-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 03 Feb 2015 10:50:31 -0500 Source: krb5 Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit8 libkadm5clnt-mit8 libk5crypto3 libkdb5-6 libkrb5support0 krb5-gss-samples krb5-locales Architecture: source all amd64 Version: 1.10.1+dfsg-5+deb7u3 Distribution: stable-security Urgency: high Maintainer: Sam Hartman <hartmans@debian.org> Changed-By: Sam Hartman <hartmans@debian.org> Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-doc - Documentation for MIT Kerberos krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-locales - Internationalization support for MIT Kerberos krb5-multidev - Development files for MIT Kerberos without Heimdal conflict krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit8 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit8 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-6 - MIT Kerberos runtime libraries - Kerberos database libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Changes: krb5 (1.10.1+dfsg-5+deb7u3) stable-security; urgency=high . * MITKRB5-SA-2015-001 - CVE-2014-5352: gss_process_context_token() incorrectly frees context - CVE-2014-9421: kadmind doubly frees partial deserialization results - CVE-2014-9422: kadmind incorrectly validates server principal name - CVE-2014-9423: libgssrpc server applications leak uninitialized bytes Checksums-Sha1: 80536b485a5ea974fac31a3e71b029bea9887626 2739 krb5_1.10.1+dfsg-5+deb7u3.dsc 866c85c060051ed491f3175ef8588d200abfe894 142116 krb5_1.10.1+dfsg-5+deb7u3.debian.tar.gz a53ec20026d1ec344a8d093a3e5a6582728ec03d 2668452 krb5-doc_1.10.1+dfsg-5+deb7u3_all.deb 716a21aeea86d2f254936cf275252f87c8563f7b 1503288 krb5-locales_1.10.1+dfsg-5+deb7u3_all.deb 055a917c5ff9ff5cfc5af71a0fe03863d40276db 154068 krb5-user_1.10.1+dfsg-5+deb7u3_amd64.deb 29519e68c8f8150edac4e1db1cbb60d93228daee 225198 krb5-kdc_1.10.1+dfsg-5+deb7u3_amd64.deb 2ee4e7556d63d4ba5b993c9a9ae9808ef75727fd 121038 krb5-kdc-ldap_1.10.1+dfsg-5+deb7u3_amd64.deb 36025bb1c8702b45885ff77ced58697ee62e6491 123314 krb5-admin-server_1.10.1+dfsg-5+deb7u3_amd64.deb 16f7601ac5e4b55b6860ebc0b72c0fe5102e11ed 153624 krb5-multidev_1.10.1+dfsg-5+deb7u3_amd64.deb 71e1b997d817bc4f1cb0525e13eb34cbe6a657cc 39850 libkrb5-dev_1.10.1+dfsg-5+deb7u3_amd64.deb faa3fede31877a3e1a4ce9589a7f75b3cc301cd9 2203362 libkrb5-dbg_1.10.1+dfsg-5+deb7u3_amd64.deb d80974cf0387a0f8fc0b2ffe448c7e24daca37ae 82566 krb5-pkinit_1.10.1+dfsg-5+deb7u3_amd64.deb 371af262a9ffa88004cc2548eefbbb45401a0618 393408 libkrb5-3_1.10.1+dfsg-5+deb7u3_amd64.deb 102acf79ee943c8bd6222aa03c8f6cdd247c08a5 148354 libgssapi-krb5-2_1.10.1+dfsg-5+deb7u3_amd64.deb 2b74f3c246f03b5ca223b504cf1ed2b1d37166d5 87606 libgssrpc4_1.10.1+dfsg-5+deb7u3_amd64.deb 8f830d8480eeb4f74d7f2e6d14d99fe642aebf54 85018 libkadm5srv-mit8_1.10.1+dfsg-5+deb7u3_amd64.deb 6241ee4b5aa00bf870a1759d8e0f8e83561c9ebb 68100 libkadm5clnt-mit8_1.10.1+dfsg-5+deb7u3_amd64.deb 03941ead247b534c09617136929c63c8dc51acb8 112762 libk5crypto3_1.10.1+dfsg-5+deb7u3_amd64.deb 2034c165b219950f090ccd40dce2a884fc452e8e 67186 libkdb5-6_1.10.1+dfsg-5+deb7u3_amd64.deb f3ae2e30929ca04aae4d8740ee0134f6dd796357 49922 libkrb5support0_1.10.1+dfsg-5+deb7u3_amd64.deb 732cd4b0510f704098c5de1ace1cfe0fe9289d32 51964 krb5-gss-samples_1.10.1+dfsg-5+deb7u3_amd64.deb Checksums-Sha256: 2b6e501bf7fe1baa4c8132bbf6fa0210402f7bb2c979fd17d894993e0d79b2dd 2739 krb5_1.10.1+dfsg-5+deb7u3.dsc 82fa195a4d391031ffce71f25500c68298d5f19cfaded517f3416775104ffd75 142116 krb5_1.10.1+dfsg-5+deb7u3.debian.tar.gz 3c746bcf85926c510b3aeb820a4461ca3cc460ecbd6c6952d2845ba80fe1ffef 2668452 krb5-doc_1.10.1+dfsg-5+deb7u3_all.deb 6578c5523b7cb8dfe5bdb89360f911a5d247db85f8cd1606073648d2049b2ff3 1503288 krb5-locales_1.10.1+dfsg-5+deb7u3_all.deb c3f74335a5c9d239032e55152e2c6991af004839cfac0ef576fe85b94354626f 154068 krb5-user_1.10.1+dfsg-5+deb7u3_amd64.deb 36ebf5ae6de6d71afb438ddbd40eb91c10e1ec5d8a533d18edfbf773ad928f97 225198 krb5-kdc_1.10.1+dfsg-5+deb7u3_amd64.deb 940ca148f581adc818ef91436aff8b8fd3b5c91347602b0e1966d9d5370b72a5 121038 krb5-kdc-ldap_1.10.1+dfsg-5+deb7u3_amd64.deb eff58da6c1bb2fb7ad96194a7ba548d77f15b9d0b8c236b46b700b48ba59ca03 123314 krb5-admin-server_1.10.1+dfsg-5+deb7u3_amd64.deb 79c1c6f379c36f31c0607e46f6bd19ea20a7c66ddaf8dd0474b0c264b74cc480 153624 krb5-multidev_1.10.1+dfsg-5+deb7u3_amd64.deb 8b4b5d198335c92450adf9b4916f37173025e9b9409c46cc7d57f6b3eb7c40b1 39850 libkrb5-dev_1.10.1+dfsg-5+deb7u3_amd64.deb 72c31fda38b65908181822eabfa14e85420103070cb3a2fd205fc97dc6902774 2203362 libkrb5-dbg_1.10.1+dfsg-5+deb7u3_amd64.deb 8ad0ff3c5f7284123be2048abc5264a57803bed528132f8fb7d1c86061005e25 82566 krb5-pkinit_1.10.1+dfsg-5+deb7u3_amd64.deb fb1aa0b15d8d1708900580f3f5566c8fefb8ffb26f07e0bc5ccbdeea14af4ee1 393408 libkrb5-3_1.10.1+dfsg-5+deb7u3_amd64.deb 409f1e6480a5c5cac7462f37f92c76e303d79cf740a30295982870699a829980 148354 libgssapi-krb5-2_1.10.1+dfsg-5+deb7u3_amd64.deb b721116608aa42f4ef8aea7d1202051156a0b893d7adfa0f4cd6b38e8a644318 87606 libgssrpc4_1.10.1+dfsg-5+deb7u3_amd64.deb 8518411b745e4f04fcb2e456ed3e29d8ab4d853d4f4c7b801826ee5b1287be97 85018 libkadm5srv-mit8_1.10.1+dfsg-5+deb7u3_amd64.deb c6f19211831a8d57f43f5519900c4b551240afd1cfd2158ebb3f8fd597f154f5 68100 libkadm5clnt-mit8_1.10.1+dfsg-5+deb7u3_amd64.deb c275fd2138947bb4d4c6ae75eb3998a93668d78547147a83e6df99557b0eb3ec 112762 libk5crypto3_1.10.1+dfsg-5+deb7u3_amd64.deb 551be8bd65a9fc577da21af6ee05cb61419c866ff0c5227e30be597fa78caec4 67186 libkdb5-6_1.10.1+dfsg-5+deb7u3_amd64.deb fdeccbf51aa8fa4df828c6887e7dec104ae0c95240bea3fd6656c5fab880b0be 49922 