Your message dated Mon, 14 Jul 2014 05:04:17 +0000
with message-id <[email protected]>
and subject line Bug#753624: fixed in krb5 1.12.1+dfsg-4
has caused the Debian Bug report #753624,
regarding CVE-2014-4341 in krb5: insufficient validation processing rfc 1964
tokens
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
753624: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753624
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libgssapi-krb5-2
Version: 1.8.3+dfsg-4squeeze7
Upstream has committed a fix for CVE-2014-4341 to their git repo; we
should take it as well, and probably push it back into the -security repos
for stable and co.
I'm still digging out from an email backlog from my vacation, but should
be able to take a look in a few days if no one beats me to it.
-Ben
--- End Message ---
--- Begin Message ---
Source: krb5
Source-Version: 1.12.1+dfsg-4
We believe that the bug you reported is fixed in the latest version of
krb5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Benjamin Kaduk <[email protected]> (supplier of updated krb5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 11 Jul 2014 13:43:19 -0400
Source: krb5
Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev
libkrb5-dev libkrb5-dbg krb5-pkinit krb5-otp krb5-doc libkrb5-3
libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit9 libkadm5clnt-mit9 libk5crypto3
libkdb5-7 libkrb5support0 libkrad0 krb5-gss-samples krb5-locales libkrad-dev
Architecture: source all amd64
Version: 1.12.1+dfsg-4
Distribution: unstable
Urgency: high
Maintainer: Sam Hartman <[email protected]>
Changed-By: Benjamin Kaduk <[email protected]>
Description:
krb5-admin-server - MIT Kerberos master server (kadmind)
krb5-doc - Documentation for MIT Kerberos
krb5-gss-samples - MIT Kerberos GSS Sample applications
krb5-kdc - MIT Kerberos key server (KDC)
krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
krb5-locales - Internationalization support for MIT Kerberos
krb5-multidev - Development files for MIT Kerberos without Heimdal conflict
krb5-otp - OTP plugin for MIT Kerberos
krb5-pkinit - PKINIT plugin for MIT Kerberos
krb5-user - Basic programs to authenticate using MIT Kerberos
libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
libkadm5clnt-mit9 - MIT Kerberos runtime libraries - Administration Clients
libkadm5srv-mit9 - MIT Kerberos runtime libraries - KDC and Admin Server
libkdb5-7 - MIT Kerberos runtime libraries - Kerberos database
libkrad-dev - MIT Kerberos RADIUS Library Development
libkrad0 - MIT Kerberos runtime libraries - RADIUS library
libkrb5-3 - MIT Kerberos runtime libraries
libkrb5-dbg - Debugging files for MIT Kerberos
libkrb5-dev - Headers and development libraries for MIT Kerberos
libkrb5support0 - MIT Kerberos runtime libraries - Support library
Closes: 753624 753625
Changes:
krb5 (1.12.1+dfsg-4) unstable; urgency=high
.
