-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 09 Aug 2017 12:19:50 -0400 Source: krb5 Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-kpropd krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-otp krb5-k5tls krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit11 libkadm5clnt-mit11 libk5crypto3 libkdb5-8 libkrb5support0 libkrad0 krb5-gss-samples krb5-locales libkrad-dev Architecture: source Version: 1.15-1+deb9u1 Distribution: stretch Urgency: high Maintainer: Sam Hartman <hartmans@debian.org> Changed-By: Sam Hartman <hartmans@debian.org> Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-doc - documentation for MIT Kerberos krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-k5tls - TLS plugin for MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-kpropd - MIT Kerberos key server (KDC) krb5-locales - internationalization support for MIT Kerberos krb5-multidev - development files for MIT Kerberos without Heimdal conflict krb5-otp - OTP plugin for MIT Kerberos krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit11 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit11 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-8 - MIT Kerberos runtime libraries - Kerberos database libkrad-dev - MIT Kerberos RADIUS Library Development libkrad0 - MIT Kerberos runtime libraries - RADIUS library libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - debugging files for MIT Kerberos libkrb5-dev - headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Closes: 856307 860767 869260 Changes: krb5 (1.15-1+deb9u1) stretch; urgency=high . * CVE-2017-11368: Remote authenticated attackers can crash the KDC, Closes: #869260 * Upstream patches to fix startup if getaddrinfo() returns a wildcard v6 address, and to fix handling of explicitly specified v4 wildcard address; regression over previous versions, Closes: #860767 * Fix SRV lookups to respect udp_preference_limit, regression over previous versions with OTP, Closes: #856307 Checksums-Sha1: 3865bd0c4b019aef44e8fbb08cd0a875f4ab2e50 3373 krb5_1.15-1+deb9u1.dsc 35368ab78bb847d0b23cc957bfb931e6fb45dd61 144944 krb5_1.15-1+deb9u1.debian.tar.xz Checksums-Sha256: cb69444c826f380c9d3ea7c5e6bf04105ca2fceb26ecc14b293f458f337f34c2 3373 krb5_1.15-1+deb9u1.dsc f04183b2ecfd0fe488975338eb4f900d5f605c81a9ae279451ceda948d99a21c 144944 krb5_1.15-1+deb9u1.debian.tar.xz Files: 03dd0ab3bfb4c70bd8bea0437db65194 3373 net standard krb5_1.15-1+deb9u1.dsc 981da9e09bcd891263f0a05d4789e7fe 144944 net standard krb5_1.15-1+deb9u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQGfBAEBCAAdFiEEz1cSziAwmFRQyTi4fJpR9iayVp8FAlmOZ/IACgkQfJpR9iay Vp+xggtdHdvSRs7m6ZmvcvY2exjBKZjNuu4fE1yOoG0NxrtolEJ1Wmr10jKbDOV/ GAmjCKYCn/OLH7owt4Lk+G8TBMdfqXx4Vszbp4p3/mrlHaUyqgkL/bLLjfgjg49t i+RnEIOQR9oLBNTeHyebPSXIbcj57waI4/GlbNu9uLVJ/widI5+wfIWQfecJvmLP 33FmwBJtniHn4+Zh7bnusyZ3XtRDOcBlQA4ywmYv5XX0ldEWLg4NjBJNAHLNeBvD x2Dq/EbDoO7sAH+/GAW3nsT1/ck/Q8pmKyn1qF19S2HFVHDOAZEUJeAMs9yqGHGT +Bd6J8021HDc+jRJ6bolbb3mFL7qhGc9dZCSjIruM3IjFP99/W6/z4/YjJRmlG5F 3eei0CLPjPvuVTXq0uQ5XGw7FDUejklbP6ZogC9b+ESYjPlUoLsyaXG+rwuqqfFD i8QoVmpPopwuDpPILvtfericz9rOr9cN4UfUtatCmf85FQ== =rgzE -----END PGP SIGNATURE-----