Your message dated Sun, 23 Jul 2017 19:20:34 +0000 with message-id <e1dzmqc-000cub...@fasolo.debian.org> and subject line Bug#869260: fixed in krb5 1.15.1-2 has caused the Debian Bug report #869260, regarding CVE-2017-11368 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 869260: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869260 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: krb5 Severity: grave Tags: security Hi, please see: https://github.com/krb5/krb5/pull/678/commits/a860385dd8fbd239fdb31b347e07f4e6b2fbdcc2 Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: krb5 Source-Version: 1.15.1-2 We believe that the bug you reported is fixed in the latest version of krb5, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 869...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sam Hartman <hartm...@debian.org> (supplier of updated krb5 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 23 Jul 2017 14:16:38 -0400 Source: krb5 Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-kpropd krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-otp krb5-k5tls krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit11 libkadm5clnt-mit11 libk5crypto3 libkdb5-8 libkrb5support0 libkrad0 krb5-gss-samples krb5-locales libkrad-dev Architecture: source Version: 1.15.1-2 Distribution: unstable Urgency: high Maintainer: Sam Hartman <hartm...@debian.org> Changed-By: Sam Hartman <hartm...@debian.org> Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-doc - documentation for MIT Kerberos krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-k5tls - TLS plugin for MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-kpropd - MIT Kerberos key server (KDC) krb5-locales - internationalization support for MIT Kerberos krb5-multidev - development files for MIT Kerberos without Heimdal conflict krb5-otp - OTP plugin for MIT Kerberos krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit11 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit11 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-8 - MIT Kerberos runtime libraries - Kerberos database libkrad-dev - MIT Kerberos RADIUS Library Development libkrad0 - MIT Kerberos runtime libraries - RADIUS library libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - debugging files for MIT Kerberos libkrb5-dev - headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Closes: 868035 868121 869260 Changes: krb5 (1.15.1-2) unstable; urgency=high . * Depend on libsasl2-dev for LDAP SASL authentication, Thanks Hideki Yamane, Closes: #868035 * Remove /etc/gss/mech.d/README on libgssapi-krb5-2 purge, Closes: #868121 * CVE-2017-11368: Remote authenticated attackers can crash the KDC, Closes: #869260 * Set Restart=on-abnormal in krb5-kdc.service and krb5-admind.service to minimize the impact of future DOS bugs. Checksums-Sha1: 6c58015344fb8bee5e94c8b2efd654f0b487218f 3294 krb5_1.15.1-2.dsc ba9535120446603872db101faaf54011d6f96b90 143404 krb5_1.15.1-2.debian.tar.xz Checksums-Sha256: 717416ea51edbfd2555568631e700c15cce1244f730a97d317288ab0be20d43a 3294 krb5_1.15.1-2.dsc e44c17efbf26e5d2a3de7577a039085683efe21afb0da3eacc12c17dc01e9d1a 143404 krb5_1.15.1-2.debian.tar.xz Files: 8a93bd2565a27473ba5e864e930a8c37 3294 net standard krb5_1.15.1-2.dsc 9860ed2fa3a92f7bb6eddca0ff9a4c55 143404 net standard krb5_1.15.1-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQGfBAEBCAAdFiEEz1cSziAwmFRQyTi4fJpR9iayVp8FAll07/MACgkQfJpR9iay Vp+80QtguNCcZC+JsbFennH25OFDJpNgpuA1k/kYixvaEny1cC5SKFCJQltNUKDG YTElbzHu00t/wICzwCe9BX64b4027k2MdisZLPR6F/iLQOxn3fz+UvjSo2em+rEI WpbOHLLSrZ7ODtgojj2snd0ZrsHhKT8vZ0ePNSPu9FBe9MbNazzxTWLa2P3UAYvA OVcxFi4pIJ5RDPQUAjpRzH0dhkdM1YimyeBaxDwFRM/f/n7B7T06CcUpg+8TGxcf j8rsfD56WGnbhxwh6J+d5H9F49WDxrgLr/0nObSaxZeWQQvYAi2cn+8BnviNc7QV vg0MpwH+anjY8CjRnGspD7UZdhTmk/kRon33wl3FJ95V2pMhGWNlhs1QRIlIC5ip 6H3WX+vxN/6DTUCeTuty1FEC9MH5BFFtZGNeI9bdRlFdCucGqx6WKIWhe5di3MgD XKPpjiqViHs3TKBOhefGJRJ8qWkAb01LXJthFfCuKmkV6g== =xyVh -----END PGP SIGNATURE-----
--- End Message ---
