-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 20 Nov 2010 15:28:58 -0500 Source: krb5 Binary: libkadm55 libkrb53 krb5-user krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd krb5-kdc krb5-kdc-ldap krb5-admin-server libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc Architecture: hppa Version: 1.6.dfsg.4~beta1-5lenny6 Distribution: stable-security Urgency: emergency Maintainer: hppa Build Daemon (peri) Changed-By: Sam Hartman Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos krb5-doc - Documentation for MIT Kerberos krb5-ftpd - Secure FTP server supporting MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos krb5-telnetd - Secure telnet server supporting MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libkadm55 - MIT Kerberos administration runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb53 - MIT Kerberos runtime libraries Changes: krb5 (1.6.dfsg.4~beta1-5lenny6) stable-security; urgency=emergency . * MITKRB5-SA-2010-007 * CVE-2010-1323: attackers have a 1/256 chance of being able to produce krb_safe messages that appear to be from legitimate remote sources. Other than use in KDC database copies this may not be a huge issue only because no one actually uses krb_safe messages. Similarly, an attacker can force clients to display challenge/response values of the attacker's choice. Checksums-Sha1: e3dc7d4568ec5c40d70c9b60230800ce95d22e4d 171358 libkadm55_1.6.dfsg.4~beta1-5lenny6_hppa.deb 65cc6d7f5e37b2e17c9426d0accba4c43e22a43f 512884 libkrb53_1.6.dfsg.4~beta1-5lenny6_hppa.deb 28ed5d49abe2f83f5fdf7110e8b7c2d8d3de3dca 144494 krb5-user_1.6.dfsg.4~beta1-5lenny6_hppa.deb 7679357c8791ff168a8e5c45c82781825c0c1281 235290 krb5-clients_1.6.dfsg.4~beta1-5lenny6_hppa.deb 33d8aeac4a02467109f3ae16e1645e3e3a325dc0 93510 krb5-rsh-server_1.6.dfsg.4~beta1-5lenny6_hppa.deb 4318983c7969d2c71474cb1bc623f432d444c9db 70196 krb5-ftpd_1.6.dfsg.4~beta1-5lenny6_hppa.deb 143058b971bfcc212979921555fe84b746350f90 76872 krb5-telnetd_1.6.dfsg.4~beta1-5lenny6_hppa.deb b327f09e60f4c884ed85741e9d9ec9fa06bb5bca 201238 krb5-kdc_1.6.dfsg.4~beta1-5lenny6_hppa.deb 5de050e878448e361e7d95d519a7a167576ce6e9 110468 krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny6_hppa.deb e7cb84e9ece09a7c56dfa6d67e25ee5936b33634 94348 krb5-admin-server_1.6.dfsg.4~beta1-5lenny6_hppa.deb f14c32637704ba0cd341c1cfad4a8a47eb794b88 93560 libkrb5-dev_1.6.dfsg.4~beta1-5lenny6_hppa.deb b7d5f3dde3088a0e2182704cf3a41744fad6c834 1305576 libkrb5-dbg_1.6.dfsg.4~beta1-5lenny6_hppa.deb 1da13f1ad7574e42129f3dd366b14cff470ce50b 69960 krb5-pkinit_1.6.dfsg.4~beta1-5lenny6_hppa.deb Checksums-Sha256: cc79726f09a8add928fd6892234e21cef4c69745572313c2e9552770aa137c64 171358 libkadm55_1.6.dfsg.4~beta1-5lenny6_hppa.deb 492006d84aca63112eb97eeb92cf82436e7bef2ba62e4a4cbc60149a259739d2 512884 