Debian Package Tracker

general

source: krb5 (main)
version: 1.16.1-1
maintainer: Sam Hartman [DMD]
uploaders: Russ Allbery [DMD] – Benjamin Kaduk [DMD]
arch: all any
std-ver: 4.1.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.10.1+dfsg-5+deb7u7
o-o-sec: 1.10.1+dfsg-5+deb7u9
oldstable: 1.12.1+dfsg-19+deb8u4
old-sec: 1.12.1+dfsg-19+deb8u2
stable: 1.15-1+deb9u1
testing: 1.16.1-1
unstable: 1.16.1-1

versioned links

1.10.1+dfsg-5+deb7u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.10.1+dfsg-5+deb7u9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+dfsg-19+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.1+dfsg-19+deb8u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.15-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.16.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

krb5-admin-server
krb5-doc
krb5-gss-samples
krb5-k5tls
krb5-kdc
krb5-kdc-ldap
krb5-kpropd
krb5-locales
krb5-multidev
krb5-otp
krb5-pkinit
krb5-user
libgssapi-krb5-2
libgssrpc4
libk5crypto3
libkadm5clnt-mit11
libkadm5srv-mit11
libkdb5-9
libkrad-dev
libkrad0
libkrb5-3
libkrb5-dbg
libkrb5-dev
libkrb5support0

action needed

Debci reports failed tests (log) high

Debci reports test failures (log).

The tests ran in 0h 0m 46s

Last run: 2018-10-13 23:03:28

Previous status: fail

Created: 2018-10-04 Last update: 2018-10-17 09:51

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2018-10-01 Last update: 2018-10-17 09:01

Multiarch hinter reports 2 issue(s) normal

There are issues with the multiarch metadata for this package.

krb5-doc could be marked Multi-Arch: foreign
libkrad-dev could be marked Multi-Arch: same

Created: 2016-09-14 Last update: 2018-10-17 08:55

Depends on packages which need a new maintainer normal

The packages that krb5 depends on which need a new maintainer are:

doxygen (#888580)
- Build-Depends-Indep: doxygen doxygen-latex

Created: 2018-10-12 Last update: 2018-10-17 07:43

4 new commits since last upload, time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.16.1-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit ef89c170eb8e5f9f24fbc15d07c2f38aa03c0475
Merge: 54ea95483 eae79c729
Author: Sam Hartman <hartmans@debian.org>
Date:   Tue Oct 2 11:39:10 2018 -0400

    Merge branch 'master' of salsa.debian.org:/debian/krb5
    
    Merge in whitespace cleanup.
    Confirmed that debian/rules changes seem harmless.

commit eae79c7293bc319f5b2c6f2363f7bc8b8a6c7991
Author: Ondřej Nový <onovy@debian.org>
Date:   Mon Oct 1 10:35:09 2018 +0200

    d/rules: Remove trailing whitespaces

commit d05375dfd9c177c7f8db3101d86fbbc9525ae655
Author: Ondřej Nový <onovy@debian.org>
Date:   Mon Oct 1 10:35:09 2018 +0200

    d/control: Remove trailing whitespaces

commit 69efbc6f4dbe820c4d2f1133b3cbdc770de49f12
Author: Ondřej Nový <onovy@debian.org>
Date:   Mon Oct 1 10:35:08 2018 +0200

    d/changelog: Remove trailing whitespaces

Created: 2018-07-17 Last update: 2018-10-17 03:19

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2018-10-12 Last update: 2018-10-12 08:21

4 ignored security issues in jessie low

There are 4 open security issues in jessie.

4 issues skipped by the security teams:

CVE-2018-5729: MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
CVE-2018-5710: An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.
CVE-2018-5730: MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
CVE-2017-11462: Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.

Please fix them.

Created: 2015-07-12 Last update: 2018-10-09 06:42

4 ignored security issues in stretch low

There are 4 open security issues in stretch.

4 issues skipped by the security teams:

CVE-2018-5729: MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
CVE-2018-5710: An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.
CVE-2018-5730: MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
CVE-2017-11462: Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.

Please fix them.

Created: 2017-07-22 Last update: 2018-10-09 06:42

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2017-10-26 07:22

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.1.1).

Created: 2018-01-18 Last update: 2018-10-04 02:44

news

[rss feed]

[2018-10-09] krb5 1.16.1-1 MIGRATED to testing (Debian testing watch)
[2018-10-03] Accepted krb5 1.16.1-1 (source) into unstable (Sam Hartman)
[2018-01-31] Accepted krb5 1.10.1+dfsg-5+deb7u9 (source all amd64) into oldoldstable (Markus Koschany)
[2018-01-26] krb5 1.16-2 MIGRATED to testing (Debian testing watch)
[2018-01-20] Accepted krb5 1.16-2 (source) into unstable (Sam Hartman)
[2018-01-18] Accepted krb5 1.16-1 (all amd64 source) into unstable, unstable (Sam Hartman)
[2017-11-03] krb5 1.15.2-2 MIGRATED to testing (Debian testing watch)
[2017-10-29] Accepted krb5 1.15.2-2 (source amd64 all) into unstable (Benjamin Kaduk)
[2017-10-25] Accepted krb5 1.15.2-1 (source amd64 all) into unstable (Benjamin Kaduk)
[2017-09-08] Accepted krb5 1.12.1+dfsg-19+deb8u4 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Sam Hartman)
[2017-08-14] Accepted krb5 1.10.1+dfsg-5+deb7u8 (source all amd64) into oldoldstable (Lucas Kanashiro)
[2017-08-12] Accepted krb5 1.15-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Sam Hartman)
[2017-07-26] krb5 1.15.1-2 MIGRATED to testing (Debian testing watch)
[2017-07-23] Accepted krb5 1.15.1-2 (source) into unstable (Sam Hartman)
[2017-07-15] krb5 1.15.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-09] Accepted krb5 1.15.1-1 (source) into unstable (Sam Hartman)
[2017-04-21] Accepted krb5 1.15-2 (source amd64 all) into experimental (Sam Hartman)
[2016-12-16] krb5 1.15-1 MIGRATED to testing (Debian testing watch)
[2016-12-04] Accepted krb5 1.15-1 (source amd64 all) into unstable (Benjamin Kaduk)
[2016-11-28] krb5 1.15~beta1-1 MIGRATED to testing (Debian testing watch)
[2016-11-03] Accepted krb5 1.15~beta1-1 (source amd64 all) into unstable, unstable (Sam Hartman)
[2016-09-12] krb5 1.14.3+dfsg-2 MIGRATED to testing (Debian testing watch)
[2016-09-06] Accepted krb5 1.14.3+dfsg-2 (source amd64 all) into unstable (Sam Hartman)
[2016-08-07] krb5 1.14.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-08-06] krb5 1.14.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-07-31] Accepted krb5 1.14.3+dfsg-1 (source) into unstable (Benjamin Kaduk)
[2016-06-05] krb5 1.14.2+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-05-30] Accepted krb5 1.14.2+dfsg-1 (source amd64 all) into unstable (Sam Hartman)
[2016-02-28] Accepted krb5 1.14+dfsg-1 (source amd64 all) into experimental, experimental (Sam Hartman)
[2016-02-27] krb5 1.13.2+dfsg-5 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 22 23
RC: 0
I&N: 11
M&W: 11 12
F&P: 0
patch: 2

links

homepage
lintian (0, 1)
buildd: logs, checks, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.16-2ubuntu1
22 bugs (2 patches)
patches for 1.16-2ubuntu1