Debian Package Tracker
Register | Log in
Subscribe

krb5

Choose email to subscribe with

general
  • source: krb5 (main)
  • version: 1.18.3-4
  • maintainer: Sam Hartman (DMD)
  • uploaders: Russ Allbery [DMD] – Benjamin Kaduk [DMD]
  • arch: all any
  • std-ver: 4.5.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 1.12.1+dfsg-19+deb8u4
  • o-o-sec: 1.12.1+dfsg-19+deb8u5
  • oldstable: 1.15-1+deb9u1
  • old-sec: 1.15-1+deb9u2
  • stable: 1.17-3+deb10u1
  • stable-sec: 1.17-3+deb10u1
  • testing: 1.18.3-4
  • unstable: 1.18.3-4
versioned links
  • 1.12.1+dfsg-19+deb8u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.12.1+dfsg-19+deb8u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.15-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.15-1+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.17-3+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.18.3-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • krb5-admin-server (4 bugs: 0, 3, 1, 0)
  • krb5-doc (2 bugs: 0, 1, 1, 0)
  • krb5-gss-samples
  • krb5-k5tls
  • krb5-kdc (1 bugs: 0, 0, 1, 0)
  • krb5-kdc-ldap (1 bugs: 0, 1, 0, 0)
  • krb5-kpropd (1 bugs: 0, 1, 0, 0)
  • krb5-locales
  • krb5-multidev (1 bugs: 0, 0, 1, 0)
  • krb5-otp
  • krb5-pkinit
  • krb5-user (5 bugs: 0, 0, 5, 0)
  • libgssapi-krb5-2 (2 bugs: 0, 2, 0, 0)
  • libgssrpc4
  • libk5crypto3
  • libkadm5clnt-mit12
  • libkadm5srv-mit12
  • libkdb5-10
  • libkrad-dev
  • libkrad0
  • libkrb5-3 (3 bugs: 0, 2, 1, 0)
  • libkrb5-dbg
  • libkrb5-dev (1 bugs: 0, 0, 1, 0)
  • libkrb5support0 (1 bugs: 0, 1, 0, 0)
action needed
A new upstream version is available: 1.19.1 high
A new upstream version 1.19.1 is available, you should consider packaging it.
Created: 2021-02-03 Last update: 2021-02-28 09:35
lintian reports 1 error and 3 warnings high
Lintian reports 1 error and 3 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2021-01-27 Last update: 2021-01-27 03:02
2 bugs tagged patch in the BTS normal
The BTS contains patches fixing 2 bugs, consider including or untagging them.
Created: 2020-10-19 Last update: 2021-02-28 09:31
5 low-priority security issues in stretch low

There are 5 open security issues in stretch.

4 issues left for the package maintainer to handle:
  • CVE-2018-20217: (needs triaging) A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.
  • CVE-2018-5710: (needs triaging) An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.
  • CVE-2018-5729: (needs triaging) MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
  • CVE-2018-5730: (needs triaging) MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.

You can find information about how to handle these issues in the security team's documentation.

1 ignored issue:
  • CVE-2017-11462: Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
Created: 2021-02-19 Last update: 2021-02-25 09:13
Build log checks report 1 warning low
Build log checks report 1 warning
Created: 2017-10-26 Last update: 2017-10-26 07:22
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).
Created: 2020-11-17 Last update: 2020-11-23 23:38
testing migrations
  • This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
news
[rss feed]
  • [2020-11-26] krb5 1.18.3-4 MIGRATED to testing (Debian testing watch)
  • [2020-11-23] Accepted krb5 1.18.3-4 (source) into unstable (Sam Hartman)
  • [2020-11-23] Accepted krb5 1.18.3-3 (source) into unstable (Sam Hartman)
  • [2020-11-22] Accepted krb5 1.17-3+deb10u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
  • [2020-11-21] Accepted krb5 1.17-3+deb10u1 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
  • [2020-11-20] Accepted krb5 1.18.3-2 (source) into unstable (Sam Hartman)
  • [2020-11-19] Accepted krb5 1.18.3-1 (source) into unstable (Sam Hartman)
  • [2020-11-10] Accepted krb5 1.18.2-1 (source amd64 all) into experimental, experimental (Debian FTP Masters) (signed by: Sam Hartman)
  • [2020-11-07] Accepted krb5 1.15-1+deb9u2 (source amd64 all) into oldstable (Chris Lamb)
  • [2020-06-17] krb5 1.17-10 MIGRATED to testing (Debian testing watch)
  • [2020-06-09] Accepted krb5 1.17-10 (source) into unstable (Sam Hartman)
  • [2020-06-08] Accepted krb5 1.17-9 (source) into unstable (Sam Hartman)
  • [2020-06-08] Accepted krb5 1.17-8 (source) into unstable (Sam Hartman)
  • [2020-03-26] krb5 1.17-7 MIGRATED to testing (Debian testing watch)
  • [2020-03-23] Accepted krb5 1.17-7 (source) into unstable (Sam Hartman)
  • [2019-08-04] krb5 1.17-6 MIGRATED to testing (Debian testing watch)
  • [2019-08-01] Accepted krb5 1.17-6 (source) into unstable (Sam Hartman)
  • [2019-07-20] krb5 1.17-5 MIGRATED to testing (Debian testing watch)
  • [2019-07-17] Accepted krb5 1.17-5 (source) into unstable (Sam Hartman)
  • [2019-07-16] krb5 1.17-4 MIGRATED to testing (Debian testing watch)
  • [2019-07-09] Accepted krb5 1.17-4 (source) into unstable (Sam Hartman)
  • [2019-06-21] krb5 1.17-3 MIGRATED to testing (Debian testing watch)
  • [2019-06-18] Accepted krb5 1.17-3 (source) into unstable (Sam Hartman)
  • [2019-03-08] krb5 1.17-2 MIGRATED to testing (Debian testing watch)
  • [2019-02-25] Accepted krb5 1.17-2 (all amd64 source) into unstable (Sam Hartman)
  • [2019-01-25] Accepted krb5 1.12.1+dfsg-19+deb8u5 (source all amd64) into oldstable (Thorsten Alteholz)
  • [2019-01-21] krb5 1.17-1 MIGRATED to testing (Debian testing watch)
  • [2019-01-13] Accepted krb5 1.17-1 (all amd64 source) into unstable (Sam Hartman)
  • [2019-01-03] krb5 1.16.2-1 MIGRATED to testing (Debian testing watch)
  • [2018-12-31] Accepted krb5 1.16.2-1 (source) into unstable (Sam Hartman)
  • 1
  • 2
bugs [bug history graph]
  • all: 25 27
  • RC: 0
  • I&N: 13 14
  • M&W: 12 13
  • F&P: 0
  • patch: 2
links
  • homepage
  • lintian (1, 3)
  • buildd: logs, checks, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • l10n (100, 100)
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 1.18.3-4
  • 21 bugs (2 patches)

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing