Your message dated Tue, 27 Dec 2011 13:03:28 +0000
with message-id <[email protected]>
and subject line Bug#651226: fixed in krb5 1.10+dfsg~alpha2-1
has caused the Debian Bug report #651226,
regarding MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling
[CVE-2011-1530]
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
651226: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651226
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
package: krb5-kdc
severity: important
version: 1.9.1+dfsg-1
tags: security
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MITKRB5-SA-2011-007
MIT krb5 Security Advisory 2011-007
Original release: 2011-12-06
Last update: 2011-12-06
Topic: KDC null pointer dereference in TGS handling
CVE-2011-1530
KDC null pointer dereference in TGS handling
CVSSv2 Vector: AV:N/AC:L/Au:S/C:N/I:C/A:C/E:H/RL:OF/RC:C
CVSSv2 Base Score: 6.8
Access Vector: Network
Access Complexity: Low
Authentication: Single
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: Complete
CVSSv2 Temporal Score: 5.9
Exploitability: High
Remediation Level: Official Fix
Report Confidence: Confirmed
SUMMARY
=======
In releases krb5-1.9 and later, the KDC can crash due to a null
pointer dereference in code that handles TGS (Ticket Granting Service)
requests. The trigger condition is trivial to produce using
unmodified client software, but requires the ability to authenticate
as a principal in the KDC's realm.
IMPACT
======
An authenticated remote attacker can crash a KDC via null pointer
dereference.
AFFECTED SOFTWARE
=================
* The KDC in krb5-1.9 and later is vulnerable. Earlier releases
predate the internal interface changes that led to this
vulnerability.
FIXES
=====
* Workaround: restart the KDC when it crashes, possibly using an
automated monitoring process.
* Apply the patch:
diff --git a/src/kdc/Makefile.in b/src/kdc/Makefile.in
index f46cad3..102fbaa 100644
- --- a/src/kdc/Makefile.in
+++ b/src/kdc/Makefile.in
@@ -67,6 +67,7 @@ check-unix:: rtest
check-pytests::
$(RUNPYTEST) $(srcdir)/t_workers.py $(PYTESTFLAGS)
+ $(RUNPYTEST) $(srcdir)/t_emptytgt.py $(PYTESTFLAGS)
install::
$(INSTALL_PROGRAM) krb5kdc ${DESTDIR}$(SERVER_BINDIR)/krb5kdc
diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
index c169c54..840a2ef 100644
- --- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
@@ -243,7 +243,8 @@ tgt_again:
if (!tgs_1 || !data_eq(*server_1, *tgs_1)) {
errcode = find_alternate_tgs(request, &server);
firstpass = 0;
- - goto tgt_again;
+ if (errcode == 0)
+ goto tgt_again;
}
}
status = "UNKNOWN_SERVER";
diff --git a/src/kdc/t_emptytgt.py b/src/kdc/t_emptytgt.py
new file mode 100644
index 0000000..1760bcd
- --- /dev/null
+++ b/src/kdc/t_emptytgt.py
@@ -0,0 +1,8 @@
+#!/usr/bin/python
+from k5test import *
+
+realm = K5Realm(start_kadmind=False, create_host=False)
+output = realm.run_as_client([kvno, 'krbtgt/'], expected_code=1)
+if 'not found in Kerberos database' not in output:
+ fail('TGT lookup for empty realm failed in unexpected way')
+success('Empty tgt lookup.')
This patch is also available at
http://web.mit.edu/kerberos/advisories/2011-007-patch.txt
A PGP-signed patch is available at
http://web.mit.edu/kerberos/advisories/2011-007-patch.txt.asc
REFERENCES
==========
This announcement is posted at:
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-007.txt
This announcement and related security advisories may be found on the
MIT Kerberos security advisory page at:
http://web.mit.edu/kerberos/advisories/index.html
The main MIT Kerberos web page is at:
http://web.mit.edu/kerberos/index.html
CVSSv2:
http://www.first.org/cvss/cvss-guide.html
http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2
CVE: CVE-2011-1530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1530
ACKNOWLEDGMENTS
===============
Simo Sorce discovered this vulnerability.
CONTACT
=======
The MIT Kerberos Team security contact address is
<[email protected]>. When sending sensitive information,
please PGP-encrypt it using the following key:
pub 2048R/56CD8F76 2010-12-29 [expires: 2012-02-01]
uid MIT Kerberos Team Security Contact <[email protected]>
DETAILS
=======
The process_tgs_req() function in the KDC has logic that attempts to
find an alternative service principal if the service principal in the
client's TGS-REQ is unknown. If the find_alternate_tgs() helper
function returns an error that is not KRB5_KDB_NOENTRY, it leaves the
server variable holding a null pointer. The process_tgs_req()
function improperly ignores that error, and proceeds to call functions
that dereference the null pointer.
