-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 05 Jul 2011 12:01:35 -0400 Source: krb5-appl Binary: krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd Architecture: i386 Version: 1:1.0.1-1.1 Distribution: squeeze-security Urgency: high Maintainer: i386 Build Daemon (murphy) Changed-By: Sam Hartman Description: krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos krb5-ftpd - Secure FTP server supporting MIT Kerberos krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos krb5-telnetd - Secure telnet server supporting MIT Kerberos Changes: krb5-appl (1:1.0.1-1.1) stable-security; urgency=high . * cve-2011-1526, mit-sa-2011-005: Krb5 ftpd fails to set correct group permissions. The ftp daemon always runs with the group permissions of the user it is started as, probably the root group. Checksums-Sha1: 8bdd151d73a767fa00d5a1d5e7aeeada051b74c1 152898 krb5-clients_1.0.1-1.1_i386.deb a4632c784c9c44434ea14ed394137c4a38e26f32 56854 krb5-rsh-server_1.0.1-1.1_i386.deb b45dd372ed3b9e82f29d2a0824b85c9f8d52d5e8 41996 krb5-ftpd_1.0.1-1.1_i386.deb 623738df9566506eb2160155e1b0765ab9ae3968 46640 krb5-telnetd_1.0.1-1.1_i386.deb Checksums-Sha256: 97e2eec044f244543e42fd05aadf8bd309b0ebbf7afa2be93485f41fc047ed19 152898 krb5-clients_1.0.1-1.1_i386.deb 2e10fec86871beb7691ca0c1585455b7f094532d189152211babe5b8846c054e 56854 krb5-rsh-server_1.0.1-1.1_i386.deb 13395a94d51722d4e60a4b9c224005f2c6220fa8a6d9c2fd5df047330f1787fb 41996 krb5-ftpd_1.0.1-1.1_i386.deb 4b16fd8842807e57d689e335353f0de82154d5fe7f24527aa9852408174af0e7 46640 krb5-telnetd_1.0.1-1.1_i386.deb Files: 14809d9920d0cff7b6fffc83b44b9a87 152898 net optional krb5-clients_1.0.1-1.1_i386.deb 4598f40a82395a8226d018c2a94cb0b3 56854 net extra krb5-rsh-server_1.0.1-1.1_i386.deb d5f6f5919868ee6f8fd674011c33b99f 41996 net extra krb5-ftpd_1.0.1-1.1_i386.deb 74f1da6b733cdf8d64cba99d8024b23f 46640 net extra krb5-telnetd_1.0.1-1.1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCAAGBQJOjKUYAAoJEMXOXcLFQs1Z9FsQALgoVBwdMEXLH8P6HsTwNG1O bv3OqTx8gmY0OSbTqkho9FnXpdMBtGrmTjxIVTsNOwjv6ud/9WoVfSHRq/GFGTjp +TkbxU6tsYVGNjaZoMB0TbcVztA55oqKp1afZ5YgXpsVf1I85qo9Swcv9nimSY1d xGoy0dCQUMa48qV9OzKep9JZZtgAXN/KAvgOuPXSiqUKRdMhlL//pgap5vCZtcVy ug+mUNcwfOgSHI70smBajiacZjsThgXnSr7qsw5quYSSE4siPdOkNjv+meHZIfnM mbeoSEJNWdr2j/uiVsx8kldZXfhyz1CGUxiYE8VxuC+A4mcleU2ePeos6kaGl1Nw ESjXpquz4FBh4b0CwdS6CkU0NKrOPJTzpZoYiJy9BbAr1YMdcCz/OQmzeiSr73p+ pkGTOtMuGr3/kOtvxxu4d9W0/XbQiKKRHP5cQhBHYcvfZkegb/c7HZ4qQxT7aTDs NRCE53O8zcEIatJiPJu0N1h/iGqrQ+1BQoQsCHfZk9ytud99EKKFtN5PiU7vc3m1 RNTeFyifxW7hGaZn/hy/mVM5COy1MtKpgnq6ylCVvmYFJvk9WNFR68aYAE6APFVD APUD430nzuS7WLQ0dq4LyJThrrmy+6Jnh0EPaQ2cD9q4qP8vOhZ5qTVSmPrh+l2d eKai5tYBfa1P3WAtrRcP =7bat -----END PGP SIGNATURE-----