Your message dated Wed, 15 May 2013 01:32:51 +0000
with message-id <e1ucqaj-0004dz...@franck.debian.org>
and subject line Bug#708267: fixed in krb5 1.10.1+dfsg-6
has caused the Debian Bug report #708267,
regarding cve-2002-2443: kpasswd udp ping-pong
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
708267: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708267
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: krb5-admin-server
Version: 1.10.1+dfsg-5
Owner: ka...@mit.edu
Upstream has fixed CVE-2002-2443 in their git master, with the following
commit message:
Fix kpasswd UDP ping-pong [CVE-2002-2443]
The kpasswd service provided by kadmind was vulnerable to a UDP
"ping-pong" attack [CVE-2002-2443]. Don't respond to packets unless
they pass some basic validation, and don't respond to our own error
packets.
Some authors use CVE-1999-0103 to refer to the kpasswd UDP ping-pong
attack or UDP ping-pong attacks in general, but there is discussion
leading toward narrowing the definition of CVE-1999-0103 to the echo,
chargen, or other similar built-in inetd services.
Thanks to Vincent Danen for alerting us to this issue.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:P/RL:O/RC:C
--- End Message ---
--- Begin Message ---
Source: krb5
Source-Version: 1.10.1+dfsg-6
We believe that the bug you reported is fixed in the latest version of
krb5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 708...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sam Hartman <hartm...@debian.org> (supplier of updated krb5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 14 May 2013 20:57:06 -0400
Source: krb5
Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev
libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2
libgssrpc4 libkadm5srv-mit8 libkadm5clnt-mit8 libk5crypto3 libkdb5-6
libkrb5support0 krb5-gss-samples krb5-locales
Architecture: source all amd64
Version: 1.10.1+dfsg-6
Distribution: unstable
Urgency: high
Maintainer: Sam Hartman <hartm...@debian.org>
Changed-By: Sam Hartman <hartm...@debian.org>
Description:
krb5-admin-server - MIT Kerberos master server (kadmind)
krb5-doc - Documentation for MIT Kerberos
krb5-gss-samples - MIT Kerberos GSS Sample applications
krb5-kdc - MIT Kerberos key server (KDC)
krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
krb5-locales - Internationalization support for MIT Kerberos
krb5-multidev - Development files for MIT Kerberos without Heimdal conflict
krb5-pkinit - PKINIT plugin for MIT Kerberos
krb5-user - Basic programs to authenticate using MIT Kerberos
libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
libkadm5clnt-mit8 - MIT Kerberos runtime libraries - Administration Clients
libkadm5srv-mit8 - MIT Kerberos runtime libraries - KDC and Admin Server
libkdb5-6 - MIT Kerberos runtime libraries - Kerberos database
libkrb5-3 - MIT Kerberos runtime libraries
libkrb5-dbg - Debugging files for MIT Kerberos
libkrb5-dev - Headers and development libraries for MIT Kerberos
libkrb5support0 - MIT Kerberos runtime libraries - Support library
Closes: 708267
Changes:
krb5 (1.10.1+dfsg-6) unstable; urgency=high
