-SA-2010-007 * CVE-2010-1324: An unauthenticated attacker can inject arbitrary content into an existing GSS connection that appears to be integrity protected from the legitimate peer under some circumstances * GSS applications may accept a PAC produced by an attacker as if it were signed by a KDC * CVE-2010-1323: attackers have a 1/256 chance of being able to produce krb_safe messages that appear to be from legitimate remote sources. Other than use in KDC database copies this may not be a huge issue only because no one actually uses krb_safe messages. Similarly, an attacker can force clients to display challenge/response values of the attacker's choice. * CVE-2010-4020: An attacker may be able to generate what is accepted as a ad-signedpath or ad-kdc-issued checksum with 1/256 probability * New Vietnamese debconf translations, Thanks Clytie Siddall, Closes: #601533 * Update standards version to 3.9.1 (no changes required Checksums-Sha1: 2ac42d4c9efe4ca096d8eb94586958b24ab4dd1f 1578 krb5_1.8.3+dfsg-3.dsc 0e455b4094c8bf7538e6b6cf1d4ac34efb744b1d 100881 krb5_1.8.3+dfsg-3.diff.gz b233b1055ed87ec64ec550041617e6642900b261 2254844 krb5-doc_1.8.3+dfsg-3_all.deb b63ed298c3ed3bb883626ba60293e1b91d27d6f3 1372732 libkrb53_1.8.3+dfsg-3_all.deb 5a5aa514e90b9af6130f84768658e10d1bffc748 138494 krb5-user_1.8.3+dfsg-3_amd64.deb d8c0c2ffdb51a9a0f6f5bc2aac6833f20ec0bd14 218710 krb5-kdc_1.8.3+dfsg-3_amd64.deb b7c53ca0e09884b2bdbe8ff86458d05d4bead44a 117748 krb5-kdc-ldap_1.8.3+dfsg-3_amd64.deb e536018424e0f4d313b34b60b7d40568eedced06 112730 krb5-admin-server_1.8.3+dfsg-3_amd64.deb b263579a82899e194a3915cb0dee531f4af9169b 103324 krb5-multidev_1.8.3+dfsg-3_amd64.deb 08307f1f769b537ee50f4a0e72259ff7106468fa 37070 libkrb5-dev_1.8.3+dfsg-3_amd64.deb 5a96b763c772cc80b9b9ca1ffe708d86b9be20a8 1627618 libkrb5-dbg_1.8.3+dfsg-3_amd64.deb ff03e4d0697ec6b788daa962defe1f36b3ac4254 77650 krb5-pkinit_1.8.3+dfsg-3_amd64.deb 33196e89f47fd08a7642f20d720bfe0ac0f1223b 374502 libkrb5-3_1.8.3+dfsg-3_amd64.deb f4c7beff34553ee31f986c2a4b22ee9c0716c838 130256 libgssapi-krb5-2_1.8.3+dfsg-3_amd64.deb efe3e4463acf5594452c0199e6ef85d7781b715b 83872 libgssrpc4_1.8.3+dfsg-3_amd64.deb 9d408f37c7f0d8eb5eaa34e788e3cf2bc26caead 78112 libkadm5srv-mit7_1.8.3+dfsg-3_amd64.deb cae03016a4b2ec72fceb5ffc294254e18a443709 64280 libkadm5clnt-mit7_1.8.3+dfsg-3_amd64.deb 7051abd4fe02d9279dbe1c82b564aebd92c16cf3 105994 libk5crypto3_1.8.3+dfsg-3_amd64.deb e0fcb0ee687ed1c99a3397d5989171d1b3827f83 63748 libkdb5-4_1.8.3+dfsg-3_amd64.deb 7a49f05620794cecd5c1bfbb173d26f7f753016f 45622 libkrb5support0_1.8.3+dfsg-3_amd64.deb Checksums-Sha256: 97c0abc7aa097fe424c86416f83a6815133e3399e285be0fa1714ba0fdd4cad7 1578 krb5_1.8.3+dfsg-3.dsc c8e2040cf81cc2f8e4b6f9e466962e8ed31e3d650afeb788db8014da510d272d 100881 krb5_1.8.3+dfsg-3.diff.gz