libkrb53_1.6.dfsg.4~beta1-5lenny6_hppa.deb e465517ff7c2363b244ed331d90ca9e5b73214ebc4de56bd768f6b12c92290fe 144494 krb5-user_1.6.dfsg.4~beta1-5lenny6_hppa.deb 3226f8833903bde7160b3bbef66a8b5e38269d91585be7b1bfa044c35ab0d878 235290 krb5-clients_1.6.dfsg.4~beta1-5lenny6_hppa.deb 273cadc1bf261eb98c2a9edd139c0c00bde217d2a9faf86682aecc70b47cd37a 93510 krb5-rsh-server_1.6.dfsg.4~beta1-5lenny6_hppa.deb 0196172d4bb604ce207f2faad45d09680449c3c714c3f66f129f872d6ec59154 70196 krb5-ftpd_1.6.dfsg.4~beta1-5lenny6_hppa.deb 8142692e85e4e7b25979b6a04921371a2dfdc4693a6a9cc8651f7c8130059a23 76872 krb5-telnetd_1.6.dfsg.4~beta1-5lenny6_hppa.deb ef3e65ad3ef8f4f385a239e1bad8019b30fa4b8f1ae8b032267981fb49398f45 201238 krb5-kdc_1.6.dfsg.4~beta1-5lenny6_hppa.deb 583369d0cea6df61016b2804c2708a88588d7f5de004e66fa3eb7c3b69c43e5a 110468 krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny6_hppa.deb 9a4758df87c44dfa8e5d916150cce7aab592afe35fe12868dc04cc26800d9ac0 94348 krb5-admin-server_1.6.dfsg.4~beta1-5lenny6_hppa.deb 0e23fbbc8aab26ca3f173eac8297ebca6e02b34c9df56bd0a064894d821e926e 93560 libkrb5-dev_1.6.dfsg.4~beta1-5lenny6_hppa.deb 9ee5baae837b20a6a8df11771a4ef156da66978c4de32cf7b06349d2d199acaf 1305576 libkrb5-dbg_1.6.dfsg.4~beta1-5lenny6_hppa.deb a8087a484815ffb384f12388f27c2a9d3aedcee67375a31562a4fc75b3cd7291 69960 krb5-pkinit_1.6.dfsg.4~beta1-5lenny6_hppa.deb Files: b219ced3d5b3093cea8bcfcfeec982ab 171358 libs optional libkadm55_1.6.dfsg.4~beta1-5lenny6_hppa.deb 76b77e34462f0ac80516cf80064a5c99 512884 libs standard libkrb53_1.6.dfsg.4~beta1-5lenny6_hppa.deb 4a0b394104d101ca4640f4f910829f3d 144494 net optional krb5-user_1.6.dfsg.4~beta1-5lenny6_hppa.deb dc3a451b8c33997004d9878ca5eb878a 235290 net optional krb5-clients_1.6.dfsg.4~beta1-5lenny6_hppa.deb e2323d9162190b5cc9482782572d4c7d 93510 net optional krb5-rsh-server_1.6.dfsg.4~beta1-5lenny6_hppa.deb a2f724fa7c6cee9824b216d94a4a0158 70196 net extra krb5-ftpd_1.6.dfsg.4~beta1-5lenny6_hppa.deb 6ed4eb3394e97a10a8e6098e273dac7d 76872 net extra krb5-telnetd_1.6.dfsg.4~beta1-5lenny6_hppa.deb d6f1eef60cc536f870665c6ea2af7f91 201238 net optional krb5-kdc_1.6.dfsg.4~beta1-5lenny6_hppa.deb 2cf1197c2252d6cac76273ee3df0b01e 110468 net extra krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny6_hppa.deb 4e0c05364b133142c22dc0b447dd61cd 94348 net optional krb5-admin-server_1.6.dfsg.4~beta1-5lenny6_hppa.deb 95069b1916abf512f15826c503ce6612 93560 libdevel extra libkrb5-dev_1.6.dfsg.4~beta1-5lenny6_hppa.deb dc9f1028401bd83781db6e6c31eaa6f6 1305576 libdevel extra libkrb5-dbg_1.6.dfsg.4~beta1-5lenny6_hppa.deb 9cb3f9a0ebf87403a85fd06b605829cc 69960 net extra krb5-pkinit_1.6.dfsg.4~beta1-5lenny6_hppa.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFM7DLQbxelr8HyTqQRAoNAAKDA+vlrj7jjBFsgNBXTqpIfkWaAggCg1REY UDtIvEr8ivjAOHs+c63MoSk= =0bIu -----END PGP SIGNATURE-----