Prior to krb5-1.9, the krb5_db_get_principal() function and related
interfaces had output parameters "more" and "nprincs". The krb5-1.9
release includes changes to these interfaces so that they no longer
have those outputs. Prior to krb5-1.9, the find_alternate_tgs()
function in the KDC had a void return type, and indicated failure by
setting its "more" and "nprincs" outputs appropriately. Its interface
changed in krb5-1.9 to instead return an error code, with
corresponding changes to process_tgs_req(); these changes to
process_tgs_req() were flawed and allow errors other than
KRB5_KDB_NOENTRY to cause a null pointer dereference.
The vulnerable code executes after the KDC authenticates the request,
so an attacker must have first obtained valid initial Kerberos
credentials for the target realm.
REVISION HISTORY
================
2011-12-06 original release
Copyright (C) 2011 Massachusetts Institute of Technology
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (SunOS)
iQCVAgUBTt5mYabDgE/zdoE9AQIuKAQA0K1YUeTKjEIVjEIufpTanNoipQiWRNCE
alUjkcxQeD3yFK8LU6yKcs0CdTI60FDst3788tUtoGDdwpnbc90Rv8EID00VtgEc
0rI4Nfe32MxP/UlNNVRinWkwtDLWeh1gKQOPXAjeapKQcWAFB3tM/haRnDgCu49I
snM0jQSBFgA=
=FK9G
-----END PGP SIGNATURE-----
_______________________________________________
kerberos-announce mailing list
[email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos-announce
--- End Message ---
--- End Message ---
--- Begin Message ---
Source: krb5
Source-Version: 1.10+dfsg~alpha2-1
We believe that the bug you reported is fixed in the latest version of
krb5, which is due to be installed in the Debian FTP archive:
krb5-admin-server_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/krb5-admin-server_1.10+dfsg~alpha2-1_amd64.deb
krb5-doc_1.10+dfsg~alpha2-1_all.deb
to main/k/krb5/krb5-doc_1.10+dfsg~alpha2-1_all.deb
krb5-gss-samples_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/krb5-gss-samples_1.10+dfsg~alpha2-1_amd64.deb
krb5-kdc-ldap_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/krb5-kdc-ldap_1.10+dfsg~alpha2-1_amd64.deb
krb5-kdc_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/krb5-kdc_1.10+dfsg~alpha2-1_amd64.deb
krb5-locales_1.10+dfsg~alpha2-1_all.deb
to main/k/krb5/krb5-locales_1.10+dfsg~alpha2-1_all.deb
krb5-multidev_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/krb5-multidev_1.10+dfsg~alpha2-1_amd64.deb
krb5-pkinit_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/krb5-pkinit_1.10+dfsg~alpha2-1_amd64.deb
krb5-user_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/krb5-user_1.10+dfsg~alpha2-1_amd64.deb
krb5_1.10+dfsg~alpha2-1.debian.tar.gz
to main/k/krb5/krb5_1.10+dfsg~alpha2-1.debian.tar.gz
krb5_1.10+dfsg~alpha2-1.dsc
to main/k/krb5/krb5_1.10+dfsg~alpha2-1.dsc
krb5_1.10+dfsg~alpha2.orig.tar.gz
to main/k/krb5/krb5_1.10+dfsg~alpha2.orig.tar.gz
libgssapi-krb5-2_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libgssapi-krb5-2_1.10+dfsg~alpha2-1_amd64.deb
libgssrpc4_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libgssrpc4_1.10+dfsg~alpha2-1_amd64.deb
libk5crypto3_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libk5crypto3_1.10+dfsg~alpha2-1_amd64.deb
libkadm5clnt-mit8_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libkadm5clnt-mit8_1.10+dfsg~alpha2-1_amd64.deb
libkadm5srv-mit8_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libkadm5srv-mit8_1.10+dfsg~alpha2-1_amd64.deb
libkdb5-6_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libkdb5-6_1.10+dfsg~alpha2-1_amd64.deb
libkrb5-3_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libkrb5-3_1.10+dfsg~alpha2-1_amd64.deb
libkrb5-dbg_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libkrb5-dbg_1.10+dfsg~alpha2-1_amd64.deb
libkrb5-dev_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libkrb5-dev_1.10+dfsg~alpha2-1_amd64.deb
libkrb5support0_1.10+dfsg~alpha2-1_amd64.deb
to main/k/krb5/libkrb5support0_1.10+dfsg~alpha2-1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sam Hartman <[email protected]> (supplier of updated krb5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 27 Dec 2011 06:02:35 -0500
Source: krb5
Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev
libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2
libgssrpc4 libkadm5srv-mit8 libkadm5clnt-mit8 libk5crypto3 libkdb5-6
libkrb5support0 krb5-gss-samples krb5-locales
Architecture: source all amd64
Version: 1.10+dfsg~alpha2-1
Distribution: unstable
Urgency: high
Maintainer: Sam Hartman <[email protected]>
Changed-By: Sam Hartman <[email protected]>
Description:
krb5-admin-server - MIT Kerberos master server (kadmind)
krb5-doc - Documentation for MIT Kerberos
krb5-gss-samples - MIT Kerberos GSS Sample applications
krb5-kdc - MIT Kerberos key server (KDC)
krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
krb5-locales - Internationalization support for MIT Kerberos
krb5-multidev - Development files for MIT Kerberos without Heimdal conflict
krb5-pkinit - PKINIT plugin for MIT Kerberos
krb5-user - Basic programs to authenticate using MIT Kerberos
libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
libkadm5clnt-mit8 - MIT Kerberos runtime libraries - Administration Clients
libkadm5srv-mit8 - MIT Kerberos runtime libraries - KDC and Admin Server
libkdb5-6 - MIT Kerberos runtime libraries - Kerberos database
libkrb5-3 - MIT Kerberos runtime libraries
libkrb5-dbg - Debugging files for MIT Kerberos
libkrb5-dev - Headers and development libraries for MIT Kerberos
libkrb5support0 - MIT Kerberos runtime libraries - Support library
Closes: 651226
Changes:
krb5 (1.10+dfsg~alpha2-1) unstable; urgency=low
.
* New upstream Version
.
krb5 (1.10+dfsg~alpha1-7) unstable; urgency=high
.
* Merge in github/krb5-1-10 branch up through 12/16/2010: many new
upstream changes
* Includes fix for MITKRB5-SA-2011-007 KDC null pointer
dereference in TGS handling [CVE-2011-1530]
, Closes: #651226
Checksums-Sha1:
27351e81a3f9e029d9610d93bfae58042efdf6b2 2322 krb5_1.10+dfsg~alpha2-1.dsc
f3e432f182960a65547b4ccd4abc217617e26706 10634226
krb5_1.10+dfsg~alpha2.orig.tar.gz
63dc7f6fbfb713ef0f0434fee02de03c1324ceea 116975
krb5_1.10+dfsg~alpha2-1.debian.tar.gz
47693744272eecc0d250260fadf76d6787efb7e9 2662688
krb5-doc_1.10+dfsg~alpha2-1_all.deb
82c60cbf46de5a180a39f21ebb6371284e206be6 1497248
krb5-locales_1.10+dfsg~alpha2-1_all.deb
f0de0e23f1e76c8de60630b15950abeea77d6142 151914
krb5-user_1.10+dfsg~alpha2-1_amd64.deb
56e835e4863bac887c6c975a2a740f23a6110b5b 223436
krb5-kdc_1.10+dfsg~alpha2-1_amd64.deb
57854999123d08cfd303e78b2a08cd44024a2e85 119310
krb5-kdc-ldap_1.10+dfsg~alpha2-1_amd64.deb
56916c3f117ee318d9e5c6d233de1118bdcf40a5 120246
krb5-admin-server_1.10+dfsg~alpha2-1_amd64.deb
7322d9586d3dade8434b15dafafa911e7ff0aa7e 152602
krb5-multidev_1.10+dfsg~alpha2-1_amd64.deb
cb61d79afbb3b2110c9ca444d5a23d4f8dc91d46 39034
libkrb5-dev_1.10+dfsg~alpha2-1_amd64.deb
dc197c2f8f8420f7861cfa9981f5fb0dccf753bc 1651588
libkrb5-dbg_1.10+dfsg~alpha2-1_amd64.deb
3fe1834489d3fe3b31bff333759565eb1cfb3cfe 81364
krb5-pkinit_1.10+dfsg~alpha2-1_amd64.deb
52ecf2042f1c5110fb1415f902b9da4b6950c1da 388410
libkrb5-3_1.10+dfsg~alpha2-1_amd64.deb
52ecb1a42b223088b5c6feec4ad34e306f11c354 146840
libgssapi-krb5-2_1.10+dfsg~alpha2-1_amd64.deb
71a1482f4e8fcd8018d191b0bbe4137bb351f3c4 86562
libgssrpc4_1.10+dfsg~alpha2-1_amd64.deb
fc041f9fa165e4dd1a9b1a20eedb2877ec6838d3 83284
libkadm5srv-mit8_1.10+dfsg~alpha2-1_amd64.deb
5b1e2fd34dcab769d9757cf6b46cdd0116eb4959 66468
libkadm5clnt-mit8_1.10+dfsg~alpha2-1_amd64.deb
6fa39a7e2ce56e3352b34ef13226759073a9fc55 108262
libk5crypto3_1.10+dfsg~alpha2-1_amd64.deb
5abfcf85b9190b0fcf758fb65e8b0d172f5c6db0 65260
libkdb5-6_1.10+dfsg~alpha2-1_amd64.deb
433ae37b798de0ff7cdf5e1031bd9bd7d4edf34e 48466
libkrb5support0_1.10+dfsg~alpha2-1_amd64.deb
b328d35dc6633700db2366cac58951ad5eb67429 50758
krb5-gss-samples_1.10+dfsg~alpha2-1_amd64.deb
Checksums-Sha256:
1b7180bcd91ba5b461fd069fe5187fd3979cf223ae981242941da7f0e10be43b 2322
krb5_1.10+dfsg~alpha2-1.dsc
06d581c99a667bbb074ef74976421eaf297a41a28292aebe2bfaac78f40de8dd 10634226
krb5_1.10+dfsg~alpha2.orig.tar.gz
abb60fa5acca2b54165ae5cff56ffbded3f789265aab0a76275e5698ec0c6a95 116975
krb5_1.10+dfsg~alpha2-1.debian.tar.gz
610949c5a9b4d70a2a6993478f0350bbe6ad117bef9c3bc9f1089fdb29151de4 2662688
krb5-doc_1.10+dfsg~alpha2-1_all.deb
56266c6119699185eb695e6b9e3d33d8ea32d459bb9696d2b7580001e8372661 1497248
krb5-locales_1.10+dfsg~alpha2-1_all.deb
0e3594d9a6c4fe30495ed8ccdac8f7024cc76a020f6e35c840c0c809ad994ce2 151914
krb5-user_1.10+dfsg~alpha2-1_amd64.deb
4bda5a227aa2d5d8fe92c1db637e40d50e0a37772e5ef6a935649c715f787793 223436
krb5-kdc_1.10+dfsg~alpha2-1_amd64.deb
cc887f08c76598a0d3207b572e24ba1248e1f8489fedc89f922a0a19fa0a7b3c 119310
krb5-kdc-ldap_1.10+dfsg~alpha2-1_amd64.deb
4d9860223d4b7e954d6c0dc8106531cbfe2187d06f5128f620747101aa1deaac 120246
krb5-admin-server_1.10+dfsg~alpha2-1_amd64.deb
a280e03afa76dc2e59ded7a4ce6672061b9575804b1e1a3709d3271418a39e70 152602
krb5-multidev_1.10+dfsg~alpha2-1_amd64.deb
491cff4c07e6c15cad53a52fc3af41c42895ee9239f15fc083f84bee300a022e 39034
libkrb5-dev_1.10+dfsg~alpha2-1_amd64.deb
ef570b7e09532969fa2ccd664f23e7b1310b1bd80918208c8e28563ceee1517f 1651588
libkrb5-dbg_1.10+dfsg~alpha2-1_amd64.deb
08256ad1a0b8e19099d98f0fa1f102f7c2898a1d217129b2bf23050b3fce91cf 81364
krb5-pkinit_1.10+dfsg~alpha2-1_amd64.deb
1eb9c14ca0996ea4852ca80027e2418becc6443eb6cf55eb760eae577213cf1f 388410
libkrb5-3_1.10+dfsg~alpha2-1_amd64.deb
39e545812e4d42a3ab9c12e6f1f8c10beb36b5be16405a2dd055db47b9fe1751 146840
