** Description changed: - Scheduled-For: 22.11 Upstream: tbd - Debian: 7.7.0+dfsg-2 + Debian: 7.7.0+dfsg-2 Ubuntu: 7.7.0+dfsg-2ubuntu2 - - ### New Debian Changes ### heimdal (7.7.0+dfsg-2) unstable; urgency=medium - * Build using python3. Closes: #936695, #960032. + * Build using python3. Closes: #936695, #960032. - -- Brian May <b...@debian.org> Tue, 12 May 2020 06:56:04 +1000 + -- Brian May <b...@debian.org> Tue, 12 May 2020 06:56:04 +1000 heimdal (7.7.0+dfsg-1) unstable; urgency=medium - * New upstream version. - * Fix CVE-2019-14870: The DelegationNotAllowed Kerberos feature restriction - was not being applied when processing protocol - transition requests (S4U2Self), in the AD DC KDC. Closes: #946786. + * New upstream version. + * Fix CVE-2019-14870: The DelegationNotAllowed Kerberos feature restriction + was not being applied when processing protocol + transition requests (S4U2Self), in the AD DC KDC. Closes: #946786. - -- Brian May <b...@debian.org> Tue, 17 Dec 2019 20:23:41 +1100 + -- Brian May <b...@debian.org> Tue, 17 Dec 2019 20:23:41 +1100 heimdal (7.5.0+dfsg-3) unstable; urgency=high - * CVE-2018-16860: Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum. - Closes: #928966. - * CVE-2019-12098: Always confirm PA-PKINIT-KX for anon PKINIT. - Closes: #929064. - * Update test certificates to pre 2038 expiry. Closes: #923930. + * CVE-2018-16860: Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum. + Closes: #928966. + * CVE-2019-12098: Always confirm PA-PKINIT-KX for anon PKINIT. + Closes: #929064. + * Update test certificates to pre 2038 expiry. Closes: #923930. - -- Brian May <b...@debian.org> Tue, 21 May 2019 18:04:35 +1000 + -- Brian May <b...@debian.org> Tue, 21 May 2019 18:04:35 +1000 heimdal (7.5.0+dfsg-2.1) unstable; urgency=medium - * Non-maintainer upload - * Add patch to create headers before building (Closes: 906623) + * Non-maintainer upload + * Add patch to create headers before building (Closes: 906623) - -- Hilko Bengen <ben...@debian.org> Sun, 28 Oct 2018 15:10:44 +0100 + -- Hilko Bengen <ben...@debian.org> Sun, 28 Oct 2018 15:10:44 +0100 heimdal (7.5.0+dfsg-2) unstable; urgency=medium - * Replace 'MAXHOSTNAMELEN' with 'MaxHostNameLen' in kdc/kx509.c for The - Hurd. Closes: #900079. + * Replace 'MAXHOSTNAMELEN' with 'MaxHostNameLen' in kdc/kx509.c for The + Hurd. Closes: #900079. - -- Brian May <b...@debian.org> Sat, 02 Jun 2018 10:01:46 +1000 + -- Brian May <b...@debian.org> Sat, 02 Jun 2018 10:01:46 +1000 heimdal (7.5.0+dfsg-1) unstable; urgency=high - * New upstream version. (Closes: #850723) - + CVE-2017-17439: Remote unauthenticated DoS in Heimdal-KDC 7.4 - (Closes: #878144, #868157) - + Refresh patches. - * Bump Standards-Version to 4.1.2 and compat level to 10. - + Remove explicit reference to dh-autoreconf. - * Use uscan to get orig source. - + Refrain from mangling some bundled RFC texts; - just exclude the mas they are not installed into any binary anyway. - + Update d/copyright to DEP-5. - + Can now use standard uscan/gbp/pristine-tar workflow. - * Fix some lintian errors/warnings. - + Strip trailing whitespace from changelog. - + Fix some duplicate long descriptions. - + Use optional priority everywhere. - + Update/remove some overrides. - + Enforce set -e in maintainer scripts. - + Enable hardening. - * Migrate to -dbgsym. - * Add myself to uploaders. + * New upstream version. (Closes: #850723) + + CVE-2017-17439: Remote unauthenticated DoS in Heimdal-KDC 7.4 + (Closes: #878144, #868157) + + Refresh patches. + * Bump Standards-Version to 4.1.2 and compat level to 10. + + Remove explicit reference to dh-autoreconf. + * Use uscan to get orig source. + + Refrain from mangling some bundled RFC texts; + just exclude the mas they are not installed into any binary anyway. + + Update d/copyright to DEP-5. + + Can now use standard uscan/gbp/pristine-tar workflow. + * Fix some lintian errors/warnings. + + Strip trailing whitespace from changelog. + + Fix some duplicate long descriptions. + + Use optional priority everywhere. + + Update/remove some overrides. + + Enforce set -e in maintainer scripts. + + Enable hardening. + * Migrate to -dbgsym. + * Add myself to uploaders. - -- Dominik George <n...