Your message dated Tue, 31 Jul 2012 18:32:36 +0000 with message-id <e1swhfe-00071q...@franck.debian.org> and subject line Bug#512410: fixed in krb5 1.10.1+dfsg-2 has caused the Debian Bug report #512410, regarding krb5_verify_init_creds frees caller-provided krb5_principal to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 512410: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512410 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: openssh-server Version: 1:5.1p1-5 Severity: normal ==> /var/log/syslog <== Jan 20 11:14:36 x2goserver kernel: [12969.745101] sshd[31465]: segfault at 6fd7cbec ip b7af7ea9 sp bfa5b2e4 error 4 in libc-2.7.so[b7a89000+155000] Jan 20 11:14:40 x2goserver modprobe: WARNING: Not loading blacklisted module ipv6 Jan 20 11:14:52 x2goserver kernel: [12988.077088] sshd[31518]: segfault at 7126cbec ip b7b16ea9 sp bfa79b04 error 4 in libc-2.7.so[b7aa8000+155000] Jan 20 11:14:57 x2goserver kernel: [12993.564945] sshd[31532]: segfault at 715fbbec ip b7acdea9 sp bfc32cb4 error 4 in libc-2.7.so[b7a5f000+155000] Jan 20 11:15:14 x2goserver kernel: [13011.537760] sshd[31615]: segfault at 7143bbec ip b7b91ea9 sp bfaf6b74 error 4 in libc-2.7.so[b7b23000+155000] Jan 20 11:15:36 x2goserver kernel: [13036.492617] sshd[31591]: segfault at 7007dbec ip b7b71ea9 sp bfcd6d54 error 4 in libc-2.7.so[b7b03000+155000] Jan 20 11:15:37 x2goserver kernel: [13038.017398] sshd[31713]: segfault at 70dc8bec ip b7af0ea9 sp bfa53ad4 error 4 in libc-2.7.so[b7a82000+155000] Jan 20 16:22:16 x2goserver kernel: [33193.561581] sshd[7955]: segfault at 718a20e4 ip b7b60ea9 sp bffc5fd4 error 4 in libc-2.7.so[b7af2000+155000] Jan 20 16:22:16 x2goserver kernel: [33193.562936] sshd[7959]: segfault at 70ee273c ip b7acbea9 sp bfd30d44 error 4 in libc-2.7.so[b7a5d000+155000] .... ==> /var/log/auth <== Jan 20 16:32:44 x2goserver sshd[8604]: Closing connection to 192.168.X.Y port 1944 Jan 20 16:32:44 x2goserver sshd[8590]: debug1: PAM: cleanup Jan 20 16:32:44 x2goserver sshd[8590]: debug1: PAM: deleting credentials Jan 20 16:32:44 x2goserver sshd[8590]: debug1: PAM: closing session Jan 20 16:32:44 x2goserver sshd[8590]: pam_unix(sshd:session): session closed for user test ==> /var/log/syslog <== Jan 20 16:32:44 x2goserver kernel: [33878.085181] sshd[8590]: segfault at 7171de1c ip b7b05ea9 sp bf86a8f4 error 4 in libc-2.7.so[b7a97000+155000] -- System Information: Debian Release: 5.0 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages openssh-server depends on: ii adduser 3.110 add and remove users and groups ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy ii dpkg 1.14.24 Debian package management system ii libc6 2.7-18 GNU C Library: Shared libraries ii libcomerr2 1.41.3-1 common error description library ii libkrb53 1.6.dfsg.4~beta1-5 MIT Kerberos runtime libraries ii libpam-modules 1.0.1-5 Pluggable Authentication Modules f ii libpam-runtime 1.0.1-5 Runtime support for the PAM librar ii libpam0g 1.0.1-5 Pluggable Authentication Modules l ii libselinux1 2.0.65-5 SELinux shared libraries ii libssl0.9.8 0.9.8g-15 SSL shared libraries ii libwrap0 7.6.q-16 Wietse Venema's TCP wrappers libra ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS ii openssh-client 1:5.1p1-5 secure shell client, an rlogin/rsh ii procps 1:3.2.7-9 /proc file system utilities ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Versions of packages openssh-server recommends: ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op ii xauth 1:1.0.3-2 X authentication utility Versions of packages openssh-server suggests: pn molly-guard <none> (no description available) pn rssh <none> (no description available) pn ssh-askpass <none> (no description available) -- debconf information: ssh/vulnerable_host_keys: ssh/new_config: true * ssh/use_old_init_script: true ssh/encrypted_host_key_but_no_keygen: ssh/disable_cr_auth: false
--- End Message ---
--- Begin Message ---Source: krb5 Source-Version: 1.10.1+dfsg-2 We believe that the bug you reported is fixed in the latest version of krb5, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 512...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sam Hartman <hartm...@debian.org> (supplier of updated krb5 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 31 Jul 2012 08:20:09 -0400 Source: krb5 Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit8 libkadm5clnt-mit8 libk5crypto3 libkdb5-6 libkrb5support0 krb5-gss-samples krb5-locales Architecture: source all amd64 Version: 1.10.1+dfsg-2 Distribution: unstable Urgency: high Maintainer: Sam Hartman <hartm...@debian.org> Changed-By: Sam Hartman <hartm...@debian.org> Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-doc - Documentation for MIT Kerberos krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-locales - Internationalization support for MIT Kerberos krb5-multidev - Development files for MIT Kerberos without Heimdal conflict krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit8 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit8 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-6 - MIT Kerberos runtime libraries - Kerberos database libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Closes: 512410 680612 Changes: krb5 (1.10.1+dfsg-2) unstable; urgency=high . * MITKRB5-SA-2012-001 [CVE-2012-1014 CVE-2012-1015] KDC frees uninitialized pointers * Break libgssglue1 << 0.2-2 for multiarch, Closes: #680612 * Don't free caller's principal in verify_init_creds, Closes: #512410 Checksums-Sha1: 8edf1e6a94ef94b7a625359fa29826b0186e9ae5 2287 krb5_1.10.1+dfsg-2.dsc 90b47167a44923c47bcc4ecaca7d2951ddfc0609 128780 krb5_1.10.1+dfsg-2.debian.tar.gz 46211e2583fa4ae6cc812d6bb5eba77abb3450e1 2669826 krb5-doc_1.10.1+dfsg-2_all.deb c49622048e95eb22cc75e445fa97a758daee548c 1502354 krb5-locales_1.10.1+dfsg-2_all.deb 