Public bug reported: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
affects ubuntu/krb5 status confirmed importance wishlist subscribe ubuntu-archive done Please sync krb5 1.8.1+dfsg-2 (main) from Debian unstable (main) Explanation of the Ubuntu delta and why it can be dropped: krb5 has some ABI issues in 1.8, and are fixed in 1.8.1. We should use 1.8.1 for Lucid. Since upstream krb5 tends to be very stable, I think this is worth the risk of regression. Changelog entries since current lucid version 1.8+dfsg~alpha1-7ubuntu1: krb5 (1.8.1+dfsg-2) unstable; urgency=high * Fix crash in renewal and validation, Thanks Joel Johnson for such a prompt bug report, Closes: #577490 -- Sam Hartman <hartm...@debian.org> Mon, 12 Apr 2010 13:08:35 -0400 krb5 (1.8.1+dfsg-1) unstable; urgency=high * New upstream release * Fixes significant ABI incompatibility between Heimdal and MIT in the init_creds_step API; backward incompatible change in the meaning of the flags API. Since this was introduced in 1.8 and since no better solution was found, it's felt that getting 1.8.1 out everywhere that had 1.8 very promptly is the right approach. Otherwise software build against 1.8 will be broken in the future. * Testing of Kerberos 1.8 showed an incompatibility between Heimdal/MIT Kerberos and Microsoft Kerberos; resolve this incompatibility. As a result, mixing KDCs between 1.8 and 1.8.1 in the same realm may produce undesirable results for constrained delegation. Again, another reason to replace 1.8 with 1.8.1 as soon as possible. * Acknowledge security team upload, thanks for picking up the slack and sorry it was necessary -- Sam Hartman <hartm...@debian.org> Sun, 11 Apr 2010 10:12:59 -0400 krb5 (1.8+dfsg-1.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2010-0628: denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token. (Closes: 575740) * Makes src/slave/kpropd.c ISO C90 compliant (Closes: #574703) -- Giuseppe Iuculano <iucul...@debian.org> Fri, 09 Apr 2010 19:11:50 +0200 krb5 (1.8+dfsg-1) unstable; urgency=low * New upstream version * Include new upstream notice file in docs * Update symbols files * Include upstream ticket 6676: fix handling of cross-realm tickets issued by W2K8R2 * Add ipv6 support to kprop, Michael Stapelberg, Closes: #549476 * New Brazilian Portuguese translations, Thanks Eder L. Marques, Closes: #574149 -- Sam Hartman <hartm...@debian.org> Wed, 17 Mar 2010 15:51:54 -0400 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Kees Cook <k...@outflux.net> iEYEARECAAYFAkvE9U8ACgkQH/9LqRcGPm1gggCeJOzyEaInHrty4J749iFQNVzi daEAnAu1Y5V9xz5gEs3ToR02yzCmm5Jd =i9Xn -----END PGP SIGNATURE----- ** Affects: krb5 (Ubuntu) Importance: Wishlist Status: Confirmed -- Sync krb5 1.8.1+dfsg-2 (main) from Debian unstable (main) https://bugs.launchpad.net/bugs/562635 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs