Your message dated Sun, 16 Jul 2017 18:33:57 +0000
with message-id <[email protected]>
and subject line Bug#868208: fixed in heimdal 1.6~rc2+dfsg-9+deb8u1
has caused the Debian Bug report #868208,
regarding CVE-2017-11103: MitM attack, impersonation of the Kerberos client,
know as Orpheus Lyre
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
868208: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868208
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: heimdal
Severity: grave
Tags: security patch
Version: 1.6~git20120403+dfsg1-2
Hi,
the following vulnerability was published for heimdal.
CVE-2017-11103[0]: MitM attack, impersonation of the Kerberos client, know as
Orpheus Lyre
A dedicated website is here:
https://orpheus-lyre.info/
The heimdal patch is here:
https://github.com/heimdal/heimdal/commit/6dd3eb836bbb80a00ffced4ad57077a1cdf227ea
All Debian releases are affected (from wheezy to sid).
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-11103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103
Please adjust the affected versions in the BTS as needed.
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/
--- End Message ---
--- Begin Message ---
Source: heimdal
Source-Version: 1.6~rc2+dfsg-9+deb8u1
We believe that the bug you reported is fixed in the latest version of
heimdal, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated heimdal package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 16 Jul 2017 10:01:46 +0200
Source: heimdal
Binary: heimdal-docs heimdal-kdc heimdal-multidev heimdal-dev heimdal-clients-x
heimdal-clients heimdal-kcm heimdal-servers-x heimdal-servers heimdal-dbg
libheimbase1-heimdal libasn1-8-heimdal libkrb5-26-heimdal libhdb9-heimdal
libkadm5srv8-heimdal libkadm5clnt7-heimdal libgssapi3-heimdal libkafs0-heimdal
libroken18-heimdal libotp0-heimdal libsl0-heimdal libkdc2-heimdal
libhx509-5-heimdal libheimntlm0-heimdal libwind0-heimdal libhcrypto4-heimdal
Architecture: all source
Version: 1.6~rc2+dfsg-9+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Brian May <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 868208
Description:
heimdal-clients - Heimdal Kerberos - clients
heimdal-clients-x - Heimdal Kerberos - X11 client programs
heimdal-dbg - Heimdal Kerberos - debugging symbols
heimdal-dev - Heimdal Kerberos - development files
heimdal-docs - Heimdal Kerberos - documentation
heimdal-kcm - Heimdal Kerberos - KCM daemon
heimdal-kdc - Heimdal Kerberos - key distribution center (KDC)
heimdal-multidev - Heimdal Kerberos - Multi-implementation Development
heimdal-servers - Heimdal Kerberos - server programs
heimdal-servers-x - Heimdal Kerberos - X11 server programs
libasn1-8-heimdal - Heimdal Kerberos - ASN.1 library
libgssapi3-heimdal - Heimdal Kerberos - GSSAPI support library
libhcrypto4-heimdal - Heimdal Kerberos - crypto library
libhdb9-heimdal - Heimdal Kerberos - kadmin server library
libheimbase1-heimdal - Heimdal Kerberos - Base library
libheimntlm0-heimdal - Heimdal Kerberos - NTLM support library
libhx509-5-heimdal - Heimdal Kerberos - X509 support library
libkadm5clnt7-heimdal - Heimdal Kerberos - kadmin client library
libkadm5srv8-heimdal - Libraries for Heimdal Kerberos
libkafs0-heimdal - Heimdal Kerberos - KAFS support library
libkdc2-heimdal - Heimdal Kerberos - KDC support library
libkrb5-26-heimdal - Heimdal Kerberos - libraries
libotp0-heimdal - Heimdal Kerberos - OTP support library
libroken18-heimdal - Heimdal Kerberos - roken support library
libsl0-heimdal - Heimdal Kerberos - SL support library
libwind0-heimdal - Heimdal Kerberos - stringprep implementation
Changes:
heimdal (1.6~rc2+dfsg-9+deb8u1) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
(Closes: #868208)
Checksums-Sha1:
b21ca1bfc7352a6a94f8190a3f6020d53a6b5807 3894 heimdal_1.6~rc2+dfsg-9+deb8u1.dsc
3aeb2545842b5a8ba3c3e1e87b61cdde1a26cb4c 8985939
heimdal_1.6~rc2+dfsg.orig.tar.gz
fb467a614b0d0c2b2ae0f9ff7e04ea251dfe5628 71084
heimdal_1.6~rc2+dfsg-9+deb8u1.debian.tar.xz
8b5e41078898c62ae91071ee43b47ec5efdbd374 102040
heimdal-docs_1.6~rc2+dfsg-9+deb8u1_all.deb
Checksums-Sha256:
044b1418c0d482ee4093b4c337257cb6c2b08603adfe370bbf073360fbaa2ae2 3894
heimdal_1.6~rc2+dfsg-9+deb8u1.dsc
6742e40a39aa256d518fb66fdacb992392e40562ff6ea011de4fe214862059ac 8985939
heimdal_1.6~rc2+dfsg.orig.tar.gz
faf00bc223e2d496d0f612fb658bb96da8f9f331cfa5b617e78212d5471c805c 71084
heimdal_1.6~rc2+dfsg-9+deb8u1.debian.tar.xz
6ffd9aae405e1fc1d22545d51636a844e2a3daf8ff3cb4481bef2331377c3bcb 102040
heimdal-docs_1.6~rc2+dfsg-9+deb8u1_all.deb
Files:
2989884b99aa1ad37ea4b0acfafc06b5 3894 net optional
heimdal_1.6~rc2+dfsg-9+deb8u1.dsc
811a228f6a636c548072eabf1dc16093 8985939 net optional
heimdal_1.6~rc2+dfsg.orig.tar.gz
8e508fcc46d086df046cade8715d7f8b 71084 net optional
heimdal_1.6~rc2+dfsg-9+deb8u1.debian.tar.xz
0e2b0b5f8d6b21979d4627000cf869bd 102040 doc extra
heimdal-docs_1.6~rc2+dfsg-9+deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAllrIZtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EYIAQAKEmmT4W9m2DeByv02zT5mHZCACXS8Ut
Mm1Z9ggEgUHr2WdqWkrh2Vdu93H4GMhmOFSe/MakoiiaFRciPM2q4uXZAhjdJmuh
+4irByG+VRCqAY/rLA54rH6d8RjDHy2NUahEvmfA5X0NpSNf+bD0mEWervzzVbzn
iUHa7Uqwi648iLvHc62RdUJmvwjRP2rL7hGL5611uSnzwP1YV57hrW10YOXumG05
/IOHp3rzwdaQkC0Op8QSJq7c2VMW8VWhxB/BXGIjcO/U/OmtfIGe1oQ1EB/jRm1l
2B0s17AZVaOLScTGDuXAZS6ch2TrhilGQDT74Q0BK4d/YI1peW8MvV7r4DQuMSKk
Pp4tDhMDlEjy4BYK8qslRpnJDUyBmWoxAgG2RIVRuXAuZmUg0trJYydej7c/wOVr
UCiULAzquyAT7s7iIWWLucIS+Pgzl6o7IMDwreFFD67u17PiDfv3+XEaNDe8l9l7
XEvx8owOIVbd6fE/ua4aP/TDCSky7MPF8EDtfF2u5hmilBXIPB2/+5CufP5Eu799
bbpny0LgbRET41Lktj0uqOV2EKqoP7R7FJ+3OK9bfxJ6cm/Mmar8asSplTrn6UY5
hkzS/6TC1wqyk6i0xetav8TeXrRj6w+eQfMDQTCuQ8Uc21klRigLWFODXMsnTGra
itYTJjrLxUX1
=eWsz
-----END PGP SIGNATURE-----
--- End Message ---
