Package "krb5-kdc"

Name: krb5-kdc


MIT Kerberos key server (KDC)

Latest version: 1.10+dfsg~beta1-2ubuntu0.7
Release: precise (12.04)
Level: updates
Repository: universe
Head package: krb5
Homepage: http://web.mit.edu/kerberos/


Download "krb5-kdc"

Other versions of "krb5-kdc" in Precise

Repository Area Version
base universe 1.10+dfsg~beta1-2
security universe 1.10+dfsg~beta1-2ubuntu0.7


Version: 1.10+dfsg~beta1-2ubuntu0.7 2015-11-12 20:06:28 UTC

  krb5 (1.10+dfsg~beta1-2ubuntu0.7) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via udp ping-pong
    - debian/patches/CVE-2002-2443.patch: don't respond to improper packets
      in src/kadmin/server/schpw.c.
    - CVE-2002-2443
  * SECURITY UPDATE: denial of service via incorrect null bytes
    - d/p/0030-Fix-krb5_read_message-handling-CVE-2014-5355.patch:
      properly handle null bytes in src/appl/user_user/server.c,
    - CVE-2015-5355
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
    - d/p/0035-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/0033-Fix-two-IAKERB-comments.patch: fix comments in
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/0034-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

 -- Marc Deslauriers Wed, 11 Nov 2015 09:16:52 -0500

Source diff to previous version
CVE-2002-2443 schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses,
CVE-2014-5355 MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' charac
CVE-2015-5355 Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via t
CVE-2015-2695 lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to
CVE-2015-2696 lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a
CVE-2015-2697 The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a den
CVE-2015-2698 memory corruption caused due to original patch for CVE-2015-2696

Version: 1.10+dfsg~beta1-2ubuntu0.6 2015-02-10 22:06:32 UTC

  krb5 (1.10+dfsg~beta1-2ubuntu0.6) precise-security; urgency=medium

  * SECURITY UPDATE: ticket forging via old keys
    - debian/patches/CVE-2014-5321.patch: return only new keys in
    - CVE-2014-5321
  * SECURITY UPDATE: use-after-free and double-free memory access
    - debian/patches/CVE-2014-5352.patch: properly handle context deletion
      in src/lib/gssapi/krb5/context_time.c,
    - CVE-2014-5352
  * SECURITY UPDATE: denial of service via LDAP query with no results
    - debian/patches/CVE-2014-5353.patch: properly handle policy name in
    - CVE-2014-5353
  * SECURITY UPDATE: denial of service via database entry for a keyless
    - debian/patches/CVE-2014-5354.patch: support keyless principals in
    - CVE-2014-5354
  * SECURITY UPDATE: denial of service or code execution in kadmind XDR
    data processing
    - debian/patches/CVE-2014-9421.patch: fix double free in
      src/lib/kadm5/kadm_rpc_xdr.c, src/lib/rpc/auth_gssapi_misc.c.
    - CVE-2014-9421
  * SECURITY UPDATE: impersonation attack via two-component server
    - debian/patches/CVE-2014-9422.patch: fix kadmind server validation in
    - CVE-2014-9422
  * SECURITY UPDATE: gssrpc data leakage
    - debian/patches/CVE-2014-9423.patch: fix leakage in
    - CVE-2014-9423
 -- Marc Deslauriers <email address hidden> Fri, 06 Feb 2015 15:37:18 -0500

Source diff to previous version
CVE-2014-5321 FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to s
CVE-2014-5353 The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when
CVE-2014-5354 plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote au

Version: 1.10+dfsg~beta1-2ubuntu0.5 2014-08-11 15:06:31 UTC

  krb5 (1.10+dfsg~beta1-2ubuntu0.5) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted Draft 9 request
    - debian/patches/CVE-2012-1016.patch: don't check for an agility KDF
      identifier in src/plugins/preauth/pkinit/pkinit_srv.c.
    - CVE-2012-1016
  * SECURITY UPDATE: denial of service via malformed KRB5_PADATA_PK_AS_REQ
    AS-REQ request
    - debian/patches/CVE-2013-1415.patch: don't dereference null pointer
      in src/plugins/preauth/pkinit/pkinit_crypto_openssl.c.
    - CVE-2013-1415
  * SECURITY UPDATE: denial of service via crafted TGS-REQ request
    - debian/patches/CVE-2013-1416.patch: don't pass null pointer to
      strlcpy() in src/kdc/do_tgs_req.c.
    - CVE-2013-1416
  * SECURITY UPDATE: multi-realm denial of service via crafted request
    - debian/patches/CVE-2013-1418.patch: don't dereference a null
      pointer in src/kdc/main.c.
    - CVE-2013-1418
    - CVE-2013-6800
  * SECURITY UPDATE: denial of service via invalid tokens
    - debian/patches/CVE-2014-4341-4342.patch: handle invalid tokens in
      src/lib/gssapi/krb5/k5unseal.c, src/lib/gssapi/krb5/k5unsealiov.c.
    - CVE-2014-4341
    - CVE-2014-4342
  * SECURITY UPDATE: denial of service via double-free in SPNEGO
    - debian/patches/CVE-2014-4343.patch: fix double-free in
    - CVE-2014-4343
  * SECURITY UPDATE: denial of service via null deref in SPNEGO acceptor
    - debian/patches/CVE-2014-4344.patch: validate REMAIN in
    - CVE-2014-4344
  * SECURITY UPDATE: denial of service and possible code execution in
    kadmind with LDAP backend
    - debian/patches/CVE-2014-4345.patch: fix off-by-one in
    - CVE-2014-4345
 -- Marc Deslauriers <email address hidden> Fri, 08 Aug 2014 15:02:11 -0400

Source diff to previous version
CVE-2012-1016 The pkinit_server_return_padata function in ...
CVE-2013-1415 The pkinit_check_kdc_pkid function in ...
CVE-2013-1416 The prep_reprocess_req function in do_tgs_req.c in the Key ...
CVE-2013-1418 The setup_server_realm function in main.c in the Key Distribution ...
CVE-2013-6800 An unspecified third-party database module for the Key Distribution ...
CVE-2014-4341 MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to ...
CVE-2014-4342 MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows ...
CVE-2014-4343 double-free in SPNEGO initiators
CVE-2014-4344 NULL dereference in GSSAPI servers
CVE-2014-4345 buffer overrun in kadmind

Version: 1.10+dfsg~beta1-2ubuntu0.3 2012-07-31 21:06:59 UTC

  krb5 (1.10+dfsg~beta1-2ubuntu0.3) precise-security; urgency=low

  * SECURITY UPDATE: KDC heap corruption and crash vulnerabilities
    - debian/patches/MITKRB5-SA-2012-001.patch: initialize pointers both
      at allocation and assignment time
    - CVE-2012-1015, CVE-2012-1014
  * SECURITY UPDATE: denial of service in kadmind (LP: #1009422)
    - debian/patches/krb5-CVE-2012-1013.patch: check for null password
    - CVE-2012-1013
  * SECURITY UPDATE: insufficient ACL checking on get_strings/set_string
    - debian/patches/krb5-CVE-2012-1012.patch: make the access
      controls for get_strings/set_string mirror those of
    - CVE-2012-1012
 -- Steve Beattie <email address hidden> Thu, 26 Jul 2012 14:29:35 -0700

Source diff to previous version
1009422 (CVE-2012-1013) krb5 : kadmind denial of service
CVE-2012-1015 KDC frees uninitialized pointer
CVE-2012-1014 KDC dereferences uninitialized pointer
CVE-2012-1013 The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows re
CVE-2012-1012 server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) S

Version: 1.10+dfsg~beta1-2ubuntu0.2 2012-07-26 18:06:53 UTC

  krb5 (1.10+dfsg~beta1-2ubuntu0.2) precise-proposed; urgency=low

  * Re-introduce libkrb53 as a transitional package to libkrb5-3.
    Also revert the Conflicts against libkrb53 to the old versioned
    Break/Replaces. (LP: #1007314)
 -- Stephane Graber <email address hidden> Wed, 18 Jul 2012 17:41:48 -0400

1007314 trying to upgrade from 11.10 to 12.04: The package 'postgresql-contrib-8.2' is marked for removal but it's in the removal blacklist

About   -   Send Feedback to @ubuntu_updates