e903478d2484aa5659888adafa091955d1976041ff49af4aa26864caaa9b709d 2254844 krb5-doc_1.8.3+dfsg-3_all.deb c860343c354bf593cfa88409b2679afbeff0430da5e59789c2d2bc2448880cd1 1372732 libkrb53_1.8.3+dfsg-3_all.deb 5b1c39ff301020c2fe9ce7de3f05c524e978e3cd7c32ba37df41c37ef09db321 138494 krb5-user_1.8.3+dfsg-3_amd64.deb 15873dbf778edd8a5fee0f62b9d6cf106fecbd154b0a9c7b8a1b8f165724a916 218710 krb5-kdc_1.8.3+dfsg-3_amd64.deb 0474d6ac335889d40f5bc81ae03ca7988ef14224959875e80b41e6b268efd89e 117748 krb5-kdc-ldap_1.8.3+dfsg-3_amd64.deb 2749adf13a4fcb74a2ce0090ed7a077a878b56032abc87b73cc2ad41a3e80c6a 112730 krb5-admin-server_1.8.3+dfsg-3_amd64.deb 9fb78d66887091b0879be76d654bfb99330fd06d142b7339a2a972dd00227e34 103324 krb5-multidev_1.8.3+dfsg-3_amd64.deb 17363bb98e86c98ec1fba96f4c479b7208526cbcc56984243df9a43b574136fd 37070 libkrb5-dev_1.8.3+dfsg-3_amd64.deb 7a8bd6f2053c08b10a4e78f47879bf8a17b5c258b7cf6d613d9059fe0aa033a8 1627618 libkrb5-dbg_1.8.3+dfsg-3_amd64.deb 481472e7283c374fb7fb8cf8d066cad1209ac6d36513113dafd0101779caf3cc 77650 krb5-pkinit_1.8.3+dfsg-3_amd64.deb 07f62c02307aa2eb1d34a71ad3b4a7b2847ed88301a8ff4d6597706f32f695b6 374502 libkrb5-3_1.8.3+dfsg-3_amd64.deb 2d51a89248d1f06b8eb178d89d0afa1d181bc5cc8010164d2044c35427fab074 130256 libgssapi-krb5-2_1.8.3+dfsg-3_amd64.deb 92a5941af29670ade22d167753f150ceaa55cf0406c45102830e133cd9abea1d 83872 libgssrpc4_1.8.3+dfsg-3_amd64.deb 5d4306c590efac8e4aa36f5f8e70731f7724a3835057594421b64bb7d293af80 78112 libkadm5srv-mit7_1.8.3+dfsg-3_amd64.deb 9ef7453d47f1f66473f4269dd4e95e706a1835f5a7dc327735316f24f65037cd 64280 libkadm5clnt-mit7_1.8.3+dfsg-3_amd64.deb c46aac9910eaba9fd575fe15ad1d78f92c19a6bbf989e789135a1fa676f6c8d5 105994 libk5crypto3_1.8.3+dfsg-3_amd64.deb ff14c3f9b0ea253b73a5fe39362a9f53684fac4d2f5759ae5ce7d21bc3adaf98 63748 libkdb5-4_1.8.3+dfsg-3_amd64.deb 111dbee4a4d8806773a7c08c65980676e7062f2876317c07dee9b4ce91aca496 45622 libkrb5support0_1.8.3+dfsg-3_amd64.deb Files: 1abece01578a6da8339f9f643148597d 1578 net standard krb5_1.8.3+dfsg-3.dsc 7781a117812ec71dc96e7ece5fcd4e2e 100881 net standard krb5_1.8.3+dfsg-3.diff.gz a6fa1c86fe824b551a171903c128b01f 2254844 doc optional krb5-doc_1.8.3+dfsg-3_all.deb 730fcc90c486b4c1abdd253c30939653 1372732 oldlibs extra libkrb53_1.8.3+dfsg-3_all.deb 2a311464356da53f261e5401d07db5f6 138494 net optional krb5-user_1.8.3+dfsg-3_amd64.deb f74c62734786b8a3df07437989b1161d 218710 net optional krb5-kdc_1.8.3+dfsg-3_amd64.deb ede7b76a3042da1da467be194a437f53 117748 net extra krb5-kdc-ldap_1.8.3+dfsg-3_amd64.deb f8cdb62392da24442b4d57e14c378059 112730 net optional krb5-admin-server_1.8.3+dfsg-3_amd64.deb 5c45831a4adf5ee19ac429350e512ab9 103324 libdevel optional krb5-multidev_1.8.3+dfsg-3_amd64.deb f9ad21b7f821f20ae2556d9b3efbdccf 37070 libdevel extra libkrb5-dev_1.8.3+dfsg-3_amd64.deb 37b067919fd970f4244c9b6283d5080c 1627618 debug extra