Public bug reported:
Scheduled-For: 22.11
Upstream: tbd
Debian: 7.7.0+dfsg-2
Ubuntu: 7.7.0+dfsg-2ubuntu2
### New Debian Changes ###
heimdal (7.7.0+dfsg-2) unstable; urgency=medium
* Build using python3. Closes: #936695, #960032.
-- Brian May <b...@debian.org> Tue, 12 May 2020 06:56:04 +1000
heimdal (7.7.0+dfsg-1) unstable; urgency=medium
* New upstream version.
* Fix CVE-2019-14870: The DelegationNotAllowed Kerberos feature restriction
was not being applied when processing protocol
transition requests (S4U2Self), in the AD DC KDC. Closes: #946786.
-- Brian May <b...@debian.org> Tue, 17 Dec 2019 20:23:41 +1100
heimdal (7.5.0+dfsg-3) unstable; urgency=high
* CVE-2018-16860: Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum.
Closes: #928966.
* CVE-2019-12098: Always confirm PA-PKINIT-KX for anon PKINIT.
Closes: #929064.
* Update test certificates to pre 2038 expiry. Closes: #923930.
-- Brian May <b...@debian.org> Tue, 21 May 2019 18:04:35 +1000
heimdal (7.5.0+dfsg-2.1) unstable; urgency=medium
* Non-maintainer upload
* Add patch to create headers before building (Closes: 906623)
-- Hilko Bengen <ben...@debian.org> Sun, 28 Oct 2018 15:10:44 +0100
heimdal (7.5.0+dfsg-2) unstable; urgency=medium
* Replace 'MAXHOSTNAMELEN' with 'MaxHostNameLen' in kdc/kx509.c for The
Hurd. Closes: #900079.
-- Brian May <b...@debian.org> Sat, 02 Jun 2018 10:01:46 +1000
heimdal (7.5.0+dfsg-1) unstable; urgency=high
* New upstream version. (Closes: #850723)
+ CVE-2017-17439: Remote unauthenticated DoS in Heimdal-KDC 7.4
(Closes: #878144, #868157)
+ Refresh patches.
* Bump Standards-Version to 4.1.2 and compat level to 10.
+ Remove explicit reference to dh-autoreconf.
* Use uscan to get orig source.
+ Refrain from mangling some bundled RFC texts;
just exclude the mas they are not installed into any binary anyway.
+ Update d/copyright to DEP-5.
+ Can now use standard uscan/gbp/pristine-tar workflow.
* Fix some lintian errors/warnings.
+ Strip trailing whitespace from changelog.
+ Fix some duplicate long descriptions.
+ Use optional priority everywhere.
+ Update/remove some overrides.
+ Enforce set -e in maintainer scripts.
+ Enable hardening.
* Migrate to -dbgsym.
* Add myself to uploaders.
-- Dominik George <n...@naturalnet.de> Fri, 15 Dec 2017 01:13:04 +0100
heimdal (7.4.0.dfsg.1-2) unstable; urgency=medium
[ Jelmer Vernooij ]
* Remove myself from uploaders.
[ Brian May ]
* Be explicit with heimdal.mkey filename in postinst. Closes: #868638.
* Tests should respect DEB_BUILD_OPTIONS=nocheck. Closes: #868842.
-- Brian May <b...@debian.org> Sun, 23 Jul 2017 10:32:34 +1000
heimdal (7.4.0.dfsg.1-1) unstable; urgency=high
* New upstream version.
* Update standards version to 4.0.0.
* CVE-2017-11103: Fix Orpheus' Lyre KDC-REP service name validation.
(Closes: #868208).
-- Brian May <b...@debian.org> Sat, 15 Jul 2017 19:47:32 +1000
heimdal (7.1.0+dfsg-13) unstable; urgency=medium
* Add missing symbols base64_decode and base64_encode back into
libroken. Closes: #848694.
-- Brian May <b...@debian.org> Wed, 26 Apr 2017 19:38:20 +1000
heimdal (7.1.0+dfsg-12) unstable; urgency=high
* Fix transit path validation CVE-2017-6594.
-- Brian May <b...@debian.org> Mon, 10 Apr 2017 17:21:35 +1000
heimdal (7.1.0+dfsg-11) unstable; urgency=medium
* Remove legacy provides/conflicts/replaces headers. Old daemons
### Old Ubuntu Delta ###
heimdal (7.7.0+dfsg-2ubuntu2) impish; urgency=medium
* Remove symbol rk_closefrom@HEIMDAL_ROKEN_1.0 1.4.0+git20110226
(LP: #1945787)
-- Heinrich Schuchardt <heinrich.schucha...@canonical.com> Fri, 01 Oct
2021 15:03:02 +0200
heimdal (7.7.0+dfsg-2ubuntu1) impish; urgency=medium
* Disable lto, to regain dep on roken, otherwise dependencies on amd64
are different to i386 resulting in different files on amd64 and
i386. LP: #1934936
-- Dimitri John Ledkov <dimitri.led...@canonical.com> Tue, 20 Jul 2021
10:32:53 +0100
heimdal (7.7.0+dfsg-2build1) impish; urgency=medium
* No-change rebuild due to OpenLDAP soname bump.
