← Back to branch summary

~ubuntu-branches/ubuntu/precise/krb5/precise-updates

Viewing all changes in revision 49.

  • Committer: Package Import Robot
  • Author(s): Steve Beattie
  • Date: 2012-07-26 14:29:35 UTC
  • mfrom: (48.1.2 precise-proposed)
  • Revision ID: package-import@ubuntu.com-20120726142935-33x94zevb788d40l
Tags: 1.10+dfsg~beta1-2ubuntu0.3
https://launchpad.net/bugs/1009422
* SECURITY UPDATE: KDC heap corruption and crash vulnerabilities
  - debian/patches/MITKRB5-SA-2012-001.patch: initialize pointers both
    at allocation and assignment time
  - CVE-2012-1015, CVE-2012-1014
* SECURITY UPDATE: denial of service in kadmind (LP: #1009422)
  - debian/patches/krb5-CVE-2012-1013.patch: check for null password
  - CVE-2012-1013
* SECURITY UPDATE: insufficient ACL checking on get_strings/set_string
  - debian/patches/krb5-CVE-2012-1012.patch: make the access
    controls for get_strings/set_string mirror those of
    get_principal/modify_principal
  - CVE-2012-1012

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: