control: tag -1 patch control: tag -1 pending Hi, I've uploaded an nmu fixing these two issues to delayed/5. Please see attached patch.
Best wishes, Mike
diff -Nru krb5-1.11.3+dfsg/debian/changelog krb5-1.11.3+dfsg/debian/changelog --- krb5-1.11.3+dfsg/debian/changelog 2013-08-25 21:10:56.000000000 +0000 +++ krb5-1.11.3+dfsg/debian/changelog 2013-11-17 00:06:04.000000000 +0000 @@ -1,3 +1,12 @@ +krb5 (1.11.3+dfsg-3+nmu1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Add python-lxml build dependency (closes: #725596). + * Fix cve-2013-1418: null pointer dereference in the Kerberos Key + Distribution Center (KDC) service (closes: #728845). + + -- Michael Gilbert <mgilb...@debian.org> Sat, 16 Nov 2013 23:40:00 +0000 + krb5 (1.11.3+dfsg-3) unstable; urgency=low [ Benjamin Kaduk ] diff -Nru krb5-1.11.3+dfsg/debian/control krb5-1.11.3+dfsg/debian/control --- krb5-1.11.3+dfsg/debian/control 2013-08-25 21:10:56.000000000 +0000 +++ krb5-1.11.3+dfsg/debian/control 2013-11-16 23:50:57.000000000 +0000 @@ -5,7 +5,7 @@ comerr-dev, docbook-to-man, doxygen, libkeyutils-dev [linux-any], libldap2-dev, libncurses5-dev, libssl-dev, ss-dev, - libverto-dev, pkg-config + libverto-dev, pkg-config, python-lxml, build-depends-indep: python-cheetah, python-sphinx, doxygen-latex Standards-Version: 3.9.4 Maintainer: Sam Hartman <hartm...@debian.org> diff -Nru krb5-1.11.3+dfsg/debian/patches/cve-2013-1418.patch krb5-1.11.3+dfsg/debian/patches/cve-2013-1418.patch --- krb5-1.11.3+dfsg/debian/patches/cve-2013-1418.patch 1970-01-01 00:00:00.000000000 +0000 +++ krb5-1.11.3+dfsg/debian/patches/cve-2013-1418.patch 2013-11-16 23:46:14.000000000 +0000 @@ -0,0 +1,15 @@ +origin: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7757 +author: Tom Yu <t...@mit.edu> + +--- krb5-1.11.3+dfsg.orig/src/kdc/main.c ++++ krb5-1.11.3+dfsg/src/kdc/main.c +@@ -125,6 +125,9 @@ setup_server_realm(struct server_handle + int kdc_numrealms = handle->kdc_numrealms; + + kret = 0; ++ if (sprinc == NULL) ++ return NULL; ++ + if (kdc_numrealms > 1) { + if (!(newrealm = find_realm_data(handle, sprinc->realm.data, + (krb5_ui_4) sprinc->realm.length))) diff -Nru krb5-1.11.3+dfsg/debian/patches/series krb5-1.11.3+dfsg/debian/patches/series --- krb5-1.11.3+dfsg/debian/patches/series 2013-08-25 21:10:56.000000000 +0000 +++ krb5-1.11.3+dfsg/debian/patches/series 2013-11-16 23:43:13.000000000 +0000 @@ -8,3 +8,4 @@ upstream/0008-Don-t-warn-or-error-on-variadic-macros.patch 0009-autoreconf.patch upstream/0010-Update-config.guess-and-config.sub.patch +cve-2013-1418.patch
