Accepted krb5 1.13.2+dfsg-5 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 23 Feb 2016 08:54:09 -0500
Source: krb5
Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-otp krb5-k5tls krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit9 libkadm5clnt-mit9 libk5crypto3 libkdb5-8 libkrb5support0 libkrad0 krb5-gss-samples krb5-locales libkrad-dev
Architecture: source
Version: 1.13.2+dfsg-5
Distribution: unstable
Urgency: high
Maintainer: Sam Hartman <hartmans@debian.org>
Changed-By: Sam Hartman <hartmans@debian.org>
Description:
krb5-admin-server - MIT Kerberos master server (kadmind)
krb5-doc - Documentation for MIT Kerberos
krb5-gss-samples - MIT Kerberos GSS Sample applications
krb5-k5tls - TLS plugin for MIT Kerberos
krb5-kdc - MIT Kerberos key server (KDC)
krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
krb5-locales - Internationalization support for MIT Kerberos
krb5-multidev - Development files for MIT Kerberos without Heimdal conflict
krb5-otp - OTP plugin for MIT Kerberos
krb5-pkinit - PKINIT plugin for MIT Kerberos
krb5-user - Basic programs to authenticate using MIT Kerberos
libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
libkadm5clnt-mit9 - MIT Kerberos runtime libraries - Administration Clients
libkadm5srv-mit9 - MIT Kerberos runtime libraries - KDC and Admin Server
libkdb5-8 - MIT Kerberos runtime libraries - Kerberos database
libkrad-dev - MIT Kerberos RADIUS Library Development
libkrad0 - MIT Kerberos runtime libraries - RADIUS library
libkrb5-3 - MIT Kerberos runtime libraries
libkrb5-dbg - Debugging files for MIT Kerberos
libkrb5-dev - Headers and development libraries for MIT Kerberos
libkrb5support0 - MIT Kerberos runtime libraries - Support library
Closes: 813126 813127 813296
Changes:
krb5 (1.13.2+dfsg-5) unstable; urgency=high
.
* Security Update
* Verify decoded kadmin C strings [CVE-2015-8629]
CVE-2015-8629: An authenticated attacker can cause kadmind to read
beyond the end of allocated memory by sending a string without a
terminating zero byte. Information leakage may be possible for an
attacker with permission to modify the database. (Closes: #813296)
* Check for null kadm5 policy name [CVE-2015-8630]
CVE-2015-8630: An authenticated attacker with permission to modify a
principal entry can cause kadmind to dereference a null pointer by
supplying a null policy value but including KADM5_POLICY in the mask.
(Closes: #813127)
* Fix leaks in kadmin server stubs [CVE-2015-8631]
CVE-2015-8631: An authenticated attacker can cause kadmind to leak
memory by supplying a null principal name in a request which uses one.
Repeating these requests will eventually cause kadmind to exhaust all
available memory. (Closes: #813126)
Checksums-Sha1:
1ba079eedfbc4e0aa7f5a6209ca18b807f255306 3192 krb5_1.13.2+dfsg-5.dsc
ba403e658d93aa9fa1d0f06af8e1ff3578d1644d 101968 krb5_1.13.2+dfsg-5.debian.tar.xz
Checksums-Sha256:
b52caa3fd7211250987f2f0319579992a7f2bc24c47c766fdfc0403945dbfbdb 3192 krb5_1.13.2+dfsg-5.dsc
8f8c951a524af50b300f524cd14bd946ea802e81eddbc719f9b71719158b9c1d 101968 krb5_1.13.2+dfsg-5.debian.tar.xz
Files:
26291c211f242483c683f33fbec4318c 3192 net standard krb5_1.13.2+dfsg-5.dsc
e43b4ba1ea32fa6a1f00b301d643fa63 101968 net standard krb5_1.13.2+dfsg-5.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGIBAEBCAAGBQJWzGVyAAoJEHyaUfYmslafxxULXiZCYFyE1zSoSj6jF/unDV0u
FAkLQvQmVKa84VZ9nLETGGSBBSXGuEuu/donK2RttGjZGobNaBIJeNkRDLchnqco
NKTT8OhX0kyseaLX/upp84oMq+ouoM5PkxzfqlF/QcLzDRDEttzXmI9jTFnjyM0Y
6CB9WgrW0XP03IjJ0iKWU4c+tD5j9nNYvTbBuUowlorFLbFCw0cIlBZ/ldYH1/M+
XJyXr9EX7eq8p5jtaK6OXvkkyJRx0BwTSZ+oJTSzBu/kOpMd5xIBPn+alMmeE86k
ralA/q600tnU41oBMw3DCQk2XxA3b3JMoxs1Jzc8y3rzdaunJm8MpJnB1BPE8u9+
rIqiIfUZwhURQs9pBxrfJ9TGVDnEj0hBHuPIH+2PlSBVcBlG78IWKYeWQFzjztYH
V6L0Wpo7d1JkLEoZlIe4td7gh6F7nXevFTXnM/whooa/ecTsW70EtgsFwIJBaJin
GfKwq47dsx3ulhY=
=fCK3
-----END PGP SIGNATURE-----