-- Sergio Durigan Junior <sergio.duri...@canonical.com> Mon, 21 Jun
2021 17:48:49 -0400
** Affects: heimdal (Ubuntu)
Importance: Undecided
Status: New
** Tags: needs-merge
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to heimdal in Ubuntu.
https://bugs.launchpad.net/bugs/1946860
Title:
Merge heimdal from Debian unstable for 22.04
Status in heimdal package in Ubuntu:
New
Bug description:
Scheduled-For: 22.11
Upstream: tbd
Debian: 7.7.0+dfsg-2
Ubuntu: 7.7.0+dfsg-2ubuntu2
### New Debian Changes ###
heimdal (7.7.0+dfsg-2) unstable; urgency=medium
* Build using python3. Closes: #936695, #960032.
-- Brian May <b...@debian.org> Tue, 12 May 2020 06:56:04 +1000
heimdal (7.7.0+dfsg-1) unstable; urgency=medium
* New upstream version.
* Fix CVE-2019-14870: The DelegationNotAllowed Kerberos feature restriction
was not being applied when processing protocol
transition requests (S4U2Self), in the AD DC KDC. Closes: #946786.
-- Brian May <b...@debian.org> Tue, 17 Dec 2019 20:23:41 +1100
heimdal (7.5.0+dfsg-3) unstable; urgency=high
* CVE-2018-16860: Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum.
Closes: #928966.
* CVE-2019-12098: Always confirm PA-PKINIT-KX for anon PKINIT.
Closes: #929064.
* Update test certificates to pre 2038 expiry. Closes: #923930.
-- Brian May <b...@debian.org> Tue, 21 May 2019 18:04:35 +1000
heimdal (7.5.0+dfsg-2.1) unstable; urgency=medium
* Non-maintainer upload
* Add patch to create headers before building (Closes: 906623)
-- Hilko Bengen <ben...@debian.org> Sun, 28 Oct 2018 15:10:44 +0100
heimdal (7.5.0+dfsg-2) unstable; urgency=medium
* Replace 'MAXHOSTNAMELEN' with 'MaxHostNameLen' in kdc/kx509.c for The
Hurd. Closes: #900079.
-- Brian May <b...@debian.org> Sat, 02 Jun 2018 10:01:46 +1000
heimdal (7.5.0+dfsg-1) unstable; urgency=high
* New upstream version. (Closes: #850723)
+ CVE-2017-17439: Remote unauthenticated DoS in Heimdal-KDC 7.4
(Closes: #878144, #868157)
+ Refresh patches.
* Bump Standards-Version to 4.1.2 and compat level to 10.
+ Remove explicit reference to dh-autoreconf.
* Use uscan to get orig source.
+ Refrain from mangling some bundled RFC texts;
just exclude the mas they are not installed into any binary anyway.
+ Update d/copyright to DEP-5.
+ Can now use standard uscan/gbp/pristine-tar workflow.
* Fix some lintian errors/warnings.
+ Strip trailing whitespace from changelog.
+ Fix some duplicate long descriptions.
+ Use optional priority everywhere.
+ Update/remove some overrides.
+ Enforce set -e in maintainer scripts.
+ Enable hardening.
* Migrate to -dbgsym.
* Add myself to uploaders.
-- Dominik George <n...@naturalnet.de> Fri, 15 Dec 2017 01:13:04
+0100
heimdal (7.4.0.dfsg.1-2) unstable; urgency=medium
[ Jelmer Vernooij ]
* Remove myself from uploaders.
[ Brian May ]
* Be explicit with heimdal.mkey filename in postinst. Closes: #868638.
* Tests should respect DEB_BUILD_OPTIONS=nocheck. Closes: #868842.
-- Brian May <b...@debian.org> Sun, 23 Jul 2017 10:32:34 +1000
heimdal (7.4.0.dfsg.1-1) unstable; urgency=high
* New upstream version.
* Update standards version to 4.0.0.
* CVE-2017-11103: Fix Orpheus' Lyre KDC-REP service name validation.
(Closes: #868208).
-- Brian May <b...@debian.org> Sat, 15 Jul 2017 19:47:32 +1000
heimdal (7.1.0+dfsg-13) unstable; urgency=medium
* Add missing symbols base64_decode and base64_encode back into
libroken. Closes: #848694.
-- Brian May <b...@debian.org> Wed, 26 Apr 2017 19:38:20 +1000
heimdal (7.1.0+dfsg-12) unstable; urgency=high
* Fix transit path validation CVE-2017-6594.
-- Brian May <b...@debian.org> Mon, 10 Apr 2017 17:21:35 +1000
heimdal (7.1.0+dfsg-11) unstable; urgency=medium
* Remove legacy provides/conflicts/replaces headers. Old daemons
### Old Ubuntu Delta ###
heimdal (7.7.0+dfsg-2ubuntu2) impish; urgency=medium
* Remove symbol rk_closefrom@HEIMDAL_ROKEN_1.0 1.4.0+git20110226
(LP: #1945787)
-- Heinrich Schuchardt <heinrich.schucha...@canonical.com> Fri, 01
Oct 2021 15:03:02 +0200
heimdal (7.7.0+dfsg-2ubuntu1) impish; urgency=medium
* Disable lto, to regain dep on roken, otherwise dependencies on amd64
are different to i386 resulting in different files on amd64 and
i386. LP: #1934936
-- Dimitri John Ledkov <dimitri.led...@canonical.com> Tue, 20 Jul
2021 10:32:53 +0100
heimdal (7.7.0+dfsg-2build1) impish; urgency=medium
* No-change rebuild due to OpenLDAP soname bump.
-- Sergio Durigan Junior <sergio.duri...@canonical.com> Mon, 21 Jun
2021 17:48:49 -0400
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/1946860/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