libkrb5-dbg_1.8.3+dfsg-3_amd64.deb c2ec118a875b02a8d95bd0a3385abf43 77650 net extra krb5-pkinit_1.8.3+dfsg-3_amd64.deb 467dc597aceec3a327eadd7203da4ccb 374502 libs standard libkrb5-3_1.8.3+dfsg-3_amd64.deb e9f648c1d68f4f9006b32ba4932f2293 130256 libs standard libgssapi-krb5-2_1.8.3+dfsg-3_amd64.deb 7490a633c4c849fecb68b4cf73a2b5c1 83872 libs standard libgssrpc4_1.8.3+dfsg-3_amd64.deb 8a7cc9e5bafaed8b6b7fecc773e08695 78112 libs standard libkadm5srv-mit7_1.8.3+dfsg-3_amd64.deb 23651693a54250e5d9f033b1b04ac158 64280 libs standard libkadm5clnt-mit7_1.8.3+dfsg-3_amd64.deb fa4f92c74d9db760d80dccdf47c298f5 105994 libs standard libk5crypto3_1.8.3+dfsg-3_amd64.deb 72a4c68a599484f6cce50df666b4c2e4 63748 libs standard libkdb5-4_1.8.3+dfsg-3_amd64.deb f02145b78779c1a0adc8f31b05d850e4 45622 libs standard libkrb5support0_1.8.3+dfsg-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkz1tP0ACgkQ/I12czyGJg+CFQCfUQOnDNsD2vcaOsEdwv+jIq7q CIMAn1SUF54a1q/6Y/lqXu1ds8N8YqiI =NVX3 -----END PGP SIGNATURE----- Accepted: krb5-admin-server_1.8.3+dfsg-3_amd64.deb to main/k/krb5/krb5-admin-server_1.8.3+dfsg-3_amd64.deb krb5-doc_1.8.3+dfsg-3_all.deb to main/k/krb5/krb5-doc_1.8.3+dfsg-3_all.deb krb5-kdc-ldap_1.8.3+dfsg-3_amd64.deb to main/k/krb5/krb5-kdc-ldap_1.8.3+dfsg-3_amd64.deb krb5-kdc_1.8.3+dfsg-3_amd64.deb to main/k/krb5/krb5-kdc_1.8.3+dfsg-3_amd64.deb krb5-multidev_1.8.3+dfsg-3_amd64.deb to main/k/krb5/krb5-multidev_1.8.3+dfsg-3_amd64.deb krb5-pkinit_1.8.3+dfsg-3_amd64.deb to main/k/krb5/krb5-pkinit_1.8.3+dfsg-3_amd64.deb krb5-user_1.8.3+dfsg-3_amd64.deb to main/k/krb5/krb5-user_1.8.3+dfsg-3_amd64.deb krb5_1.8.3+dfsg-3.diff.gz to main/k/krb5/krb5_1.8.3+dfsg-3.diff.gz krb5_1.8.3+dfsg-3.dsc to main/k/krb5/krb5_1.8.3+dfsg-3.dsc libgssapi-krb5-2_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libgssapi-krb5-2_1.8.3+dfsg-3_amd64.deb libgssrpc4_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libgssrpc4_1.8.3+dfsg-3_amd64.deb libk5crypto3_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libk5crypto3_1.8.3+dfsg-3_amd64.deb libkadm5clnt-mit7_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libkadm5clnt-mit7_1.8.3+dfsg-3_amd64.deb libkadm5srv-mit7_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libkadm5srv-mit7_1.8.3+dfsg-3_amd64.deb libkdb5-4_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libkdb5-4_1.8.3+dfsg-3_amd64.deb libkrb5-3_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libkrb5-3_1.8.3+dfsg-3_amd64.deb libkrb5-dbg_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libkrb5-dbg_1.8.3+dfsg-3_amd64.deb libkrb5-dev_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libkrb5-dev_1.8.3+dfsg-3_amd64.deb libkrb53_1.8.3+dfsg-3_all.deb to main/k/krb5/libkrb53_1.8.3+dfsg-3_all.deb libkrb5support0_1.8.3+dfsg-3_amd64.deb to main/k/krb5/libkrb5support0_1.8.3+dfsg-3_amd64.deb