.
* Fix UDP ping-pong in kpasswd server [CVE-2002-2443], Closes: #708267
Checksums-Sha1:
eedbc5e4bf22db680eb02b9838567625dced10c3 2287 krb5_1.10.1+dfsg-6.dsc
4bd76c9c044d6939b87035daed4de0a427a19e01 135963
krb5_1.10.1+dfsg-6.debian.tar.gz
3b1bf40aed3a81e42f001fe87444dafe87043c9c 2668700 krb5-doc_1.10.1+dfsg-6_all.deb
e27a6a42fc728d528fdb1f3d1c2189f2b71550e5 1502350
krb5-locales_1.10.1+dfsg-6_all.deb
cdfcbe90d95577887940e41d90d40ac1de70fd6f 153660
krb5-user_1.10.1+dfsg-6_amd64.deb
b4575b790dcc818d7a0ed9d3133bb9a0c789842b 224546
krb5-kdc_1.10.1+dfsg-6_amd64.deb
df571352978cc9f32d28969ba02f6b104c8df9c4 120034
krb5-kdc-ldap_1.10.1+dfsg-6_amd64.deb
0fbbcc0c4e1bc3fdc31ba5edcf03c90205fe4c3f 121788
krb5-admin-server_1.10.1+dfsg-6_amd64.deb
ee8d1c125d5cab680c0b52258217aaa9cf8b5365 153476
krb5-multidev_1.10.1+dfsg-6_amd64.deb
1d1d8f848c8207ac3aa5b47154297ce358a9e062 39810
libkrb5-dev_1.10.1+dfsg-6_amd64.deb
b17d565f4375d501e8b64f92408475c744a3e2a6 2203638
libkrb5-dbg_1.10.1+dfsg-6_amd64.deb
632f23315aed4934a737444623be1088b07cfcc6 82108
krb5-pkinit_1.10.1+dfsg-6_amd64.deb
b280f0526056bc045ae94a39b5e237bd99e9814e 393890
libkrb5-3_1.10.1+dfsg-6_amd64.deb
dc75504745b329784d187cf3794bc198a01edb82 147966
libgssapi-krb5-2_1.10.1+dfsg-6_amd64.deb
78e3ad78904e9a850ce279dde7c7a62fa8cd0035 87732
libgssrpc4_1.10.1+dfsg-6_amd64.deb
8b3a4d6a8c7911e52c2bd6a371835fb6610dd403 84880
libkadm5srv-mit8_1.10.1+dfsg-6_amd64.deb
3523589d0e0dd941de29bf076ed197e420a6aa66 67912
libkadm5clnt-mit8_1.10.1+dfsg-6_amd64.deb
d31202171fdce45dd4245a8a8b6da9e41c08f797 112266
libk5crypto3_1.10.1+dfsg-6_amd64.deb
867651e1c16f3e821551c3d8d695137eb83bde0f 66810
libkdb5-6_1.10.1+dfsg-6_amd64.deb
5b2f20c424081ae7224c403de01339f04fb3d2e7 49536
libkrb5support0_1.10.1+dfsg-6_amd64.deb
5c168a7a53d121690ef3feb867ed11dc8d4d128f 51822
krb5-gss-samples_1.10.1+dfsg-6_amd64.deb
Checksums-Sha256:
e21832327bba2ec61a45746467893e9745d67c4893982d383d472f6755e85793 2287
krb5_1.10.1+dfsg-6.dsc
2366e95eec6441cb89fce6b5d4e287ebe9ec78969b65682186a3ba4c3753ecac 135963
krb5_1.10.1+dfsg-6.debian.tar.gz
79c669491a713964b8b6efb5cd335a05db4d5b234705099417d70210d0214d7b 2668700
krb5-doc_1.10.1+dfsg-6_all.deb
41bcb71cd87b6f56d30afbbeac86e80fc8b00d3ab1f676a29a6d8e5770c95142 1502350
krb5-locales_1.10.1+dfsg-6_all.deb
a9aaf01dbd8ba156626955d3d975f596b125f73e4e5f406762f2205d6cf97357 153660
krb5-user_1.10.1+dfsg-6_amd64.deb
736c58802f9f769d6c0452de6f12bb55e2fe07724b0a33638670419d51da96a8 224546
krb5-kdc_1.10.1+dfsg-6_amd64.deb
4c95bd7ea5ed2fb560062b57391b33586ea405b5da58e7aef9b737fd2c3aa064 120034
krb5-kdc-ldap_1.10.1+dfsg-6_amd64.deb
1cfd563205d65097447572009159c3525abd471ce033f8ca4ca92a811b92cd63 121788
krb5-admin-server_1.10.1+dfsg-6_amd64.deb
900a09a4f3772a5ca3d79ac8ae3392099f60cb3dc0ca2d6459209861fc49f64e 153476
krb5-multidev_1.10.1+dfsg-6_amd64.deb
2e4243fe9ba97f0a7453a79f4ef11712d5324cf594138057eb04c48ebd534f63 39810
libkrb5-dev_1.10.1+dfsg-6_amd64.deb
d6cafad7454ffb2fab367db9977a5b453e1adf0551ebda50682ea721b03861a5 2203638
libkrb5-dbg_1.10.1+dfsg-6_amd64.deb
a7d52de9c361abec1057bcb5530c8a11b77fbecedb17a378fe9da4713c49fea0 82108
