Ubuntu
heimdal package

Change logs for heimdal source package in Mantic

  1. Mantic (23.10)
  2. Change log 
  • heimdal (7.8.git20221117.28daf24+dfsg-3ubuntu1) mantic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - d/rules: Disable lto, to regain dep on roken, otherwise
      dependencies on amd64 are different than i386 resulting in
      different files on amd64 and i386.

heimdal (7.8.git20221117.28daf24+dfsg-3) unstable; urgency=medium

  * Fix random "Ticket expired" and "Clock skew too great" errors by setting
    kdc_offset correctly. Closes: #1039992.

 -- Steve Langasek <email address hidden>  Tue, 18 Jul 2023 09:23:55 -0700
  • heimdal (7.8.git20221117.28daf24+dfsg-2ubuntu1) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - d/rules: Disable lto, to regain dep on roken, otherwise
      dependencies on amd64 are different than i386 resulting in
      different files on amd64 and i386.

heimdal (7.8.git20221117.28daf24+dfsg-2) unstable; urgency=medium

  * Fix incorrect license of Debian files.
  * Fix deprecated dependancies.
  * gsskrb5: fix accidental logic inversions (CVE-2022-45142)
    (Closes: #1030849) - change applied from NMU version
    7.8.git20221117.28daf24+dfsg-1.1
  * Add ro.po file. Closes: #1031897.

 -- Steve Langasek <email address hidden>  Tue, 02 May 2023 09:56:10 +0200
  • heimdal (7.8.git20221117.28daf24+dfsg-1ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - d/rules: Disable lto, to regain dep on roken, otherwise
      dependencies on amd64 are different than i386 resulting in
      different files on amd64 and i386.
      (LP #1934936)

heimdal (7.8.git20221117.28daf24+dfsg-1) unstable; urgency=medium

  * New upstream release.

heimdal (7.8.git20221115.a6cf945+dfsg-3) unstable; urgency=medium

  * Source-only upload to enable migration to testingi (2nd attempt).

heimdal (7.8.git20221115.a6cf945+dfsg-2) unstable; urgency=medium

  * Source-only upload to enable migration to testing.

heimdal (7.8.git20221115.a6cf945+dfsg-1) unstable; urgency=medium

  * New upstream version.
  * Numerous security fixes (Closes: #1024187).
  * asn1: Invalid free in ASN.1 codec (CVE-2022-44640)
  * krb5: PAC parse integer overflows (CVE-2022-42898)
  * gsskrb5: Use constant-time memcmp() for arcfour unwrap (CVE-2022-3437)
  * gsskrb5: Use constant-time memcmp() in unwrap_des3() (CVE-2022-3437)
  * gsskrb5: Don't pass NULL pointers to memcpy() in DES unwrap
    (CVE-2022-3437)
  * gsskrb5: Avoid undefined behaviour in _gssapi_verify_pad()
    (CVE-2022-3437)
  * gsskrb5: Check the result of _gsskrb5_get_mech() (CVE-2022-3437)
  * gsskrb5: Check buffer length against overflow for DES{,3} unwrap
    (CVE-2022-3437)
  * gsskrb5: Check for overflow in _gsskrb5_get_mech() (CVE-2022-3437)
  * gsskrb5: Pass correct length to _gssapi_verify_pad() (CVE-2022-3437)
  * libhx509: Fix denial of service vulnerability (CVE-2022-41916)
  * spnego: send_reject when no mech selected (CVE-2021-44758)
  * Fix regression in _krb5_get_int64 on 32 bit systems.
    https://github.com/heimdal/heimdal/pull/1025
  * Increment soname for libroken.
  * Increment soname for libhcrypto.
  * Remove legacy shared library version requirements.
  * Add symbols to libkadm5srv8.

 -- Steve Langasek <email address hidden>  Tue, 24 Jan 2023 19:14:54 -0800