Is the fix released in Trustu ESM repository ? I don't see it. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/1817955
Title: Getting new "DN is out of the realm subtree" error on adding principal Status in krb5 package in Ubuntu: Fix Released Status in krb5 source package in Trusty: Triaged Bug description: Recently applied security update to 14.04.5 LTS kerberos (1.12+dfsg- 2ubuntu5.4), and started getting errors when adding new principals to LDAP. Obfuscated example: kadmin.local -q "ank -x dn=\"uid=testuser,ou=People,dc=example,dc=com\" -pw \"dummypass\" testuser" now gives: Authenticating as principal root/ad...@test.example.com with password. NOTICE: no policy specified for testu...@test.example.com; assigning "default" add_principal: DN is out of the realm subtree while creating "testu...@test.example.com". This worked up through 1.12+dfsg-2ubuntu5.3, and I think it now fails due to changes in src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in response to CVE-2018-5729 or CVE-2018-5730. I'm going to attempt a downgrade to 1.12+dfsg-2ubuntu5.3 to check. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1817955/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
