-
krb5 (1.20.1-1ubuntu0.1) lunar-security; urgency=medium
* SECURITY UPDATE: freeing of uninitialized memory
- debian/patches/CVE-2023-36054.patch: ensure array count consistency in
kadm5 RPC.
- CVE-2023-36054
-- Camila Camargo de Matos <email address hidden> Tue, 24 Oct 2023 14:00:59 -0300
-
krb5 (1.20.1-1build1) lunar; urgency=medium
* No-change rebuild against libldap-2
-- Steve Langasek <email address hidden> Thu, 15 Dec 2022 19:49:24 +0000
-
krb5 (1.20.1-1) unstable; urgency=high
[ Bastian Germann ]
* Sync debian/copyright with NOTICE from upstream
[ Debian Janitor ]
* Trim trailing whitespace.
* Strip unusual field spacing from debian/control.
* Use secure URI in Homepage field.
* Merge upstream signing key files.
* Update renamed lintian tag names in lintian overrides.
* Update standards version to 4.6.1, no changes needed.
* Remove field Section on binary package krb5-gss-samples that
duplicates source.
* Fix field name cases in debian/control (VCS-Browser => Vcs-Browser,
VCS-Git => Vcs-Git).
[ Sam Hartman ]
* New upstream release
- Integer overflows in PAC parsing; potentially critical for 32-bit
KDCs or when cross-realm acts maliciously; DOS in other conditions;
CVE-2022-42898, Closes: #1024267
* Tighten version dependencies around crypto library, Closes: 1020424
* krb5-user reccomends rather than Depends on krb5-config. This avoids
a hard dependency on bind9-host, but also supports cases where
krb5-config is externally managed, Closes: #1005821
-- Sam Hartman <email address hidden> Thu, 17 Nov 2022 10:34:28 -0700
-
krb5 (1.20-1) unstable; urgency=medium
* New Upstream Version
* Do not specify master key type to avoid weak crypto, Closes: #1009927
-- Sam Hartman <email address hidden> Fri, 22 Jul 2022 16:32:38 -0600