@naturalnet.de> Fri, 15 Dec 2017 01:13:04 +0100 + -- Dominik George <n...@naturalnet.de> Fri, 15 Dec 2017 01:13:04 +0100 heimdal (7.4.0.dfsg.1-2) unstable; urgency=medium - [ Jelmer Vernooij ] - * Remove myself from uploaders. + [ Jelmer Vernooij ] + * Remove myself from uploaders. - [ Brian May ] - * Be explicit with heimdal.mkey filename in postinst. Closes: #868638. - * Tests should respect DEB_BUILD_OPTIONS=nocheck. Closes: #868842. + [ Brian May ] + * Be explicit with heimdal.mkey filename in postinst. Closes: #868638. + * Tests should respect DEB_BUILD_OPTIONS=nocheck. Closes: #868842. - -- Brian May <b...@debian.org> Sun, 23 Jul 2017 10:32:34 +1000 + -- Brian May <b...@debian.org> Sun, 23 Jul 2017 10:32:34 +1000 heimdal (7.4.0.dfsg.1-1) unstable; urgency=high - * New upstream version. - * Update standards version to 4.0.0. - * CVE-2017-11103: Fix Orpheus' Lyre KDC-REP service name validation. - (Closes: #868208). + * New upstream version. + * Update standards version to 4.0.0. + * CVE-2017-11103: Fix Orpheus' Lyre KDC-REP service name validation. + (Closes: #868208). - -- Brian May <b...@debian.org> Sat, 15 Jul 2017 19:47:32 +1000 + -- Brian May <b...@debian.org> Sat, 15 Jul 2017 19:47:32 +1000 heimdal (7.1.0+dfsg-13) unstable; urgency=medium - * Add missing symbols base64_decode and base64_encode back into - libroken. Closes: #848694. + * Add missing symbols base64_decode and base64_encode back into + libroken. Closes: #848694. - -- Brian May <b...@debian.org> Wed, 26 Apr 2017 19:38:20 +1000 + -- Brian May <b...@debian.org> Wed, 26 Apr 2017 19:38:20 +1000 heimdal (7.1.0+dfsg-12) unstable; urgency=high - * Fix transit path validation CVE-2017-6594. + * Fix transit path validation CVE-2017-6594. - -- Brian May <b...@debian.org> Mon, 10 Apr 2017 17:21:35 +1000 + -- Brian May <b...@debian.org> Mon, 10 Apr 2017 17:21:35 +1000 heimdal (7.1.0+dfsg-11) unstable; urgency=medium - * Remove legacy provides/conflicts/replaces headers. Old daemons - + * Remove legacy provides/conflicts/replaces headers. Old daemons ### Old Ubuntu Delta ### heimdal (7.7.0+dfsg-2ubuntu2) impish; urgency=medium - * Remove symbol rk_closefrom@HEIMDAL_ROKEN_1.0 1.4.0+git20110226 - (LP: #1945787) + * Remove symbol rk_closefrom@HEIMDAL_ROKEN_1.0 1.4.0+git20110226 + (LP: #1945787) - -- Heinrich Schuchardt <heinrich.schucha...@canonical.com> Fri, 01 Oct + -- Heinrich Schuchardt <heinrich.schucha...@canonical.com> Fri, 01 Oct 2021 15:03:02 +0200 heimdal (7.7.0+dfsg-2ubuntu1) impish; urgency=medium - * Disable lto, to regain dep on roken, otherwise dependencies on amd64 - are different to i386 resulting in different files on amd64 and - i386. LP: #1934936 + * Disable lto, to regain dep on roken, otherwise dependencies on amd64 + are different to i386 resulting in different files on amd64 and + i386. LP: #1934936 - -- Dimitri John Ledkov <dimitri.led...@canonical.com> Tue, 20 Jul 2021 + -- Dimitri John Ledkov <dimitri.led...@canonical.com> Tue, 20 Jul 2021 10:32:53 +0100 heimdal (7.7.0+dfsg-2build1) impish; urgency=medium - * No-change rebuild due to OpenLDAP soname bump. + * No-change rebuild due to OpenLDAP soname bump. - -- Sergio Durigan Junior <sergio.duri...@canonical.com> Mon, 21 Jun + -- Sergio Durigan Junior <sergio.duri...@canonical.com> Mon, 21 Jun 2021 17:48:49 -0400
** Changed in: heimdal (Ubuntu) Milestone: None => ubuntu-21.11 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to heimdal in Ubuntu. https://bugs.launchpad.net/bugs/1946860 Title: Merge heimdal from Debian unstable for 22.04 Status in heimdal package in Ubuntu: New Bug description: Upstream: tbd Debian: 7.7.0+dfsg-2 Ubuntu: 7.7.0+dfsg-2ubuntu2 ### New Debian Changes ### heimdal (7.7.0+dfsg-2) unstable; urgency=medium * Build using python3. Closes: #936695, #960032. -- Brian May <b...@debian.org> Tue, 12 May 2020 06:56:04 +1000 heimdal (7.7.0+dfsg-1) unstable; urgency=medium * New upstream version. * Fix CVE-2019-14870: The DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC. Closes: #946786. -- Brian May <b...@debian.org> Tue, 17 Dec 2019 20:23:41 +1100 heimdal (7.5.0+dfsg-3) unstable; urgency=high * CVE-2018-16860: Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum. Closes: #928966. * CVE-2019-12098: Always confirm PA-PKINIT-KX for anon PKINIT. Closes: #929064. * Update test certificates to pre 2038 expiry. Closes: #923930. -- Brian May <b...@debian.org> Tue, 21 May 2019 18:04:35 +1000 heimdal (7.5.0+dfsg-2.1) unstable; urgency=medium * Non-maintainer upload * Add patch to create headers before building (Closes: 906623) -- Hilko Bengen <ben...@debian.org> Sun, 28 Oct 2018 15:10:44 +0100 heimdal (7.5.0+dfsg-2) unstable; urgency=medium * Replace 'MAXHOSTNAMELEN' with 'MaxHostNameLen' in kdc/kx509.c for The Hurd. Closes: #900079. -- Brian May <b...@debian.org> Sat, 02 Jun 2018 10:01:46 +1000 heimdal (7.5.0+dfsg-1) unstable; urgency=high * New upstream version. (Closes: #850723) + CVE-2017-17439: Remote unauthenticated DoS in Heimdal-KDC 7.4 (Closes: #878144, #868157) + Refresh patches. * Bump Standards-Version to 4.1.2 and compat level to 10. + Remove explicit reference to dh-autoreconf. * Use uscan to get orig source. + Refrain from mangling some bundled RFC texts; just exclude the mas they are not installed into any binary anyway. + Update d/copyright to DEP-5. + Can now use standard uscan/gbp/pristine-tar workflow. * Fix some lintian errors/warnings. + Strip trailing whitespace from changelog. + Fix some duplicate long descriptions. + Use optional priority everywhere. + Update/remove some overrides. + Enforce set -e in maintainer scripts. + Enable hardening. * Migrate to -dbgsym. * Add myself to uploaders. -- Dominik George <n...@naturalnet.de> Fri, 15 Dec 2017 01:13:04 +0100 heimdal (7.4.0.dfsg.1-2) unstable; urgency=medium [ Jelmer Vernooij ] * Remove myself from uploaders. [ Brian May ] * Be explicit with heimdal.mkey filename in postinst. Closes: #868638. * Tests should respect DEB_BUILD_OPTIONS=nocheck. Closes: #868842. -- Brian May <b...@debian.org> Sun, 23 Jul 2017 10:32:34 +1000 heimdal (7.4.0.dfsg.1-1) unstable; urgency=high * New upstream version. * Update standards version to 4.0.0. * CVE-2017-11103: Fix Orpheus' Lyre KDC-REP service name validation. (Closes: #868208). -- Brian May <b...@debian.org> Sat, 15 Jul 2017 19:47:32 +1000 heimdal (7.1.0+dfsg-13) unstable; urgency=medium * Add missing symbols base64_decode and base64_encode back into libroken. Closes: #848694. -- Brian May <b...@debian.org> Wed, 26 Apr 2017 19:38:20 +1000 heimdal (7.1.0+dfsg-12) unstable; urgency=high * Fix transit path validation CVE-2017-6594. -- Brian May <b...@debian.org> Mon, 10 Apr 2017 17:21:35 +1000 heimdal (7.1.0+dfsg-11) unstable; urgency=medium * Remove legacy provides/conflicts/replaces headers. Old daemons ### Old Ubuntu Delta ### heimdal (7.7.0+dfsg-2ubuntu2) impish; urgency=medium * Remove symbol rk_closefrom@HEIMDAL_ROKEN_1.0 1.4.0+git20110226 (LP: #1945787) -- Heinrich Schuchardt <heinrich.schucha...@canonical.com> Fri, 01 Oct 2021 15:03:02 +0200 heimdal (7.7.0+dfsg-2ubuntu1) impish; urgency=medium * Disable lto, to regain dep on roken, otherwise dependencies on amd64 are different to i386 resulting in different files on amd64 and i386. LP: #1934936 -- Dimitri John Ledkov <dimitri.led...@canonical.com> Tue, 20 Jul 2021 10:32:53 +0100 heimdal (7.7.0+dfsg-2build1) impish; urgency=medium * No-change rebuild due to OpenLDAP soname bump. -- Sergio Durigan Junior <sergio.duri...@canonical.com> Mon, 21 Jun 2021 17:48:49 -0400 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/1946860/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp