-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 20 Nov 2010 15:28:58 -0500 Source: krb5 Binary: libkadm55 libkrb53 krb5-user krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd krb5-kdc krb5-kdc-ldap krb5-admin-server libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc Architecture: sparc Version: 1.6.dfsg.4~beta1-5lenny6 Distribution: stable-security Urgency: emergency Maintainer: sparc Build Daemon (schroeder) Changed-By: Sam Hartman Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos krb5-doc - Documentation for MIT Kerberos krb5-ftpd - Secure FTP server supporting MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos krb5-telnetd - Secure telnet server supporting MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libkadm55 - MIT Kerberos administration runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb53 - MIT Kerberos runtime libraries Changes: krb5 (1.6.dfsg.4~beta1-5lenny6) stable-security; urgency=emergency . * MITKRB5-SA-2010-007 * CVE-2010-1323: attackers have a 1/256 chance of being able to produce krb_safe messages that appear to be from legitimate remote sources. Other than use in KDC database copies this may not be a huge issue only because no one actually uses krb_safe messages. Similarly, an attacker can force clients to display challenge/response values of the attacker's choice. Checksums-Sha1: 1d0a50d7882fa55c0bb0c6dd93cdf82de95ec8f1 146822 libkadm55_1.6.dfsg.4~beta1-5lenny6_sparc.deb db8d7b27ed881c8033da9bab05255db315106116 436990 libkrb53_1.6.dfsg.4~beta1-5lenny6_sparc.deb 41e79782e78ef14686b87d76db8a92aaaef7b4e8 137240 krb5-user_1.6.dfsg.4~beta1-5lenny6_sparc.deb e383f5ed7a6e1d4d3c71dcc91c92d17c29b464bc 220016 krb5-clients_1.6.dfsg.4~beta1-5lenny6_sparc.deb c4d124a9e3fbd23704dfc96519d0521f3d5e0c79 87600 krb5-rsh-server_1.6.dfsg.4~beta1-5lenny6_sparc.deb 71554b0c819f646fdc6b0d99ff3047b856ff3ddf 66216 krb5-ftpd_1.6.dfsg.4~beta1-5lenny6_sparc.deb f8a8f6d4627c53a0b16354e865ded45915725a3d 72612 krb5-telnetd_1.6.dfsg.4~beta1-5lenny6_sparc.deb 733636ee7f58941d56ef17f1756ae8c7bf82fb95 183538 krb5-kdc_1.6.dfsg.4~beta1-5lenny6_sparc.deb e0ab4922a0b5a86393fb1a522f8a1a4963b33e62 101072 krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny6_sparc.deb 9ab95b2fb1daf4665c3b886db158fae6e33cb810 88034 krb5-admin-server_1.6.dfsg.4~beta1-5lenny6_sparc.deb b2a0d0d7426fc778207464c44387f7f3fac8ea34 92996 libkrb5-dev_1.6.dfsg.4~beta1-5lenny6_sparc.deb c81796072fe6703ed2eb2f767ddeb465cada7b14 1214700 libkrb5-dbg_1.6.dfsg.4~beta1-5lenny6_sparc.deb 9117585bd2ede04d7163eab2b0e8921c26e69f89 61780 krb5-pkinit_1.6.dfsg.4~beta1-5lenny6_sparc.deb Checksums-Sha256: 4ab8b40854f9871d428435bea376543e8b705b2262e97f0b9e841d8950699a84 146822 libkadm55_1.6.dfsg.4~beta1-5lenny6_sparc.deb ef2b7e84416939b41416eec4b553fb19bcaa6065e7eb974a586110e04184b289 436990 libkrb53_1.6.dfsg.4~beta1-5lenny6_sparc.deb 689956d6cd58e89f1c8bf3344de9c05de664001ec531d8eb8c1dca999ddabf8b 137240 krb5-user_1.6.dfsg.4~beta1-5lenny6_sparc.deb 6c03ab52bf915dfb0a6cdb3d2fab04cdf591546f0259154f4a40ac8e1a6fabcb 220016 krb5-clients_1.6.dfsg.4~beta1-5lenny6_sparc.deb de8ed3f9da6377d77f27da3a3ffcb3968be69d36cc731f6f73257189f400c2e8 87600 krb5-rsh-server_1.6.dfsg.4~beta1-5lenny6_sparc.deb 776c98302e2e8b12007c3e97282a9e4a21b94175d827dbd888819df2bf30f071 66216 krb5-ftpd_1.6.dfsg.4~beta1-5lenny6_sparc.deb efd4ae2c0e3bd442f018f32a4bbde80f16b3db125bf352148849227dddc5b09f 72612 krb5-telnetd_1.6.dfsg.4~beta1-5lenny6_sparc.deb 9bce63c82073af4b5a37d457127b3a3eb7123d0a935678568770c54782ab82ab 183538 krb5-kdc_1.6.dfsg.4~beta1-5lenny6_sparc.deb bc47bae1c28b0a9bae4376a9937567c0b147d0ef35adb31b427c538d079cb53f 101072 krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny6_sparc.deb 2aacfa9ea24aedce5686ba82e91a4a8f6a77bbcd3b6271d1476d5bd86f829803 88034 krb5-admin-server_1.6.dfsg.4~beta1-5lenny6_sparc.deb cf667e2ad19a031d0feaf28b0f44505023aaed1d8537fa1a674654656610cc03 92996 libkrb5-dev_1.6.dfsg.4~beta1-5lenny6_sparc.deb d5d55af62baa97499c4d5e6f445eba9944bc52a1e6b2d694fa832299a787bb6c 1214700 libkrb5-dbg_1.6.dfsg.4~beta1-5lenny6_sparc.deb 06c53bff23ff9830f282646f924e1c3bade85a7f48d39bb4ea7f264db8c17256 61780 krb5-pkinit_1.6.dfsg.4~beta1-5lenny6_sparc.deb Files: 55bc1e7be9a2dbb6336e904e315341e9 146822 libs optional libkadm55_1.6.dfsg.4~beta1-5lenny6_sparc.deb 990bc80762c2c908888285074673f2bb 436990 libs standard libkrb53_1.6.dfsg.4~beta1-5lenny6_sparc.deb c525df67d696cfa9ed9fdd65d678ddd1 137240 net optional krb5-user_1.6.dfsg.4~beta1-5lenny6_sparc.deb 11001e455ebcd15e88820eb823dbd97e 220016 net optional krb5-clients_1.6.dfsg.4~beta1-5lenny6_sparc.deb ee31e88c944732653ace1ebd1a612c6d 87600 net optional krb5-rsh-server_1.6.dfsg.4~beta1-5lenny6_sparc.deb b597c60860b8070441b40af56dd1fab2 66216 net extra krb5-ftpd_1.6.dfsg.4~beta1-5lenny6_sparc.deb bd30e5706d49ddd17a31d1020c4c2345 72612 net extra krb5-telnetd_1.6.dfsg.4~beta1-5lenny6_sparc.deb 3338dc4739416094561617122231b593 183538 net optional krb5-kdc_1.6.dfsg.4~beta1-5lenny6_sparc.deb b8aeb91d3240e39b062be867531fc8c9 101072 net extra krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny6_sparc.deb 99403128da49c49bcaf0bcbd15145f52 88034 net optional krb5-admin-server_1.6.dfsg.4~beta1-5lenny6_sparc.deb 83bb54ee1df3517aa48590d71f62b1c4 92996 libdevel extra libkrb5-dev_1.6.dfsg.4~beta1-5lenny6_sparc.deb 278fc0a0289169673dc6e826bde00690 1214700 libdevel extra libkrb5-dbg_1.6.dfsg.4~beta1-5lenny6_sparc.deb 85b4c6024d686a31469e40de59798508 61780 net extra krb5-pkinit_1.6.dfsg.4~beta1-5lenny6_sparc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEUEARECAAYFAkzq4LAACgkQeGfVPHR5Nd1BbACfYmcYYZ0MuWxyuKQDLMqf6sJc V3wAmJOue8fNWoV70JprJl521m6JMVs= =06fy -----END PGP SIGNATURE-----