Accepted libpam-krb5 4.9-1 (amd64 source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 30 Mar 2020 19:46:43 -0700
Binary: libpam-heimdal libpam-heimdal-dbgsym libpam-krb5 libpam-krb5-dbgsym
Source: libpam-krb5
Architecture: amd64 source
Version: 4.9-1
Distribution: unstable
Urgency: high
Maintainer: Russ Allbery <rra@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Closes: 871699
Description:
libpam-heimdal - PAM module for Heimdal Kerberos
libpam-krb5 - PAM module for MIT Kerberos
Changes:
libpam-krb5 (4.9-1) unstable; urgency=high
.
* New upstream release.
- Fix potential one-byte buffer overflow when relaying prompts from
the underlying Kerberos library. (CVE-2020-10595)
- Support use_pkinit with MIT Kerberos. (Closes: #871699)
- Reject passwords as long or longer than PAM_MAX_RESP_SIZE (512
octets) to avoid denial of service attacks.
- Use explicit_bzero to erase passwords before freeing.
- Return more accurate errors from the Kerberos prompter function.
- Fix an edge-case memory leak in pam_chauthtok.
* Update to debhelper compatibility level V12.
- Depend on debhelper-compat instead of debhelper.
* Update standards version to 4.5.0 (no changes required).
* Refresh upstream signing key.
Checksums-Sha1:
739fe416845921cf4a40cd01aa5377901cdc5e2d 1806 libpam-krb5_4.9-1.dsc
b37899ef082bf27ed778c924029cbe7cd6ce653e 424932 libpam-krb5_4.9.orig.tar.xz
ffd23ede7094eaa342c5d8ba3e3cf8935f67d3a7 26168 libpam-krb5_4.9-1.debian.tar.xz
51ee0e9ca557039bee7156f8e2d07abcc2989536 62868 libpam-heimdal-dbgsym_4.9-1_amd64.deb
08d5ed1542909301f9551c3225ecfe7d80aee1d0 88744 libpam-heimdal_4.9-1_amd64.deb
4ab86904d5d245479d46062cfb19bd810a475dd6 61396 libpam-krb5-dbgsym_4.9-1_amd64.deb
461e8621280a89cc69fc186a0c1e67bc77adb953 7612 libpam-krb5_4.9-1_amd64.buildinfo
3fb7e90406d53ecee79ac9ec9cf8d6c57d634b1b 91924 libpam-krb5_4.9-1_amd64.deb
Checksums-Sha256:
0e6437ff7c99688f3eea12b534e119a845657c769aed05870744a0266cf673a5 1806 libpam-krb5_4.9-1.dsc
915445fd492c8afde497090760035043edba44660d1c53ce8cb6477b0f80b6f3 424932 libpam-krb5_4.9.orig.tar.xz
17be307d8a5f5d709c166ff23e5b2bc5667f2f6f99bec22359a54bc3feb4e191 26168 libpam-krb5_4.9-1.debian.tar.xz
5fdf1bb87c2f05ffff5fb6186a8423d017375dd130ba9ea148be8e5f702adace 62868 libpam-heimdal-dbgsym_4.9-1_amd64.deb
68c0fa48d90661f9b2f03ec083a66ab0eea088ba9a6e795d48e01c0eb4e484e4 88744 libpam-heimdal_4.9-1_amd64.deb
ecf3ca57e43eb29c64aeb4423e42ebbd1fd2fe91f8dda278f982d76b9bbdd1ca 61396 libpam-krb5-dbgsym_4.9-1_amd64.deb
058a516a4b9cbfb4a2daa39e2490453778bea0185a0cfde2bccba3a9ca2bf782 7612 libpam-krb5_4.9-1_amd64.buildinfo
996e477badc1f171ba81ff79e8ce5758b3479a084370ba12ba753810fc85e3de 91924 libpam-krb5_4.9-1_amd64.deb
Files:
ea1ec32bbb04ccda253db3deb1c4c8fb 1806 admin optional libpam-krb5_4.9-1.dsc
97d9375dd6d5a5847b37a578003bf2c6 424932 admin optional libpam-krb5_4.9.orig.tar.xz
d09d5a8213e7babb225b521b1f7a455c 26168 admin optional libpam-krb5_4.9-1.debian.tar.xz
3b6b921df12210450100c5d3b5d4a753 62868 debug optional libpam-heimdal-dbgsym_4.9-1_amd64.deb
cfe86b0e4217adb2589cb30a5c0dbca6 88744 admin optional libpam-heimdal_4.9-1_amd64.deb
1e29e290282925eeeae2b963d7f216c3 61396 debug optional libpam-krb5-dbgsym_4.9-1_amd64.deb
9f6ca0ab67b27b3a296cb015d926cc4c 7612 admin optional libpam-krb5_4.9-1_amd64.buildinfo
9c2454bd9eb301f9fdb6e046eb6d7c5b 91924 admin optional libpam-krb5_4.9-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE1zk0tJZ0z1zNmsJ4fYAxXFc23nUFAl6CtSAACgkQfYAxXFc2
3nUtXggAvx9u0fksji5G6HaUEQ2LpDljBjjQfZSoulhvgfiUgkqKhwbBcsqJEZEw
LtxR9/sSRFyf3FMIn4IpI/kAOn8I4OCqhGbVuPPmFf43xAUVj4qgw+ScSOz4Ec1E
NXLNqdQRb4Qt7rrMbjWAToANii52sujxx5BikBH6axMTHTwH2s9Oewuq/OtHwNbR
TMcK2RyKs0rxlo15qJObtG/B6wLPJgDqDm8U8QWZ7ePrmyMXbFvX6N09wtFqMe2+
2ok+5BZr9+YScmI8LJ1ihtY28WmpPg+DV6EQhE1OC1oTmRLNM9NuoVlWYmE2fuAG
stWzwPKPrbdu4wnb253sr/5vIYih8w==
=Q4oQ
-----END PGP SIGNATURE-----