krb5-pkinit_1.10.1+dfsg-6_amd64.deb
0386b2a9a3f5046f22df995c88517c413dea9ef791b71d664773199de0a12fc4 393890
libkrb5-3_1.10.1+dfsg-6_amd64.deb
244cc694f5a74f697deb860adf8faf97b00bac9b1a70c386c46a6c6004eb94ad 147966
libgssapi-krb5-2_1.10.1+dfsg-6_amd64.deb
8df051325bcaa636544b6ac65ca29e72413c0baa16757502e91de55ed5661468 87732
libgssrpc4_1.10.1+dfsg-6_amd64.deb
1526013385f4d551a2040cf1ac36d9005d044780b4eb7a24269451650181af50 84880
libkadm5srv-mit8_1.10.1+dfsg-6_amd64.deb
3ac75ac957c21ac1c2a9682d3486fd6caa513e20ae59ddaed2a1c6c8a9abaeb3 67912
libkadm5clnt-mit8_1.10.1+dfsg-6_amd64.deb
5d52ab1b1cf76be15a2aafd45a596f47407954c80762c76584dcb6ad9119c413 112266
libk5crypto3_1.10.1+dfsg-6_amd64.deb
130c178bcebd9aa35dfc2c6ae7b2c7ab9328d3dec5dd60faa6f2af2466d49eac 66810
libkdb5-6_1.10.1+dfsg-6_amd64.deb
8d388a99b640e348395070fda81c805a3574fd7eae868305adb08033d5bdf974 49536
libkrb5support0_1.10.1+dfsg-6_amd64.deb
2b3ab3d8c8fb6f08c6c2e077c1956497596cc8ce9ffa9ba18b0b49df6f163c4a 51822
krb5-gss-samples_1.10.1+dfsg-6_amd64.deb
Files:
bcebac059e9cd12e5c3b54c7c34f414d 2287 net standard krb5_1.10.1+dfsg-6.dsc
a695891f41f4a5d8e00531566f706144 135963 net standard
krb5_1.10.1+dfsg-6.debian.tar.gz
5525b136e7508dfa0ddd95c1816485ac 2668700 doc optional
krb5-doc_1.10.1+dfsg-6_all.deb
1d1102231b7fb5e45b55ea9856c1fce1 1502350 localization standard
krb5-locales_1.10.1+dfsg-6_all.deb
82966245a5d7f9544bed6931e13a43e2 153660 net optional
krb5-user_1.10.1+dfsg-6_amd64.deb
e26997477ec70c386e32bbf223f38d6c 224546 net optional
krb5-kdc_1.10.1+dfsg-6_amd64.deb
7cf6b04a84a416a05dad56d8e8015d42 120034 net extra
krb5-kdc-ldap_1.10.1+dfsg-6_amd64.deb
4c243dc5e1feada08bc2cd170a4aec45 121788 net optional
krb5-admin-server_1.10.1+dfsg-6_amd64.deb
3d74699d883bc18c175d7d91771c146a 153476 libdevel optional
krb5-multidev_1.10.1+dfsg-6_amd64.deb
3fd7436516a038eed4bba80f99ae8c50 39810 libdevel extra
libkrb5-dev_1.10.1+dfsg-6_amd64.deb
cb0b6f6f774626046833b8fa0b523a25 2203638 debug extra
libkrb5-dbg_1.10.1+dfsg-6_amd64.deb
0177fbdd5507961f509d0e2e438bc6c8 82108 net extra
krb5-pkinit_1.10.1+dfsg-6_amd64.deb
85478b6655fce98af5f962a395e1a9fd 393890 libs standard
libkrb5-3_1.10.1+dfsg-6_amd64.deb
38dc12e26863194b8adfbd6b7f0e01c5 147966 libs standard
libgssapi-krb5-2_1.10.1+dfsg-6_amd64.deb
cf2ca79135ea3bf0ea3955e7ed3f0465 87732 libs standard
libgssrpc4_1.10.1+dfsg-6_amd64.deb
2381add7770dc8a527fc623d6376a250 84880 libs standard
libkadm5srv-mit8_1.10.1+dfsg-6_amd64.deb
df3b7c595648fdd85e485e5887716008 67912 libs standard
libkadm5clnt-mit8_1.10.1+dfsg-6_amd64.deb
0b459294b8392aeae6474240dec46511 112266 libs standard
libk5crypto3_1.10.1+dfsg-6_amd64.deb
0f8688ea0be7bd01d4e2a77742a49859 66810 libs standard
libkdb5-6_1.10.1+dfsg-6_amd64.deb
29385b08ca06bfd6df6f550656695bce 49536 libs standard
libkrb5support0_1.10.1+dfsg-6_amd64.deb
ac5c7be2e4643b13d4f1c084fb5e1f21 51822 net extra
krb5-gss-samples_1.10.1+dfsg-6_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGS4LQACgkQ/I12czyGJg/gIwCfVnVufcirzqb2vuVc0m/1CEMR
5VEAn0RPgxQ36j41+H22tMiCJ/JuZ9Cp
=AueI
-----END PGP SIGNATURE-----
--- End Message ---
