Back to heimdal PTS page

Accepted heimdal 7.7.0+dfsg-2+deb11u1 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted heimdal 7.7.0+dfsg-2+deb11u1 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 23 Nov 2022 21:17:08 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: heimdal_7.7.0+dfsg-2+deb11u1_sourceonly.changes
Debian-source: heimdal
Debian-suite: proposed-updates
Debian-version: 7.7.0+dfsg-2+deb11u1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=2o7JbkwYbMxk6JMLyqNPitNfBnSKwtTskb2FxpRM4GM=; b=rUy2ZI7x3qMPiNO3DzfPkoU817 kBDtiqC9sbs/LOxtG4kc6hLZ5wnhObfZaMLIp1sbw6L5n1KQGDaEmsJmFsaMbhkpSTGU0pkrNz8cC ULMQUHqnu3aUbivTY1kXSHHcAm5FVlma1KvQt3AsOGSCd9LF6O/9M0Dxakvn36PtSLvNZrf4CRii5 90MBI5TLaT68eVOPdc6oCzyxpZQUN9Of3cQpPy1nhFyesMSqH+yIIMhy2jeIsm5X7/bo8CFdCT9lm LCdgJfoKExzE0t7XVHhxl5EMlHSgy5n11W8VCCL+eDibIHONTlmDcjJwbIKQdG4ph7PHTsk6mIgbc j8BW1Llg==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1oxx7E-00A6AR-Co@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 12 Nov 2022 15:56:34 +0100
Source: heimdal
Architecture: source
Version: 7.7.0+dfsg-2+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Brian May <bam@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 996586
Changes:
 heimdal (7.7.0+dfsg-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * kdc: validate sname in TGS-REQ (CVE-2021-3671) (Closes: #996586)
   * Address GCC Bug 95189 memcmp wrongly stripped like strcmp
   * Fix compiler warnings and build issues
   * spnego: send_reject when no mech selected (CVE-2021-44758)
   * asn1: Invalid free in ASN.1 codec (CVE-2022-44640)
   * gsskrb5: Use constant-time memcmp() for arcfour unwrap (CVE-2022-3437)
   * gsskrb5: Use constant-time memcmp() in unwrap_des3() (CVE-2022-3437)
   * gsskrb5: Don't pass NULL pointers to memcpy() in DES unwrap
     (CVE-2022-3437)
   * gsskrb5: Avoid undefined behaviour in _gssapi_verify_pad() (CVE-2022-3437)
   * gsskrb5: Check the result of _gsskrb5_get_mech() (CVE-2022-3437)
   * gsskrb5: Check buffer length against overflow for DES{,3} unwrap
     (CVE-2022-3437)
   * gsskrb5: Check for overflow in _gsskrb5_get_mech() (CVE-2022-3437)
   * gsskrb5: Pass correct length to _gssapi_verify_pad() (CVE-2022-3437)
   * krb5: PAC parse integer overflows (CVE-2022-42898)
   * lib/wind: find_normalize read past end of array
Checksums-Sha1: 
 c88a50b8a408bfbf23df07c504d811515091b95e 3767 heimdal_7.7.0+dfsg-2+deb11u1.dsc
 2b71fff4c2e4a4c8b2c6ab3e4f5dc40b26b6388f 5945252 heimdal_7.7.0+dfsg.orig.tar.xz
 7bdf0f0b5552c6fca2a958ffbf3eb182d9cfc717 147396 heimdal_7.7.0+dfsg-2+deb11u1.debian.tar.xz
Checksums-Sha256: 
 667f718c4d3d99de172071fc7b801501ebf1b8b2c28972ffc6721da85660ba9f 3767 heimdal_7.7.0+dfsg-2+deb11u1.dsc
 6822c9547188b753b6325047fda9255744e4ebbbe02bb0dade78c261061fefac 5945252 heimdal_7.7.0+dfsg.orig.tar.xz
 5483d4fa6a776068181d9b01aea8c5f15910dde00d9a591c87c85d4730a5925e 147396 heimdal_7.7.0+dfsg-2+deb11u1.debian.tar.xz
Files: 
 b5a2fe84736667ecf525f9dc97529e09 3767 net optional heimdal_7.7.0+dfsg-2+deb11u1.dsc
 4400de10f7a569fe14ecb2641aea341b 5945252 net optional heimdal_7.7.0+dfsg.orig.tar.xz
 42dae396b0e6f75503a23b7b8695a294 147396 net optional heimdal_7.7.0+dfsg-2+deb11u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmNvt75fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EHFcP/iU41lV13RQS6sZ4ODnw+H8ylxY4Du7u
FHdZte5r5gR2eUHVviUb6+mUWRB2Y5xszznP+gKoUu68pxYMl5Dox8ckcfVAzO3r
9vss7bmGYkN5X1L+nhBahsAOBJU65OGmIUDgGDwY6vr/H1hPo0aX8UzoqPJUpSgy
Y2nxZHbQ2uKWpq6K5JGtiDl5DoKwWcl6AeKYSCDVEI0+sgDo335lJ6Ve8Xf3YD6T
ncBnf6UpwQ1OSSKpJM/nMdjOjdfpLPA8jFejY8WhV8Ab7WpfhfSULBLvLIHH/ASM
NchFyV5oHbuWSfRdLHwP8wIb6EB7OGU6b60YJBv+7YdYWt2QvycGQCzcmN+hiGYl
JErO3ILENoum5yDDrW8EpFkJWU8KfmudhkRxPt+tmWwRV094QUuHIWGVN14o1TXM
zlwEBKAKPak/rbtVGovVLcD8wFrh4IGCY1r+cRT6fOTiygwbEYOjbeNRZxg+KwPX
XxyEQ0IbOSu3iZwW2I8xmdMY/LThpnmt/X1q5BK2ueuGd+geerczNlNlmfp7e7II
/fagfOpbuP9q3uV2ca0VrP7H8Ek+48Dfltj3lw8SCePw1zEs2QzYTxib0XJ52bQX
yzwxgAcw1/nNUOZYX6AhHc1kkImRWxmAbetxdl75Su3ITN/Od+8RTfKhcvPfUpo5
MvUFPekMfdOd
=8cug
-----END PGP SIGNATURE-----