0a15ba55a9d89815b3dd12b401d93c103dda52b5 152838 krb5-user_1.10.1+dfsg-2_amd64.deb 5108c2c41f5f10ca09ba3bd6559f9e9f6565ea9c 224910 krb5-kdc_1.10.1+dfsg-2_amd64.deb 6b7fdd6455cbe239df5073a0e4133553041d838e 120114 krb5-kdc-ldap_1.10.1+dfsg-2_amd64.deb 76e2a17f4f91a2956d67f4739f1acb58e027e457 122864 krb5-admin-server_1.10.1+dfsg-2_amd64.deb b075ea2c133082fe8784c38e2ba8607d58726e48 153248 krb5-multidev_1.10.1+dfsg-2_amd64.deb 6b68a80a35fbbc0acc26279b7b2b3318715b960d 38656 libkrb5-dev_1.10.1+dfsg-2_amd64.deb a9028e8ef6633fb2bc6a93505002128a90b87fb2 2203550 libkrb5-dbg_1.10.1+dfsg-2_amd64.deb 9d2827462f9af9cfe74af9063a2db92a6e29f093 81616 krb5-pkinit_1.10.1+dfsg-2_amd64.deb 448c4dc7db68fdc280e04a1232a13f1a6e677efa 392958 libkrb5-3_1.10.1+dfsg-2_amd64.deb 40d016024525fe6321006d48ed9f50458e45f21d 147314 libgssapi-krb5-2_1.10.1+dfsg-2_amd64.deb 9d846a78cf5d119f27fc3d203ea8b4d157c8cfaa 86946 libgssrpc4_1.10.1+dfsg-2_amd64.deb 0fce3ec7513bae0e0c686b47ad8f8af80f69a7be 84198 libkadm5srv-mit8_1.10.1+dfsg-2_amd64.deb 39d72ed815b0d0e0cf27aa97e0f1d8fe2c443786 67262 libkadm5clnt-mit8_1.10.1+dfsg-2_amd64.deb d23fa500bc55754316425203c018bba4b6fedbbd 111850 libk5crypto3_1.10.1+dfsg-2_amd64.deb 95d22180c615f611a35ac9b7301872a4864bbb66 66198 libkdb5-6_1.10.1+dfsg-2_amd64.deb 7ae9686ad0b0feab7278e51b9db4b3d0a7588195 49016 libkrb5support0_1.10.1+dfsg-2_amd64.deb 30a96c2ce06afc63d80c9a801427c5a5a3ae0da2 51108 krb5-gss-samples_1.10.1+dfsg-2_amd64.deb Checksums-Sha256: bfb5e9414518e75426e227db66e056ced8d577df5be55c9307ca2cafc3fbd521 2287 krb5_1.10.1+dfsg-2.dsc 5a00add765ff01312e262c8bdcb01c08ff126c4ec8c1ca05405277b53f0c69d2 128780 krb5_1.10.1+dfsg-2.debian.tar.gz 6ab1b517e04fca5e04bc40f0709bf1b2b1ec673ef9b53da35215735c236278c4 2669826 krb5-doc_1.10.1+dfsg-2_all.deb a83df102f18fa9112e9ead07c142237d4b2d32400fd04243c4d3c13b05fcd4a0 1502354 krb5-locales_1.10.1+dfsg-2_all.deb 271ffa6102be62c3490265588faa171f8b2bbe3fd4a70792fa00e78679973082 152838 krb5-user_1.10.1+dfsg-2_amd64.deb f601330cea93ce4ec16321e5dc0e190129762e4920a8fd38a6868bee2b536f7a 224910 krb5-kdc_1.10.1+dfsg-2_amd64.deb a8e7615bebcb64c4f87f46af03a7aa50524865ed78ba37c35a0836b2626c5e5e 120114 krb5-kdc-ldap_1.10.1+dfsg-2_amd64.deb 6130e1dbe55a4b37ceb17e59293bfaa671b0a4165b2c6ebacbd18e077bc7ec64 122864 krb5-admin-server_1.10.1+dfsg-2_amd64.deb d520a8d6c259b1a303898081e615a7bd8f3350aa9040d2f2c9e62a67083d6600 153248 krb5-multidev_1.10.1+dfsg-2_amd64.deb d1286a8a31c1b3f877da13973c1c4eaa74bba984c799dbd123711994d45a2f83 38656 libkrb5-dev_1.10.1+dfsg-2_amd64.deb 1dc5565f0055ecfdaed33e9f51adcf92548cd990eccf7583efb3d2844b11beed 2203550 libkrb5-dbg_1.10.1+dfsg-2_amd64.deb e5b67314601a2e844f43362d1f3665d4098aaadce46047a4d46df939acee7703 81616 krb5-pkinit_1.10.1+dfsg-2_amd64.deb e79871b6a4508decceba595c3579d500375da238f583834dcc8feeee71eea6ae 392958 libkrb5-3_1.10.1+dfsg-2_amd64.deb 139989f30dd80ffef968a28f66226ef658ce164b26733c3b1cba63ebf10e6405 147314 libgssapi-krb5-2_1.10.1+dfsg-2_amd64.deb 2a7a50a49cef67f200ebecd7b11297b747006f6cae27b69cc0473f9eca4a1350 86946 libgssrpc4_1.10.1+dfsg-2_amd64.deb 7ddb98bfa87b098d5fd2ab678226d0cc340479d3972df03a5f97c5aba940d860 84198 libkadm5srv-mit8_1.10.1+dfsg-2_amd64.deb d10fbcef4833dc020e1bf0a8960cdfd5d34d2bcf22666495da98befa3137198b 67262 libkadm5clnt-mit8_1.10.1+dfsg-2_amd64.deb af7be9440e61fde0be445be7482dd7e0979b8f68f987401a6dab0446974abbfd 111850 libk5crypto3_1.10.1+dfsg-2_amd64.deb 552aca6c8802a30c311ffc452c0f5adfab4df6aa2edf054b94f5d17aa7d6ee7b 66198 libkdb5-6_1.10.1+dfsg-2_amd64.deb 433cb3fc906a8f4bb5269632ca91ce461fd57c9eca73b63b836877600d599d90 49016 libkrb5support0_1.10.1+dfsg-2_amd64.deb f169d5de622c5d471d63fe98d31e195ce88289aab9ebef0323114e9af3fe1671 51108 krb5-gss-samples_1.10.1+dfsg-2_amd64.deb Files: dfb8129632ec58d664ddb9108d57f490 2287 net standard krb5_1.10.1+dfsg-2.dsc 7cc2c44d29c1cb115acfbd3b18d2c353 128780 net standard krb5_1.10.1+dfsg-2.debian.tar.gz 75891375e9b4f2400f3f0a4b0edf0745 2669826 doc optional krb5-doc_1.10.1+dfsg-2_all.deb efddb689f8dc061ec2c59a4d3b00ef5d 1502354 localization standard krb5-locales_1.10.1+dfsg-2_all.deb d50aa587953b44b4029a378d453d7ae3 152838 net optional krb5-user_1.10.1+dfsg-2_amd64.deb 6687fa7c9617de787271bbb59052ed9c 224910 net optional krb5-kdc_1.10.1+dfsg-2_amd64.deb 969c4d7ab4003cf74976c95bc7414251 120114 net extra krb5-kdc-ldap_1.10.1+dfsg-2_amd64.deb da3390b681c915ae2b8ff9f1c4a324c7 122864 net optional krb5-admin-server_1.10.1+dfsg-2_amd64.deb 7ff40cc94fcf75bc907bcdf36034f0be 153248 libdevel optional krb5-multidev_1.10.1+dfsg-2_amd64.deb f1e63acc374f3d9399f48022552edb67 38656 libdevel extra libkrb5-dev_1.10.1+dfsg-2_amd64.deb 789bc8c9c0703863a3a2b9e62b48d2c8 2203550 debug extra libkrb5-dbg_1.10.1+dfsg-2_amd64.deb 31045605ecb89d514dd5d1f63983dd0e 81616 net extra krb5-pkinit_1.10.1+dfsg-2_amd64.deb f824cbc91fcfcd35a5012ea54f0612ab 392958 libs standard libkrb5-3_1.10.1+dfsg-2_amd64.deb e047fd9a61686c666a0e96c9417dd21e 147314 libs standard libgssapi-krb5-2_1.10.1+dfsg-2_amd64.deb 6da8582d284df63c7850461e0666a27b 86946 libs standard libgssrpc4_1.10.1+dfsg-2_amd64.deb 5ace1459dca1c51620c2afc7b9e1edfd 84198 libs standard libkadm5srv-mit8_1.10.1+dfsg-2_amd64.deb e46805361771aa3a409ba7842861af2c 67262 libs standard libkadm5clnt-mit8_1.10.1+dfsg-2_amd64.deb 07fe66c436d5e3be211e0649b249d895 111850 libs standard libk5crypto3_1.10.1+dfsg-2_amd64.deb 7e1c25556200fdb59dac4ca6d77bbe45 66198 libs standard libkdb5-6_1.10.1+dfsg-2_amd64.deb 2de59be04299898092bb1a199dc6f124 49016 libs standard libkrb5support0_1.10.1+dfsg-2_amd64.deb 14933495bbfb8cd8399cebaf9963f6cc 51108 net extra krb5-gss-samples_1.10.1+dfsg-2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAlAX1d8ACgkQ/I12czyGJg9GUQCg2dumVPepX+Pp66ybN9SwXD5U 81AAniC8SQr9ghdVtZuxbnwZ6yI20ojl =VA0E -----END PGP SIGNATURE-----
--- End Message ---
