Register | Log in

krb5

Choose email to subscribe with

general

source: krb5 (main)
version: 1.18.3-4
maintainer: Sam Hartman (DMD)
uploaders: Russ Allbery [DMD] – Benjamin Kaduk [DMD]
arch: all any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.12.1+dfsg-19+deb8u4
o-o-sec: 1.12.1+dfsg-19+deb8u5
oldstable: 1.15-1+deb9u1
old-sec: 1.15-1+deb9u2
stable: 1.17-3+deb10u1
stable-sec: 1.17-3+deb10u1
testing: 1.18.3-4
unstable: 1.18.3-4

versioned links

1.12.1+dfsg-19+deb8u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+dfsg-19+deb8u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.15-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.15-1+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.17-3+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.18.3-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

krb5-admin-server (4 bugs: 0, 3, 1, 0)
krb5-doc (2 bugs: 0, 1, 1, 0)
krb5-gss-samples
krb5-k5tls
krb5-kdc
krb5-kdc-ldap (1 bugs: 0, 1, 0, 0)
krb5-kpropd (1 bugs: 0, 1, 0, 0)
krb5-locales
krb5-multidev (1 bugs: 0, 0, 1, 0)
krb5-otp
krb5-pkinit
krb5-user (5 bugs: 0, 0, 5, 0)
libgssapi-krb5-2 (2 bugs: 0, 2, 0, 0)
libgssrpc4
libk5crypto3
libkadm5clnt-mit12
libkadm5srv-mit12
libkdb5-10
libkrad-dev
libkrad0
libkrb5-3 (3 bugs: 0, 2, 1, 0)
libkrb5-dbg
libkrb5-dev (1 bugs: 0, 0, 1, 0)
libkrb5support0 (1 bugs: 0, 1, 0, 0)

action needed

lintian reports 2 errors and 5 warnings high

Lintian reports 2 errors and 5 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-09-21 Last update: 2020-09-21 06:02

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-01-18 17:31

5 ignored security issues in stretch low

There are 5 open security issues in stretch.

5 issues skipped by the security teams:

CVE-2017-11462: Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
CVE-2018-20217: A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.
CVE-2018-5710: An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.
CVE-2018-5729: MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
CVE-2018-5730: MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.

Please fix them.

Created: 2017-07-22 Last update: 2020-12-05 15:30

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2017-10-26 07:22

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2020-11-23 23:38

testing migrations

This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[2020-11-26] krb5 1.18.3-4 MIGRATED to testing (Debian testing watch)
[2020-11-23] Accepted krb5 1.18.3-4 (source) into unstable (Sam Hartman)
[2020-11-23] Accepted krb5 1.18.3-3 (source) into unstable (Sam Hartman)
[2020-11-22] Accepted krb5 1.17-3+deb10u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-11-21] Accepted krb5 1.17-3+deb10u1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2020-11-20] Accepted krb5 1.18.3-2 (source) into unstable (Sam Hartman)
[2020-11-19] Accepted krb5 1.18.3-1 (source) into unstable (Sam Hartman)
[2020-11-10] Accepted krb5 1.18.2-1 (source amd64 all) into experimental, experimental (Debian FTP Masters) (signed by: Sam Hartman)
[2020-11-07] Accepted krb5 1.15-1+deb9u2 (source amd64 all) into oldstable (Chris Lamb)
[2020-06-17] krb5 1.17-10 MIGRATED to testing (Debian testing watch)
[2020-06-09] Accepted krb5 1.17-10 (source) into unstable (Sam Hartman)
[2020-06-08] Accepted krb5 1.17-9 (source) into unstable (Sam Hartman)
[2020-06-08] Accepted krb5 1.17-8 (source) into unstable (Sam Hartman)
[2020-03-26] krb5 1.17-7 MIGRATED to testing (Debian testing watch)
[2020-03-23] Accepted krb5 1.17-7 (source) into unstable (Sam Hartman)
[2019-08-04] krb5 1.17-6 MIGRATED to testing (Debian testing watch)
[2019-08-01] Accepted krb5 1.17-6 (source) into unstable (Sam Hartman)
[2019-07-20] krb5 1.17-5 MIGRATED to testing (Debian testing watch)
[2019-07-17] Accepted krb5 1.17-5 (source) into unstable (Sam Hartman)
[2019-07-16] krb5 1.17-4 MIGRATED to testing (Debian testing watch)
[2019-07-09] Accepted krb5 1.17-4 (source) into unstable (Sam Hartman)
[2019-06-21] krb5 1.17-3 MIGRATED to testing (Debian testing watch)
[2019-06-18] Accepted krb5 1.17-3 (source) into unstable (Sam Hartman)
[2019-03-08] krb5 1.17-2 MIGRATED to testing (Debian testing watch)
[2019-02-25] Accepted krb5 1.17-2 (all amd64 source) into unstable (Sam Hartman)
[2019-01-25] Accepted krb5 1.12.1+dfsg-19+deb8u5 (source all amd64) into oldstable (Thorsten Alteholz)
[2019-01-21] krb5 1.17-1 MIGRATED to testing (Debian testing watch)
[2019-01-13] Accepted krb5 1.17-1 (all amd64 source) into unstable (Sam Hartman)
[2019-01-03] krb5 1.16.2-1 MIGRATED to testing (Debian testing watch)
[2018-12-31] Accepted krb5 1.16.2-1 (source) into unstable (Sam Hartman)

1
2

bugs [bug history graph]

all: 23 25
RC: 0
I&N: 12 13
M&W: 11 12
F&P: 0
patch: 1

links

homepage
lintian (2, 5)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
l10n (100, 100)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.17-10ubuntu1
21 bugs (2 patches)
patches for 1.17-10ubuntu1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing