-
Committer:
Bazaar Package Importer
-
Author(s):
Sam Hartman
-
Date:
2010-11-20 14:50:54 UTC
-
mfrom:
(28.1.4 sid)
-
Revision ID:
james.westby@ubuntu.com-20101120145054-ohsp2pe16itey079
Tags: 1.8.3+dfsg-3
* MITKRB5-SA-2010-007
* CVE-2010-1324: An unauthenticated attacker can inject arbitrary
content into an existing GSS connection that appears to be integrity
protected from the legitimate peer under some circumstances
* GSS applications may accept a PAC produced by an attacker as if it
were signed by a KDC
* CVE-2010-1323: attackers have a 1/256 chance of being able to
produce krb_safe messages that appear to be from legitimate remote
sources. Other than use in KDC database copies this may not be a
huge issue only because no one actually uses krb_safe
messages. Similarly, an attacker can force clients to display
challenge/response values of the attacker's choice.
* CVE-2010-4020: An attacker may be able to generate what is
accepted as a ad-signedpath or ad-kdc-issued checksum with 1/256
probability
* New Vietnamese debconf translations, Thanks Clytie Siddall,
Closes: #601533
* Update standards version to 3.9.1 (no changes required