* Apply upstream patch for CVE-2014-4341, CVE-2014-4342, Closes: #753624,
Closes: #753625
Checksums-Sha1:
12c3a0230e278121df75864c0fbc302945a97117 3319 krb5_1.12.1+dfsg-4.dsc
a69f0afa3283cc33ce7e17bf4735692f27941c90 96504 krb5_1.12.1+dfsg-4.debian.tar.xz
b852af3e8bd74fe526422352159ad38338a6a5a3 4686002 krb5-doc_1.12.1+dfsg-4_all.deb
bb7ce98637c8d6f34bc953c721295e00fc6fe879 2647748
krb5-locales_1.12.1+dfsg-4_all.deb
abc18d821757322fcdd360e2a7d3a3986b65a7c4 135366
krb5-user_1.12.1+dfsg-4_amd64.deb
70d1501a3e02f75b4d9614191fd2506b2290f63e 205226
krb5-kdc_1.12.1+dfsg-4_amd64.deb
f77ff12800f809b4d17d247782b541b0c5f9fc27 108648
krb5-kdc-ldap_1.12.1+dfsg-4_amd64.deb
44f763a07b2d440de98e40785248b96209c85876 114242
krb5-admin-server_1.12.1+dfsg-4_amd64.deb
c2da8b120f1d8d7c64f532782f47bebe9f684bc4 140532
krb5-multidev_1.12.1+dfsg-4_amd64.deb
0a1735f59a4f1602aaf2eade7823d8df9d2fd298 43786
libkrb5-dev_1.12.1+dfsg-4_amd64.deb
fc3b832e797147711dc04fa50923ea7b60d9972c 1406904
libkrb5-dbg_1.12.1+dfsg-4_amd64.deb
ef6c14ca713ad5fc29544193a657a8452c026055 81472
krb5-pkinit_1.12.1+dfsg-4_amd64.deb
23cf4560fe89deac7d33abc078321724ec05e424 46388 krb5-otp_1.12.1+dfsg-4_amd64.deb
d9b30012f0ea4536cf94e6c643a8e7d9d350fa6a 297922
libkrb5-3_1.12.1+dfsg-4_amd64.deb
3f4430f54af73b31b2d0d598b5ea801d5f211a6e 147070
libgssapi-krb5-2_1.12.1+dfsg-4_amd64.deb
cf8cf1cdcf0500368c9d1264e905510eaf32aeef 84196
libgssrpc4_1.12.1+dfsg-4_amd64.deb
d1b6bdb41ee25461b98d9582a1270000a0fa7a56 80480
libkadm5srv-mit9_1.12.1+dfsg-4_amd64.deb
144e68bbe8ad6f7e48f48062875d232451beb12b 66182
libkadm5clnt-mit9_1.12.1+dfsg-4_amd64.deb
9f431abe8a0561c319f2d6ff90d4f1d2dac89226 111448
libk5crypto3_1.12.1+dfsg-4_amd64.deb
cece2e9987bee6ecc5c39a59313776989faf33ec 66166
libkdb5-7_1.12.1+dfsg-4_amd64.deb
c14dff62274f80086b96ce4aedb84c3600abd9a4 57034
libkrb5support0_1.12.1+dfsg-4_amd64.deb
3874e3fe8fb2ed293747771a9f65bc8b21552527 50858 libkrad0_1.12.1+dfsg-4_amd64.deb
dad544ec712474cf87b1423778d0a08642c30ce7 54198
krb5-gss-samples_1.12.1+dfsg-4_amd64.deb
ca5fdc233256d25fc09aa53493935512411e0021 41298
libkrad-dev_1.12.1+dfsg-4_amd64.deb
Checksums-Sha256:
6e8c30a176115fce5496d3f4b6af8d3275c8f2b27ef0b4bfbacddb223fccfb40 3319
krb5_1.12.1+dfsg-4.dsc
7468621ddceade3a83d1d781f1959268d52eae97b042bfb30a233922020e8e0b 96504
krb5_1.12.1+dfsg-4.debian.tar.xz
98c7179e5bb089495b2b9558eb8196972e852975cb0844973dada9c50beb688f 4686002
krb5-doc_1.12.1+dfsg-4_all.deb
35ccedd28263688bd3bbdf14d1a767cce7ede32c56e678ee56c5c66011191bd0 2647748
krb5-locales_1.12.1+dfsg-4_all.deb
