Your message dated Wed, 08 Jun 2011 01:54:38 +0000
with message-id <e1qu7yg-00087m...@franck.debian.org>
and subject line Bug#618517: fixed in krb5 1.8.3+dfsg-4squeeze1
has caused the Debian Bug report #618517,
regarding krb5: CVE-2011-0284 kdc double-free
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
618517: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618517
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: krb5
version: 1.8.3+dfsg-4
severity: serious
tags: security
an new security advisory for krb5 has been issued:
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt
--- End Message ---
--- Begin Message ---
Source: krb5
Source-Version: 1.8.3+dfsg-4squeeze1
We believe that the bug you reported is fixed in the latest version of
krb5, which is due to be installed in the Debian FTP archive:
krb5-admin-server_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/krb5-admin-server_1.8.3+dfsg-4squeeze1_amd64.deb
krb5-doc_1.8.3+dfsg-4squeeze1_all.deb
to main/k/krb5/krb5-doc_1.8.3+dfsg-4squeeze1_all.deb
krb5-kdc-ldap_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/krb5-kdc-ldap_1.8.3+dfsg-4squeeze1_amd64.deb
krb5-kdc_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/krb5-kdc_1.8.3+dfsg-4squeeze1_amd64.deb
krb5-multidev_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/krb5-multidev_1.8.3+dfsg-4squeeze1_amd64.deb
krb5-pkinit_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/krb5-pkinit_1.8.3+dfsg-4squeeze1_amd64.deb
krb5-user_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/krb5-user_1.8.3+dfsg-4squeeze1_amd64.deb
krb5_1.8.3+dfsg-4squeeze1.diff.gz
to main/k/krb5/krb5_1.8.3+dfsg-4squeeze1.diff.gz
krb5_1.8.3+dfsg-4squeeze1.dsc
to main/k/krb5/krb5_1.8.3+dfsg-4squeeze1.dsc
libgssapi-krb5-2_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libgssapi-krb5-2_1.8.3+dfsg-4squeeze1_amd64.deb
libgssrpc4_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libgssrpc4_1.8.3+dfsg-4squeeze1_amd64.deb
libk5crypto3_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libk5crypto3_1.8.3+dfsg-4squeeze1_amd64.deb
libkadm5clnt-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libkadm5clnt-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
libkadm5srv-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libkadm5srv-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
libkdb5-4_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libkdb5-4_1.8.3+dfsg-4squeeze1_amd64.deb
libkrb5-3_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libkrb5-3_1.8.3+dfsg-4squeeze1_amd64.deb
libkrb5-dbg_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libkrb5-dbg_1.8.3+dfsg-4squeeze1_amd64.deb
libkrb5-dev_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libkrb5-dev_1.8.3+dfsg-4squeeze1_amd64.deb
libkrb53_1.8.3+dfsg-4squeeze1_all.deb
to main/k/krb5/libkrb53_1.8.3+dfsg-4squeeze1_all.deb
libkrb5support0_1.8.3+dfsg-4squeeze1_amd64.deb
to main/k/krb5/libkrb5support0_1.8.3+dfsg-4squeeze1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 618...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sam Hartman <hartm...@debian.org> (supplier of updated krb5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 02 Jun 2011 13:14:03 -0400
Source: krb5
Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev
libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2
libgssrpc4 libkadm5srv-mit7 libkadm5clnt-mit7 libk5crypto3 libkdb5-4
libkrb5support0 libkrb53
Architecture: source all amd64
Version: 1.8.3+dfsg-4squeeze1
Distribution: stable
Urgency: low
Maintainer: Sam Hartman <hartm...@debian.org>
Changed-By: Sam Hartman <hartm...@debian.org>
Description:
krb5-admin-server - MIT Kerberos master server (kadmind)
krb5-doc - Documentation for MIT Kerberos
krb5-kdc - MIT Kerberos key server (KDC)
krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
krb5-multidev - Development files for MIT Kerberos without Heimdal conflict
krb5-pkinit - PKINIT plugin for MIT Kerberos
krb5-user - Basic programs to authenticate using MIT Kerberos
libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
libkadm5clnt-mit7 - MIT Kerberos runtime libraries - Administration Clients
libkadm5srv-mit7 - MIT Kerberos runtime libraries - KDC and Admin Server
libkdb5-4 - MIT Kerberos runtime libraries - Kerberos database
libkrb5-3 - MIT Kerberos runtime libraries
libkrb5-dbg - Debugging files for MIT Kerberos
libkrb5-dev - Headers and development libraries for MIT Kerberos
libkrb53 - transitional package for MIT Kerberos libraries
libkrb5support0 - MIT Kerberos runtime libraries - Support library
Closes: 584282 611906 613487 616429 616728 618517 622681
Changes:
krb5 (1.8.3+dfsg-4squeeze1) stable; urgency=low
.
