Public bug reported: Please sync krb5 to Edgy to fix two security vulnerabilities (fixed in stables long ago, but forgot sync request for edgy):
http://snapshot.debian.net/archive/2006/08/09/debian/pool/main/k/krb5/krb5_1.4.3-9.dsc http://snapshot.debian.net/archive/2006/08/09/debian/pool/main/k/krb5/krb5_1.4.3-9.diff.gz krb5 (1.4.3-9) unstable; urgency=high * Add error checking to setuid, setreuid to avoid local privilege escalation ; fixes krb5-sa-2006-1, CVE-2006-3084, CVE-2006-3083 * Update standards version to 3.7.2 (no changes required). * Translation updates. - Russian, thanks Yuri Kozlov. (Closes: #380303) -- Sam Hartman <[EMAIL PROTECTED]> Sun, 6 Aug 2006 17:12:40 -0400 krb5 (1.4.3-8) unstable; urgency=low * Defer seeding of the random number generator in kadmind until after forking and backgrounding, since otherwise blocking on /dev/random may block system startup. (Closes: #364308) * Update config.{guess,sub}. (Closes: #373727) * Better fix for error handling of a zero-length keytab. Thanks, Rainer Weikusat. -- Russ Allbery <[EMAIL PROTECTED]> Sun, 16 Jul 2006 08:59:20 -0700 ** Affects: krb5 (Ubuntu) Importance: Untriaged Status: Unconfirmed -- Please sync 1.4.3-9 (main) from snapshot.d.o (main) https://launchpad.net/bugs/60998 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
