-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 01 Jul 2024 13:40:03 -0600 Source: krb5 Binary: krb5-admin-server krb5-admin-server-dbgsym krb5-gss-samples krb5-gss-samples-dbgsym krb5-k5tls krb5-k5tls-dbgsym krb5-kdc krb5-kdc-dbgsym krb5-kdc-ldap krb5-kdc-ldap-dbgsym krb5-kpropd krb5-kpropd-dbgsym krb5-multidev krb5-otp krb5-otp-dbgsym krb5-pkinit krb5-pkinit-dbgsym krb5-user krb5-user-dbgsym libgssapi-krb5-2 libgssrpc4 libk5crypto3 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 libkrad-dev libkrad0 libkrb5-3 libkrb5-dbg libkrb5-dev libkrb5support0 Architecture: amd64 Version: 1.18.3-6+deb11u5 Distribution: bullseye-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) Changed-By: Sam Hartman Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-k5tls - TLS plugin for MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-kpropd - MIT Kerberos key server (Slave KDC Support) krb5-multidev - development files for MIT Kerberos without Heimdal conflict krb5-otp - OTP plugin for MIT Kerberos krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit12 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit12 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-10 - MIT Kerberos runtime libraries - Kerberos database libkrad-dev - MIT Kerberos RADIUS Library Development libkrad0 - MIT Kerberos runtime libraries - RADIUS library libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - debugging files for MIT Kerberos libkrb5-dev - headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Changes: krb5 (1.18.3-6+deb11u5) bullseye-security; urgency=high . * CVE-2024-37370: an unauthenticated attacker can modify the extra count in an RFC 4121 GSS token, causing the token to appear truncated. * CVE-2024-37371: an attacker can cause invalid memory reads by sending an invalid GSS token. Checksums-Sha1: f7a55d0fc72b2bb7b58767d063339d85dab31516 201244 krb5-admin-server-dbgsym_1.18.3-6+deb11u5_amd64.deb 2820ad2be8369baef52169719e27a73f67b0d149 125656 krb5-admin-server_1.18.3-6+deb11u5_amd64.deb 28f7f8a15eb8495fbb17fa0cd39258c2fe385923 36996 krb5-gss-samples-dbgsym_1.18.3-6+deb11u5_amd64.deb b55edb41a39e6e0f91a3b4fdfb8e27ca380dd681 61336 krb5-gss-samples_1.18.3-6+deb11u5_amd64.deb 1b86d8247866d7eea49d9276ca09c75d4a6a893e 19964 krb5-k5tls-dbgsym_1.18.3-6+deb11u5_amd64.deb 7b40915221ba92fd4766cc95525c319e81af3cbf 51956 krb5-k5tls_1.18.3-6+deb11u5_amd64.deb cededae2216aa491a24ba3a44866176ab4c4fc6b 435856 