* Fix double free with pkinit on KDC, CVE-2011-0284, Closes: #618517
* Updated Danish debconf translations, thanks Joe Dalton, Closes:
#584282
* KDC/LDAP DOS (CVE-2010-4022, CVE-2011-0281, and CVE-2011-0282,
Closes: #613487
* Fix delegation of credentials against Windows servers; significant
interoperability issue, Closes: #611906
* Set nt-srv-inst on TGS names to work against W2K8R2 KDCs, Closes:
#616429
* Don't fail authentication when PAC verification fails; support hmac-
md5 checksums even for non-RC4 keys, Closes: #616728
* Port fix to upstream ticket 6899: fix invalid free in kadmind change
password case, Closes: #622681
Checksums-Sha1:
e365edbf5074a9ed77528bf9aade4a578207426b 1610 krb5_1.8.3+dfsg-4squeeze1.dsc
b2b9bc3225d687180bf2bf208894380cba43740e 105919
krb5_1.8.3+dfsg-4squeeze1.diff.gz
8e1403ed2baa677989a67245e73fe047038e3dd9 2253356
krb5-doc_1.8.3+dfsg-4squeeze1_all.deb
c78dcadcb98ca098c3cc34e00124a17ed79906bb 1373520
libkrb53_1.8.3+dfsg-4squeeze1_all.deb
85c3079d77351cad4a882721f9a4d8de5db00b76 139100
krb5-user_1.8.3+dfsg-4squeeze1_amd64.deb
e591007dae060dd83629f778566964d07f758dc9 220522
krb5-kdc_1.8.3+dfsg-4squeeze1_amd64.deb
f0896b03ee679836b53fd6698028e704e90f8a2c 118352
krb5-kdc-ldap_1.8.3+dfsg-4squeeze1_amd64.deb
f72a4a3868aa95c5212e502e361d2ed7e483a55e 114526
krb5-admin-server_1.8.3+dfsg-4squeeze1_amd64.deb
9f31d52b81a318949533b63619c717b0345ddda4 103340
krb5-multidev_1.8.3+dfsg-4squeeze1_amd64.deb
16d904d6ff8c251a37f876e55efa5b6a1db6be48 37328
libkrb5-dev_1.8.3+dfsg-4squeeze1_amd64.deb
b4705aa6dd50d79a5bf09c55c485b40aeb4f4d03 1629346
libkrb5-dbg_1.8.3+dfsg-4squeeze1_amd64.deb
e9dd8001f67b7aff8c636343a768bda831180d4e 78164
krb5-pkinit_1.8.3+dfsg-4squeeze1_amd64.deb
dae18c9ec215244325e5d14f481c51a553b4aa88 375018
libkrb5-3_1.8.3+dfsg-4squeeze1_amd64.deb
543b742bf318ddd0cb19e5430c1d0f8c793c9759 130600
libgssapi-krb5-2_1.8.3+dfsg-4squeeze1_amd64.deb
7c42ffc9038fe998996a0285ad66d5fabcfda097 84016
libgssrpc4_1.8.3+dfsg-4squeeze1_amd64.deb
3edc3ebf11e5b268cb1189b9cdb9dd385a50e719 78568
libkadm5srv-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
9369b5921d3013ff2fb3147b7357281922399e7e 64094
libkadm5clnt-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
833545785266e85abf52916c519005f38c555c8d 106066
libk5crypto3_1.8.3+dfsg-4squeeze1_amd64.deb