46ec52a13c5a8a7ec382b3e2169c947470c71600c19cf290a0a03cb82877a2bc 135366
krb5-user_1.12.1+dfsg-4_amd64.deb
bbefa58af5e2d12458218f8b34a5762c1845a98333b8f6df2e277977e8efb22a 205226
krb5-kdc_1.12.1+dfsg-4_amd64.deb
256fc87a81d2a4de3f1ff13470f55f9b0f804ea962791fc13d8232b2e920a49c 108648
krb5-kdc-ldap_1.12.1+dfsg-4_amd64.deb
ae023b7ba206676b6cc9778ca2bcea1eac63dea77638d1cda4e4e4b70a155ba9 114242
krb5-admin-server_1.12.1+dfsg-4_amd64.deb
5fa70c92754d565763f45f398e7f6072f03da271db8628ed93a52fdb44cc6877 140532
krb5-multidev_1.12.1+dfsg-4_amd64.deb
00e86149063e878228d1690ff5357357da3660fe1b3e5f6263c2668b0f7310a9 43786
libkrb5-dev_1.12.1+dfsg-4_amd64.deb
829c9a570465e2aeb8f59c5a1cd5b034675aa5e850e711bd50b466cf55d631c8 1406904
libkrb5-dbg_1.12.1+dfsg-4_amd64.deb
145c45ed2d5e59b4cb3560002bb53a0d1a67f33db29c49fd25f19fa134941588 81472
krb5-pkinit_1.12.1+dfsg-4_amd64.deb
b519b0c1ee2b8ac2c3850962229c1f89746e52dae29139a91840948d98554cde 46388
krb5-otp_1.12.1+dfsg-4_amd64.deb
5ccbb1f423b9c1c862059afc8776ce268f4348e4dc800e9060bcf64ec13c75c4 297922
libkrb5-3_1.12.1+dfsg-4_amd64.deb
f8bdcc6dcaf1005d7b654db3a59070d6d1bd3f051fc9c2311a2c23c503a9f3f2 147070
libgssapi-krb5-2_1.12.1+dfsg-4_amd64.deb
47ac338a959aaa68185943d5f62aac988db21f3337a9af130289c15b185a9b35 84196
libgssrpc4_1.12.1+dfsg-4_amd64.deb
243e40bc64b352d3478b72013c889f08d0630bd5b0e6ae862c1294f6314c7775 80480
libkadm5srv-mit9_1.12.1+dfsg-4_amd64.deb
d8dddd1a0f91a563b71247b348a64f47bb679de5ab9f0707b568fb3412d21543 66182
libkadm5clnt-mit9_1.12.1+dfsg-4_amd64.deb
72ecd89770f69b4c214287f0bcced7d2cb5dfb540cf27751f541a4d36eb5fddc 111448
libk5crypto3_1.12.1+dfsg-4_amd64.deb
f1b9cf0770620e8bc32cba5fa49282eb3cb60ef593d41c5dde25a76e3e9b9085 66166
libkdb5-7_1.12.1+dfsg-4_amd64.deb
9c545fe493c70e30656aef7393da966293a13e223411a267cfc84e7de7a377e1 57034
libkrb5support0_1.12.1+dfsg-4_amd64.deb
04085fff428880de7f7cc03f0cd85eea6dfed5851299c68eece7e5342e0251b4 50858
libkrad0_1.12.1+dfsg-4_amd64.deb
0602fe221f2b3df719dfeebc256a7db94473fd3b29d15da461175ca247c82457 54198
krb5-gss-samples_1.12.1+dfsg-4_amd64.deb
53c91f9c7e50a80f0315dcff59cce6aec2e8131e9dad45b56432cfa0edb87128 41298
libkrad-dev_1.12.1+dfsg-4_amd64.deb
Files:
1891d9ec8c8cbe8bae6fa35c359762e3 4686002 doc optional
krb5-doc_1.12.1+dfsg-4_all.deb
784941f85eb90ea09233f2c52f3cd8b8 2647748 localization standard
krb5-locales_1.12.1+dfsg-4_all.deb
a03ea1ac3f25f59c137c4e78f98dba34 135366 net optional
krb5-user_1.12.1+dfsg-4_amd64.deb
a34434a0fd1d408e9af96a4ab4c9f8e2 205226 net optional
krb5-kdc_1.12.1+dfsg-4_amd64.deb
7818bb6af88aa5c3cb89612eaf430c15 108648 net extra
krb5-kdc-ldap_1.12.1+dfsg-4_amd64.deb
424d387483c6abaccb874a9b4bfda0f8 114242 net optional
krb5-admin-server_1.12.1+dfsg-4_amd64.deb
531d713b5a2b43ef192d69433c731877 140532 libdevel optional
krb5-multidev_1.12.1+dfsg-4_amd64.deb
98db7829489c2a13819ead4af9f3a6e3 43786 libdevel extra
libkrb5-dev_1.12.1+dfsg-4_amd64.deb
2a28649482d06f1e1bab74a983b40c86 1406904 debug extra
libkrb5-dbg_1.12.1+dfsg-4_amd64.deb
0dc9506544c88dc1874e9cade7cfb2e2 81472 net extra
krb5-pkinit_1.12.1+dfsg-4_amd64.deb
78a3876d83301ac8926e367b7a13d5d6 46388 net extra
krb5-otp_1.12.1+dfsg-4_amd64.deb
08bb9a92f142ca4f065cfe031486ef12 297922 libs standard
libkrb5-3_1.12.1+dfsg-4_amd64.deb
cd732f01e23005392bdc16d171d955e1 147070 libs standard
libgssapi-krb5-2_1.12.1+dfsg-4_amd64.deb
d8f093d2269235bbe81067588aa3375a 84196 libs standard
libgssrpc4_1.12.1+dfsg-4_amd64.deb
96a394734702093e66e95769fa3735b6 80480 libs standard
libkadm5srv-mit9_1.12.1+dfsg-4_amd64.deb
123786a9b9c0e44f6d173150cb806609 66182 libs standard
libkadm5clnt-mit9_1.12.1+dfsg-4_amd64.deb
83c8056dbcb3d7bf5b66423bd2e58b3c 111448 libs standard
libk5crypto3_1.12.1+dfsg-4_amd64.deb
1a318d406c2a2ad86703f9f3147f7280 66166 libs standard
libkdb5-7_1.12.1+dfsg-4_amd64.deb
2fe0c239ac1361f31d48bc051db42ab5 57034 libs standard
libkrb5support0_1.12.1+dfsg-4_amd64.deb
8b903605a3a20b42ca616feb0cc487a3 50858 libs standard
libkrad0_1.12.1+dfsg-4_amd64.deb
acbed64b2da6a584d90e3011971707e1 54198 net extra
krb5-gss-samples_1.12.1+dfsg-4_amd64.deb
311cdaefa10892069ea35af267153657 41298 libdevel extra
libkrad-dev_1.12.1+dfsg-4_amd64.deb
8c288f617cc8baf3e81be9d275f3d9f1 3319 net standard krb5_1.12.1+dfsg-4.dsc
7f80a73d14ef2a7533cf049e6b764bfe 96504 net standard
krb5_1.12.1+dfsg-4.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJTw2IvAAoJELItdz86KScodKMP/jBbAOEtVspcr3IFdyKKAWOP
zMNIUFUdtM21WB1CD0Oo4qQriVivRNJ1Nt/zZIteUqtVPrcg1DJKsLwExxjaL0c7
ZWBL2FJKZ9fRAQENxk5WTbN+pEfsYDczRUnOCmxLGLaASg++zbKh3zu5N4Nn/GTz
gX7rJDfxC7DYP0Luoxc/fh3PUinyoEZJ6xuYTJp1IigAkwoUsKcoh7B481xsTtRh
a7row0z1d/2QJkKRgwp/jeb2XRbYmVdOkdJYHG0BBy42wOszbgex358qxwx1G8qu
0D2HAjSWdkKxVQxCz8JB/LXFwgT375CMQQr4F3otZZTP0tI77GT9Ul+nZ26gJjGr
KmeNWapYFj5qF/1UlL/B40vAFLXFx+HO5SGVAY1RygeqRe89SQxlpwgGPO/9pdll
0eaGS6VdYV18FTtB1UM6EB7+pHIb08NGVRlwfg9QQ83Enxp78cELJp9RUaq56+iW
Dc3kfJkhroeESjsZsS47r+CWW6YkHUSXP8WOLeAroRP+EuL+WZnzFRXkV2xF1NF6
KYFR8pZxVa/RF8TUsM7tuf6IWOuTu19miHO+SVBBPxW8wh5EpQqaIjLIfX0yteyd
gtff+wmpZ0OZpmH3EHOp1PhRxHsYruP2RNfrlciiARRshd9mEbanRRuzhDejdoOq
PiOk/5V/Y+eluA1TiIKx
=beO7
-----END PGP SIGNATURE-----
--- End Message ---