libkrb5support0_1.10.1+dfsg-5+deb7u3_amd64.deb 37eba199c3bb33fd694fb6c0801bf1e94a278d277c52619539d9fe2211cfe976 51964 krb5-gss-samples_1.10.1+dfsg-5+deb7u3_amd64.deb Files: cf5922f8350f0c2d4e23b4e6314e3dc8 2739 net standard krb5_1.10.1+dfsg-5+deb7u3.dsc 2979199611b5ab09a2195170a7e84c4d 142116 net standard krb5_1.10.1+dfsg-5+deb7u3.debian.tar.gz 6ada57f6bc269f4a5d7578d0bfac3cfc 2668452 doc optional krb5-doc_1.10.1+dfsg-5+deb7u3_all.deb a8da8218858538219502e5586b17c545 1503288 localization standard krb5-locales_1.10.1+dfsg-5+deb7u3_all.deb 03cf5003d5a7cc4a59c68b088cea41d6 154068 net optional krb5-user_1.10.1+dfsg-5+deb7u3_amd64.deb 251c4446db92538a232f3ce1d7b266a3 225198 net optional krb5-kdc_1.10.1+dfsg-5+deb7u3_amd64.deb 1e0d212bf316c15801c88829893f4b6d 121038 net extra krb5-kdc-ldap_1.10.1+dfsg-5+deb7u3_amd64.deb e39a74d86fff16598918a4a2ec03b74e 123314 net optional krb5-admin-server_1.10.1+dfsg-5+deb7u3_amd64.deb bf887d013aef226d69670372158df179 153624 libdevel optional krb5-multidev_1.10.1+dfsg-5+deb7u3_amd64.deb c0a9d3c30717f4e28eee618c21f3c84d 39850 libdevel extra libkrb5-dev_1.10.1+dfsg-5+deb7u3_amd64.deb 950632726df0b7dde9b5a589859bc801 2203362 debug extra libkrb5-dbg_1.10.1+dfsg-5+deb7u3_amd64.deb 9b539923cacc9fbbcf329772fb8cfd63 82566 net extra krb5-pkinit_1.10.1+dfsg-5+deb7u3_amd64.deb a127759f2f8deed204c9235771b69224 393408 libs standard libkrb5-3_1.10.1+dfsg-5+deb7u3_amd64.deb 1936f868769d2357c09d97354caa4c17 148354 libs standard libgssapi-krb5-2_1.10.1+dfsg-5+deb7u3_amd64.deb 8e4b0cd665e54741de91fe634829d438 87606 libs standard libgssrpc4_1.10.1+dfsg-5+deb7u3_amd64.deb 21039998491ca544730d902856877b0f 85018 libs standard libkadm5srv-mit8_1.10.1+dfsg-5+deb7u3_amd64.deb ae4fe2526ca3b0b1fa364368de101db2 68100 libs standard libkadm5clnt-mit8_1.10.1+dfsg-5+deb7u3_amd64.deb 5afa5c2205c050aab2da3c0d09e30fc3 112762 libs standard libk5crypto3_1.10.1+dfsg-5+deb7u3_amd64.deb 79ab41400ef0e748ac42634b3145ff98 67186 libs standard libkdb5-6_1.10.1+dfsg-5+deb7u3_amd64.deb 7e06ed584ae6f95b3f6c9663a5562c70 49922 libs standard libkrb5support0_1.10.1+dfsg-5+deb7u3_amd64.deb 71e2405522e32027ee692b48ec673f8f 51964 net extra krb5-gss-samples_1.10.1+dfsg-5+deb7u3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQGIBAEBCAAGBQJU0QmkAAoJEHyaUfYmslafvqgLXA2pmpsBkQYp3020GsGNQ+Qf e204bMjEJ9tbUL+96Xb5edxRTH07EDGmv7E8J+vkwk0wyMSaM8YL12vQS8+YL7tC N9jVv2qd1SC6AbD1W9N4OTxhMuvxUdRKuTRQe95/G9+qCPFhF6DQ36C7n3nlQBch LxjIafYrkI9gWJZpIxrbIk5Jc3ii+NW/hQe1MXT6gSUBXolsKyOlLH7MhII85dO3 BzesrCmjtERbiJizd7oAqCnhHg8hj+mIudD1zO5TsTZH7wJsXyre6FdIqj+b0zKe dOi1JEUm5CO+4CO+tpkutLSrujcR4e1dDrgFS6cSuIvmoG2jWJx3aa3c96Zvf+wm Oejj8rW0Z7ZQSd49uw3r2clWO6L7a9qa1RZGPeifEzaMDMnSNguCwvlIwAbz119w g8z/bEDWyj/edWSVLHH1K/HMiQRh43JfkeK9OuQgu+S8TmcUDMWcNbRF6mG9NFz0 s+Y2BgPDdng72ZY= =yzlS -----END PGP SIGNATURE-----