libgssapi-krb5-2_1.10+dfsg~alpha2-1_amd64.deb
9890525bd7f9de39074fdb62dff33046a458dd6a71c4d2779e3e63dc8fc04d00 86562
libgssrpc4_1.10+dfsg~alpha2-1_amd64.deb
1416ba44b886d479edd813689f45c0edd295a36eb969ceff4e4cfb6757873a2b 83284
libkadm5srv-mit8_1.10+dfsg~alpha2-1_amd64.deb
f865b160bf8c0727389c10af3e8d8999cbb01b401bc9d7a28f9de479d776982c 66468
libkadm5clnt-mit8_1.10+dfsg~alpha2-1_amd64.deb
aac820f7186615d75df82e83618dfb6a23e3f8055459e0e8dc116de1152eace9 108262
libk5crypto3_1.10+dfsg~alpha2-1_amd64.deb
a9c6d80820a1ce009f0332b3c89a2e491a123de6b4978838f79603f489764700 65260
libkdb5-6_1.10+dfsg~alpha2-1_amd64.deb
bab8cb08a245a749677297b3602aec1a2c883a19d37ca9c36c1026d428095cff 48466
libkrb5support0_1.10+dfsg~alpha2-1_amd64.deb
ddd4bfa7eddc07cd939eb91ca8092ca76a9bf7ff4259ca9621d94f5c668106d3 50758
krb5-gss-samples_1.10+dfsg~alpha2-1_amd64.deb
Files:
b746a04340ad753b503c01f0df2b27e5 2322 net standard krb5_1.10+dfsg~alpha2-1.dsc
ce4815ec64d60e949b88f11da7751bd3 10634226 net standard
krb5_1.10+dfsg~alpha2.orig.tar.gz
a7c5c683120060eb28833d3f971adefa 116975 net standard
krb5_1.10+dfsg~alpha2-1.debian.tar.gz
5f726a61884b641df50c21dec212daad 2662688 doc optional
krb5-doc_1.10+dfsg~alpha2-1_all.deb
35817aedbf0dead77ae328ae46eba28f 1497248 localization standard
krb5-locales_1.10+dfsg~alpha2-1_all.deb
4f9d25ebd8a44639b750bc5e5a925f76 151914 net optional
krb5-user_1.10+dfsg~alpha2-1_amd64.deb
66504ee0bb7497824eafed40053447be 223436 net optional
krb5-kdc_1.10+dfsg~alpha2-1_amd64.deb
f23a97b46b6f1b1c3113207c502fc738 119310 net extra
krb5-kdc-ldap_1.10+dfsg~alpha2-1_amd64.deb
b66463707e52305adb6e776688bcc733 120246 net optional
krb5-admin-server_1.10+dfsg~alpha2-1_amd64.deb
ef36f7b0a0edcc6d8b898735b412b292 152602 libdevel optional
krb5-multidev_1.10+dfsg~alpha2-1_amd64.deb
014ed9c3e1fbfda87521b854b313a3f6 39034 libdevel extra
libkrb5-dev_1.10+dfsg~alpha2-1_amd64.deb
c61b82248544f5da8aeb5ab2839212d5 1651588 debug extra
libkrb5-dbg_1.10+dfsg~alpha2-1_amd64.deb
720c8b158201e6ca4e19ae3ebbde4e2d 81364 net extra
krb5-pkinit_1.10+dfsg~alpha2-1_amd64.deb
5b6c86a30ff5be25407153ae2380f9c9 388410 libs standard
libkrb5-3_1.10+dfsg~alpha2-1_amd64.deb
29d67d4e69dfcd3acf5b7adecbdb153a 146840 libs standard
libgssapi-krb5-2_1.10+dfsg~alpha2-1_amd64.deb
57edd0373bdc059b9619797de4b90959 86562 libs standard
libgssrpc4_1.10+dfsg~alpha2-1_amd64.deb
006aee1824b392be91446b1af88cd9b3 83284 libs standard
libkadm5srv-mit8_1.10+dfsg~alpha2-1_amd64.deb
211ff9f5d76098797a5d6092f97d5e19 66468 libs standard
libkadm5clnt-mit8_1.10+dfsg~alpha2-1_amd64.deb
f779601d70aaf1731030bcd64a1b2d5e 108262 libs standard
libk5crypto3_1.10+dfsg~alpha2-1_amd64.deb
3a43b01f2b785d3412b2ecf8d408e1c1 65260 libs standard
libkdb5-6_1.10+dfsg~alpha2-1_amd64.deb
946a53d4867fbc5cba8e675c3e02f12d 48466 libs standard
libkrb5support0_1.10+dfsg~alpha2-1_amd64.deb
07f2917fade42cc741996f228027f859 50758 net extra
krb5-gss-samples_1.10+dfsg~alpha2-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk75v2AACgkQ/I12czyGJg94XQCgxc3CIkYt0yub1O+ZOVEG/npl
kYIAmwSjZgqdVqO1HPXX3udmqbfkvUlr
=GOfl
-----END PGP SIGNATURE-----
--- End Message ---
