-
Committer:
Package Import Robot
-
Author(s):
Steve Beattie
-
Date:
2012-07-26 14:29:35 UTC
-
mfrom:
(48.1.2 precise-proposed)
-
Revision ID:
package-import@ubuntu.com-20120726142935-33x94zevb788d40l
Tags: 1.10+dfsg~beta1-2ubuntu0.3
* SECURITY UPDATE: KDC heap corruption and crash vulnerabilities
- debian/patches/MITKRB5-SA-2012-001.patch: initialize pointers both
at allocation and assignment time
- CVE-2012-1015, CVE-2012-1014
* SECURITY UPDATE: denial of service in kadmind (LP: #1009422)
- debian/patches/krb5-CVE-2012-1013.patch: check for null password
- CVE-2012-1013
* SECURITY UPDATE: insufficient ACL checking on get_strings/set_string
- debian/patches/krb5-CVE-2012-1012.patch: make the access
controls for get_strings/set_string mirror those of
get_principal/modify_principal
- CVE-2012-1012