54ceac7a672753b55fee3a8c896d1d0d66d5a526 63570
libkdb5-4_1.8.3+dfsg-4squeeze1_amd64.deb
328bfb823dae9ee5b6c34f2e34d5491a47fffe73 45810
libkrb5support0_1.8.3+dfsg-4squeeze1_amd64.deb
Checksums-Sha256:
cf491b4ffdd52f299298f79a7e296656f7a65eacd497f26609caabe06c58ad26 1610
krb5_1.8.3+dfsg-4squeeze1.dsc
3278d5ded7dfa5a4241952303bece47daca68bb7c0316d3208d0cc8902d4131f 105919
krb5_1.8.3+dfsg-4squeeze1.diff.gz
94fb3d1f70c871d77f124b49df3df9e4f3e3d1a23d58397b71efcb1051dad3a3 2253356
krb5-doc_1.8.3+dfsg-4squeeze1_all.deb
2b11a858255cc66f5d34d7b324ad2cbbe2be2ee6d83b6aa2be7af87bbde28a67 1373520
libkrb53_1.8.3+dfsg-4squeeze1_all.deb
f50b915a0114906c8e0cee9164885e34fe84c6be22aade1f1f5800dbe905198a 139100
krb5-user_1.8.3+dfsg-4squeeze1_amd64.deb
869a6d04124095c94d19ea99dd5e7bbdb5399ade2a534ac881853c2e0bd157f5 220522
krb5-kdc_1.8.3+dfsg-4squeeze1_amd64.deb
af705977cf71ddefd12aa5d2bb4b1223affd6c239109b6147885bed5d884420d 118352
krb5-kdc-ldap_1.8.3+dfsg-4squeeze1_amd64.deb
7f8e378cbcd48973d3520b18d1def8dbf0329499a54dfc1504b8ae63d2f2fea4 114526
krb5-admin-server_1.8.3+dfsg-4squeeze1_amd64.deb
8f6ea2aab9d82b5b644f0292f671ef3d37a8085ac91171b0ec0531bc4294e065 103340
krb5-multidev_1.8.3+dfsg-4squeeze1_amd64.deb
4bfe70488aae25186cb960b1ea9676c24ccf9c618a7fa2d75af00cc7b3bdc12c 37328
libkrb5-dev_1.8.3+dfsg-4squeeze1_amd64.deb
2c593aa9177933533d4c91539556a5eccf8c5d0d3bdaa559f3e911a463ae3563 1629346
libkrb5-dbg_1.8.3+dfsg-4squeeze1_amd64.deb
b41948b59a8f8c5acf0cd4c7d253c67fa073d4864bee82da61edf2977ec833ff 78164
krb5-pkinit_1.8.3+dfsg-4squeeze1_amd64.deb
f672866b2d9c1a6922236116a808600ac4b82543fb0379cc799311b8d3a6cc0f 375018
libkrb5-3_1.8.3+dfsg-4squeeze1_amd64.deb
b5e4d2e33d84f718050a024bdd06b59df2297824b79e5c05052065a9524912a8 130600
libgssapi-krb5-2_1.8.3+dfsg-4squeeze1_amd64.deb
67b66784852744578477724edea8e924e8faae81f2111777753fa6578870cf87 84016
libgssrpc4_1.8.3+dfsg-4squeeze1_amd64.deb
48d2406537b1d6027cc1fd9580c4ad384c51ea436fb5678516d6ee68ffa9927b 78568
libkadm5srv-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
5050abac0958afae13fc5d300512b0d684f9b5895e292f39e4a87ac3320cb12e 64094
libkadm5clnt-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
d5410484c7d7984e3c8a34af3d80beb95d01e366589df676cce25eb97d965003 106066
libk5crypto3_1.8.3+dfsg-4squeeze1_amd64.deb
df42dd9f6a02cd5d5dfbb8d233af1b1e2a7d7d03a00ed49f4eb347b31f42d4b2 63570
libkdb5-4_1.8.3+dfsg-4squeeze1_amd64.deb
4e98655e36d6bfa1768e5f85e0632fc9e9f714ca0c6d65311b579150fcddd34e 45810
libkrb5support0_1.8.3+dfsg-4squeeze1_amd64.deb
Files:
3c431c531b8426f1d48ad8f419209f57 1610 net standard
krb5_1.8.3+dfsg-4squeeze1.dsc
a2019a80103362ddd8044f42d9b8f3bf 105919 net standard
krb5_1.8.3+dfsg-4squeeze1.diff.gz
b0137d5452c726271dbd306f72fd2130 2253356 doc optional
krb5-doc_1.8.3+dfsg-4squeeze1_all.deb
69af33c86f32004ca9dc4d0f7f19c5bc 1373520 oldlibs extra
libkrb53_1.8.3+dfsg-4squeeze1_all.deb
604c112e735ce804494821b759e32e23 139100 net optional
krb5-user_1.8.3+dfsg-4squeeze1_amd64.deb
eb447f3979c7704f8f24e0f67acdf6a9 220522 net optional
krb5-kdc_1.8.3+dfsg-4squeeze1_amd64.deb
fb39a30a60465c8edf281665c1ba326d 118352 net extra
krb5-kdc-ldap_1.8.3+dfsg-4squeeze1_amd64.deb
cd51b343d0c5855208564bab19591e6d 114526 net optional
krb5-admin-server_1.8.3+dfsg-4squeeze1_amd64.deb
ce0e187d8aed0f9e7750fb68778d972f 103340 libdevel optional
krb5-multidev_1.8.3+dfsg-4squeeze1_amd64.deb
27dd07656be90d57062121c5f734bd93 37328 libdevel extra
libkrb5-dev_1.8.3+dfsg-4squeeze1_amd64.deb
4cfeabf8ff952b07733caa8585919546 1629346 debug extra
libkrb5-dbg_1.8.3+dfsg-4squeeze1_amd64.deb
41c74ae3e7eca73e62ecf17dd7226aab 78164 net extra
krb5-pkinit_1.8.3+dfsg-4squeeze1_amd64.deb
6a7c2b8db72b3032c58410a685642d8e 375018 libs standard
libkrb5-3_1.8.3+dfsg-4squeeze1_amd64.deb
77a2fab35ab1bf717b267818331e0f8c 130600 libs standard
libgssapi-krb5-2_1.8.3+dfsg-4squeeze1_amd64.deb
7625d2f7fe3cfb3379404fb1f7a91ebb 84016 libs standard
libgssrpc4_1.8.3+dfsg-4squeeze1_amd64.deb
b47cd3b359404b81ff6598b4772eff23 78568 libs standard
libkadm5srv-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
471bb350eb5c54b26fa81a55f5c3eb3f 64094 libs standard
libkadm5clnt-mit7_1.8.3+dfsg-4squeeze1_amd64.deb
1c1e3be738a4c36fc00966fc2645eebb 106066 libs standard
libk5crypto3_1.8.3+dfsg-4squeeze1_amd64.deb
70a8bbeeedc04351c4fcf23ddd08e13b 63570 libs standard
libkdb5-4_1.8.3+dfsg-4squeeze1_amd64.deb
f07a690fa90966096f163cff34f8992e 45810 libs standard
libkrb5support0_1.8.3+dfsg-4squeeze1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk3nzikACgkQ/I12czyGJg/ZaQCfakbKebrYpsv64ThAfNe659X3
V00AoM+FqyZYJZcPYEgZ6uNfZE8q0KM3
=AuUz
-----END PGP SIGNATURE-----
--- End Message ---