krb5-kdc-dbgsym_1.18.3-6+deb11u5_amd64.deb dc17fa1e6f09ca5e549afc33278e16302856ad55 187208 krb5-kdc-ldap-dbgsym_1.18.3-6+deb11u5_amd64.deb fdfb277c3881fbb6f684d5f39d4f49794ff14f17 121064 krb5-kdc-ldap_1.18.3-6+deb11u5_amd64.deb a7c759727c88d925e190e39e58b435b58b5ef692 211876 krb5-kdc_1.18.3-6+deb11u5_amd64.deb cf16032b0fc1a1f277dbb037be14a60e7f3052a5 42144 krb5-kpropd-dbgsym_1.18.3-6+deb11u5_amd64.deb cf55e9c4ecd19355ed2159335b5c71bf366c18e2 64020 krb5-kpropd_1.18.3-6+deb11u5_amd64.deb 14f761659df6fa7c77cc5de491824db40212532f 157828 krb5-multidev_1.18.3-6+deb11u5_amd64.deb 34c9a091be11ea1a60ecb34da8670fa213ea8b61 29384 krb5-otp-dbgsym_1.18.3-6+deb11u5_amd64.deb 89e78b39a6e9e8b753ee1e390172e8dc98f76a7d 54400 krb5-otp_1.18.3-6+deb11u5_amd64.deb 3a3323763eb33d29e88402ac66326ff5e2edf9ed 154784 krb5-pkinit-dbgsym_1.18.3-6+deb11u5_amd64.deb 8ed708bb6208efe77ce3107aecbf4e7be09955da 89188 krb5-pkinit_1.18.3-6+deb11u5_amd64.deb b2e10ee76d3b8283813f88e205a651e3f45723a8 194388 krb5-user-dbgsym_1.18.3-6+deb11u5_amd64.deb 59b1cb8e3dfe77daf98e068c324c9c53145408ba 151672 krb5-user_1.18.3-6+deb11u5_amd64.deb 74f0c34c0d4ebfb60bacd3cc98934a6f07c012f6 15992 krb5_1.18.3-6+deb11u5_amd64-buildd.buildinfo 472f8bd751e1c76a193a8ef61ee559ad235ebf8c 165652 libgssapi-krb5-2_1.18.3-6+deb11u5_amd64.deb 9dfdef976f926af80ce785221b0001c305ab1aba 91812 libgssrpc4_1.18.3-6+deb11u5_amd64.deb 74286a9c42a8c8a17fa68b6acc5048d460f6ae91 114232 libk5crypto3_1.18.3-6+deb11u5_amd64.deb 14c319a87f06761265694799abbf225da5bd6a77 74156 libkadm5clnt-mit12_1.18.3-6+deb11u5_amd64.deb 3b135f4b38f3548fbbe833cbdc3fd252301a8b53 85956 libkadm5srv-mit12_1.18.3-6+deb11u5_amd64.deb f9744d91cda1e900236a16e62e2fb3cb3fb34381 73532 libkdb5-10_1.18.3-6+deb11u5_amd64.deb d930e61ddcdbd2c1dae4514d731110138b3462f2 48224 libkrad-dev_1.18.3-6+deb11u5_amd64.deb b2be91627b382af55f20c959ba1f4d0da15e1fe6 57524 libkrad0_1.18.3-6+deb11u5_amd64.deb 24827990f852764d3119866ec0eb80375c2d194e 363088 libkrb5-3_1.18.3-6+deb11u5_amd64.deb 71c4a0e75a45f2113407d25bd8c2ae69213d1fd3 2210764 libkrb5-dbg_1.18.3-6+deb11u5_amd64.deb 05a2af784d8a90a33a40de33fb6f3c3f8dd7557a 47732 libkrb5-dev_1.18.3-6+deb11u5_amd64.deb 2c58a0e192e1c9688a3d7fe70e1b4b62b1ce3c77 65664 libkrb5support0_1.18.3-6+deb11u5_amd64.deb Checksums-Sha256: 63e08d6e836f36286a83fa631ca4f587061b00061f15276bd2d5d6c206d034d8 201244 krb5-admin-server-dbgsym_1.18.3-6+deb11u5_amd64.deb e035dcd702d4609676875882d719eab5c64dece55c12b77fdf47be6a56cbe6de 125656 krb5-admin-server_1.18.3-6+deb11u5_amd64.deb 4ec39020eb225ce2056055455708513f057d0040c6626de0cb6348bf938284eb 36996 krb5-gss-samples-dbgsym_1.18.3-6+deb11u5_amd64.deb cd0b5680b6568fb989da62e7a4a7da9b69f16d5951326f44a6c6624e1b208eff 61336 krb5-gss-samples_1.18.3-6+deb11u5_amd64.deb 0a8c8ddefd924529bd20509e8fcb960d3e3b6e6be64ec521fbf0f10991b4510f 19964 krb5-k5tls-dbgsym_1.18.3-6+deb11u5_amd64.deb 07bba6e518fe360dd2c35b8f9d8dfbd94831773998a132bf0663974e1df6c153 51956 krb5-k5tls_1.18.3-6+deb11u5_amd64.deb 6960c1085d52906b35c52f95d5589f0e6d482206730f0b13e32cc96a849e72dd 435856 krb5-kdc-dbgsym_1.18.3-6+deb11u5_amd64.deb 3e64c9e0e0d30f2130579409d7911f9e325d19e97f06ad0be13b54f4917a4bf1 187208 krb5-kdc-ldap-dbgsym_1.18.3-6+deb11u5_amd64.deb be23977514f60564b0fe795ba02899229b8be787309f381c258137d3ffe82e2d 121064 krb5-kdc-ldap_1.18.3-6+deb11u5_amd64.deb be93eb31a5afb45364b5cb87f6cf8c727ac57fbd40e011b405b0e3bce79748a1 211876 krb5-kdc_1.18.3-6+deb11u5_amd64.deb 31b4e0df561458c874f438f68b1585bfc4210c3395546cff5e1fb16686bb22be 42144 krb5-kpropd-dbgsym_1.18.3-6+deb11u5_amd64.deb 9f0f2529a70afa188e29c36d9e63b8a1f498b47c6e84019e46eb65a92ab14ff8 64020 krb5-kpropd_1.18.3-6+deb11u5_amd64.deb 37486f7f8213752caed74b84e6460278e5e18136a40fec8e3ae13f92cd414718 157828 krb5-multidev_1.18.3-6+deb11u5_amd64.deb 10dcedc1d87316fadc57700b9630e6c1810dc4120ba75bd3928fe77d9b5a5151 29384 krb5-otp-dbgsym_1.18.3-6+deb11u5_amd64.deb 64e11ff77709031f339d8e60356effb686dcacad76216c9a01414377a93223ed 54400 krb5-otp_1.18.3-6+deb11u5_amd64.deb 214fe8f2f896f0cfd7ecd5aa41382b0a922292fa5f5ef12fa87b04fbf27470f8 154784 krb5-pkinit-dbgsym_1.18.3-6+deb11u5_amd64.deb dfc65de7c725cc6963343fae9cc02c2275b1ce0e66a1d0b1f4f59b56d63da24f 89188 krb5-pkinit_1.18.3-6+deb11u5_amd64.deb 257ced86151b5180de73b86dfdb4b7f9669cbe33f82cb963a6d1f656b7271a31 194388 krb5-user-dbgsym_1.18.3-6+deb11u5_amd64.deb ec4accbc0157bca611da0abeb5daa435b5a1ee0f71f6795c3d3343e1b463e5b7 151672 krb5-user_1.18.3-6+deb11u5_amd64.deb 1a211192a5c5bcf031ba564197f73d5bd948faa762bec2f7cd726dcacfedec1b 15992 krb5_1.18.3-6+deb11u5_amd64-buildd.buildinfo f7edf1381e11c3ff63f2a6669101c09b2d0b0c56c782bd3b3b60bd02cacb0066 165652 libgssapi-krb5-2_1.18.3-6+deb11u5_amd64.deb 3d1cf30192704d42a8e4fea1c4a9d7a611cffea0f4263635ab7ee7d722c0396f 91812 libgssrpc4_1.18.3-6+deb11u5_amd64.deb 51b242c8423244fd661cdc91213aa870998e29d078930f303d5881537ae4f15e 114232 libk5crypto3_1.18.3-6+deb11u5_amd64.deb 1dbd909bcfba6ec009d85427bd53c89cbeb9187214f9f634f388dd525103e65c 74156 libkadm5clnt-mit12_1.18.3-6+deb11u5_amd64.deb 447d24933877743567b9f7ee31b1672fa5a78d116392e7baf5c3e0701e3a4c63 85956 libkadm5srv-mit12_1.18.3-6+deb11u5_amd64.deb 27a7205f5d9973ee890c7b619a77dfd5a7db7e0627e9ff4194838f93e3680bae 73532 libkdb5-10_1.18.3-6+deb11u5_amd64.deb d655e72aa0a7baec903d5b481a95b2ba4b1293ac1a5a02ec976cbbead8f3b847 48224 libkrad-dev_1.18.3-6+deb11u5_amd64.deb 00289167dafc3c43b98c35e80e8c9fa140b3140c99881986366a97971e9f42e0 57524 libkrad0_1.18.3-6+deb11u5_amd64.deb 198cd5a8616a98464283ab46fce7f86c5bb807a51257881cce81b05cc1f6d5fe 363088 libkrb5-3_1.18.3-6+deb11u5_amd64.deb d05ff777c1532dffe44e786e21f5e24cd9135929d6ded56797185da8033b71e8 2210764 libkrb5-dbg_1.18.3-6+deb11u5_amd64.deb 97ce2aa9d6e775d411535ae74ac168fa584d7433fe28ca41eebe424619775b01 47732 libkrb5-dev_1.18.3-6+deb11u5_amd64.deb 5ef1bac55f8e8f0736ee554429c77c2cb7c0d03773d6b60a16b552c185aa490f 65664 libkrb5support0_1.18.3-6+deb11u5_amd64.deb Files: fffc99f45faa1187743e147fc7eb0d75 201244 debug optional krb5-admin-server-dbgsym_1.18.3-6+deb11u5_amd64.deb b9ca3c2c795ff94c63d3954aae196251 125656 net optional krb5-admin-server_1.18.3-6+deb11u5_amd64.deb 8df7deab7f8f19ba522247d44192784f 36996 debug optional krb5-gss-samples-dbgsym_1.18.3-6+deb11u5_amd64.deb 56e0e7c6477fdfac3ad6f128cabc7a17 61336 net optional krb5-gss-samples_1.18.3-6+deb11u5_amd64.deb f6888878e2788436b6860e359100d4c4 19964 debug optional krb5-k5tls-dbgsym_1.18.3-6+deb11u5_amd64.deb 3b14b89ab23c7a185a5096d0ea92a9c2 51956 net optional krb5-k5tls_1.18.3-6+deb11u5_amd64.deb 2637fdc661b1f39d0025b5e72607c67c 435856 debug optional krb5-kdc-dbgsym_1.18.3-6+deb11u5_amd64.deb 9d5d5dc09add9f29fdad8c9e43745be3 187208 debug optional krb5-kdc-ldap-dbgsym_1.18.3-6+deb11u5_amd64.deb 8eac3177e6c5b4a1c30b25a5ffada52f 121064 net optional krb5-kdc-ldap_1.18.3-6+deb11u5_amd64.deb ce369bfef5bb194d6db9ae64c2a76a95 211876 net optional krb5-kdc_1.18.3-6+deb11u5_amd64.deb 7a9b498e7235b122efb6f304e6084a43 42144 debug optional krb5-kpropd-dbgsym_1.18.3-6+deb11u5_amd64.deb 1196d83cb14bea29e901f3050c9652d8 64020 net optional krb5-kpropd_1.18.3-6+deb11u5_amd64.deb b4d8eaab9eb3a7d99eb3a162a548fa58 157828 libdevel optional krb5-multidev_1.18.3-6+deb11u5_amd64.deb 595f9f2a54df842c2ac0327b26bf789c 29384 debug optional krb5-otp-dbgsym_1.18.3-6+deb11u5_amd64.deb cf0bad5baf021d8eb019919f6ae50dca 54400 net optional krb5-otp_1.18.3-6+deb11u5_amd64.deb b3302ab12cd47eae92e8df426239eeea 154784 debug optional krb5-pkinit-dbgsym_1.18.3-6+deb11u5_amd64.deb 320edd490a5eecf209d7f060e316de72 89188 net optional krb5-pkinit_1.18.3-6+deb11u5_amd64.deb 29216b716d2c4271e26424d21b3fe96c 194388 debug optional krb5-user-dbgsym_1.18.3-6+deb11u5_amd64.deb d8f5b663b6474232dd31d0775a283b4c 151672 net optional krb5-user_1.18.3-6+deb11u5_amd64.deb addca154613bdc7633457aff13010044 15992 net optional krb5_1.18.3-6+deb11u5_amd64-buildd.buildinfo 0ccc3a9f3dc0a2c7f439805f75f5882a 165652 libs optional libgssapi-krb5-2_1.18.3-6+deb11u5_amd64.deb 0bee3463bcacf8233a795e7e093721a3 91812 libs optional libgssrpc4_1.18.3-6+deb11u5_amd64.deb 30f1cda1069f7fd2064a79cbe2514234 114232 libs optional libk5crypto3_1.18.3-6+deb11u5_amd64.deb fe4e0eb8841831b036e4082bd5e4eb32 74156 libs optional libkadm5clnt-mit12_1.18.3-6+deb11u5_amd64.deb b8e5172cb02d9c614c6d88fa78570c5f 85956 libs optional libkadm5srv-mit12_1.18.3-6+deb11u5_amd64.deb 015532707ddd8e349b3ab119baadc4a8 73532 libs optional libkdb5-10_1.18.3-6+deb11u5_amd64.deb 5d14aebfcbdf7fb5869d1bd77d6f1dd2 48224 libdevel optional libkrad-dev_1.18.3-6+deb11u5_amd64.deb 6d0a3fdb19fe336a95b1e6694f3e4a71 57524 libs optional libkrad0_1.18.3-6+deb11u5_amd64.deb 413f30ecbc260f1a4ed05a7640af2031 363088 libs optional libkrb5-3_1.18.3-6+deb11u5_amd64.deb 494e85457532806b14beb38b0a747ccb 2210764 debug optional libkrb5-dbg_1.18.3-6+deb11u5_amd64.deb 1364ff2b6233ed737d6bd59fa2f2a962 47732 libdevel optional libkrb5-dev_1.18.3-6+deb11u5_amd64.deb 7b320998bb2c27e3ec5b1e6d5e73c054 65664 libs optional libkrb5support0_1.18.3-6+deb11u5_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4Unr4QHS5Yi4rr9Q3KGKEAtjIVgFAmaDGsEACgkQ3KGKEAtj IVjj8A/+L2kD9kLiqKtj3DXJx08dni6VUPKvk48NypctdHDZavw4D0QbRTUCOc7R rhtgq6CzMd7e29xB6WCsFRWYct/95t4l5RgA469vs/EO9E2uW+RDVFsMbZH9XHLG ArfvahHtuU5dOVAGsUmvlr1kdxg1+ah4ZIP2BMm2HcyVp83orsBnAoUpD0x4HICZ gT52DN7Nc5kJ6SlFojBs4f3qeJ47WTdqi8zqARRSBWvNzOFKmlmAeat26yWOBScu IbGbIrvQ2Nl53Bop+YtQuvcgRVLzvtEsf/vuSI1xwnctvEDKVoSZBoqzMDsqemwV 9eUk0X1pK3R6YP2SokAqn9SkUwABixjMxZHp9u91nGh8B/Mx4jOhgrSLDKJTEx8o lpsVKipvg0ABzmIdgeoDnhHagYXtMy+MpgiBx152w1i4IHlmv+iWLCoRKdUccsJd 5Q4tK5MXYzx8oSNM6B2NiXbfZMktJHXQ/xfxkTCjz0fLM3JkfpapFaEfa1YKvNtn 06CoZxBWjD+4Hl9xtD4BnonQPhPe6aPQRJQ+c1B8eyMexayofMRuGILAOmX21I5J CyONZ0qudmM477WCl7R3hJBnyPZ7BFLJeVT00GRl+jdnhLOtdlZTRuV8llGPAhOw nyfbO1JoGc/lAV6ti9pCQ5co7F3ENv5RqNm1p6HhdKcYRyUEZmk= =+Stb -----END PGP SIGNATURE-----