-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 01 Jul 2024 11:31:35 -0600 Source: krb5 Binary: krb5-admin-server krb5-admin-server-dbgsym krb5-gss-samples krb5-gss-samples-dbgsym krb5-k5tls krb5-k5tls-dbgsym krb5-kdc krb5-kdc-dbgsym krb5-kdc-ldap krb5-kdc-ldap-dbgsym krb5-kpropd krb5-kpropd-dbgsym krb5-multidev krb5-otp krb5-otp-dbgsym krb5-pkinit krb5-pkinit-dbgsym krb5-user krb5-user-dbgsym libgssapi-krb5-2 libgssrpc4 libk5crypto3 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 libkrad-dev libkrad0 libkrb5-3 libkrb5-dbg libkrb5-dev libkrb5support0 Architecture: armel Version: 1.20.1-2+deb12u2 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-04) Changed-By: Sam Hartman Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-k5tls - TLS plugin for MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-kpropd - MIT Kerberos key server (Slave KDC Support) krb5-multidev - development files for MIT Kerberos without Heimdal conflict krb5-otp - OTP plugin for MIT Kerberos krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit12 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit12 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-10 - MIT Kerberos runtime libraries - Kerberos database libkrad-dev - MIT Kerberos RADIUS Library Development libkrad0 - MIT Kerberos runtime libraries - RADIUS library libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - debugging files for MIT Kerberos libkrb5-dev - headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Changes: krb5 (1.20.1-2+deb12u2) bookworm-security; urgency=high . * CVE-2024-37370: an unauthenticated attacker can modify the extra count in an RFC 4121 GSS token, causing the token to appear truncated. * CVE-2024-37371: an attacker can cause invalid memory reads by sending an invalid GSS token. Checksums-Sha1: 0a7811d508b1dc52272891b635a6112c5b64326e 204736 krb5-admin-server-dbgsym_1.20.1-2+deb12u2_armel.deb 7adfff3c52b18cec30cb590997a1c287f86faf8c 83208 krb5-admin-server_1.20.1-2+deb12u2_armel.deb 6c5aeab32af16a35f688a5e9c3807cd4118a24ae 37744 krb5-gss-samples-dbgsym_1.20.1-2+deb12u2_armel.deb 78910942b638569285e4f856cec9245b54f3cdec 27992 krb5-gss-samples_1.20.1-2+deb12u2_armel.deb 084fb4c88c9259afeab768b6325916eb8f97f4fc 20084 krb5-k5tls-dbgsym_1.20.1-2+deb12u2_armel.deb a91a63acb3a4cf7e0bc3ec032d3ece97e4c6da73 18020 krb5-k5tls_1.20.1-2+deb12u2_armel.deb 6abe297d2de598df693a18dfb4ee4b77c163d42f 449692 krb5-kdc-dbgsym_1.20.1-2+deb12u2_armel.deb ab0a402840f7cd3dd4117aebd4845c1f4cf27cd9 187980 krb5-kdc-ldap-dbgsym_1.20.1-2+deb12u2_armel.deb 703a5ae7fe443a11002ea1177914ea16189d1686 79048 krb5-kdc-ldap_1.20.1-2+deb12u2_armel.deb 816f4de512d3b2f1d3b28f03062797a67b7d9c2f 159760 krb5-kdc_1.20.1-2+deb12u2_armel.deb 89e0f058174c4c9e9809aa9ab11b9020edbe434e 45032 krb5-kpropd-dbgsym_1.20.1-2+deb12u2_armel.deb 4ef6805c3df7dd1932b68f32fafa530273940014 30536 krb5-kpropd_1.20.1-2+deb12u2_armel.deb f361517c00a34ecd68d7e5868cc1d38d8676c378 125024 krb5-multidev_1.20.1-2+deb12u2_armel.deb 614224f9e739e176d666caaea5f1d6b899c47b9a 29028 krb5-otp-dbgsym_1.20.1-2+deb12u2_armel.deb cc51c4cb34b03e09172831165920b0ff96083017 20060 krb5-otp_1.20.1-2+deb12u2_armel.deb b1ee55ca44fc70b4017ee450cbcf5302f1249921 149508 krb5-pkinit-dbgsym_1.20.1-2+deb12u2_armel.deb b2e98a610c071b4aff88d85511fa901619f7d8ab 48256 krb5-pkinit_1.20.1-2+deb12u2_armel.deb f55ed9660962643e47d427d56c4f455ccfc2e449 195336 krb5-user-dbgsym_1.20.1-2+deb12u2_armel.deb 0ea1889e7c82fa4772dc21f633a679039a3198b5 110592 krb5-user_1.20.1-2+deb12u2_armel.deb e93309033599c6c1780064bcf12c44449058c934 15723 krb5_1.20.1-2+deb12u2_armel-buildd.buildinfo eab125f999dc112303d6a0272976a3191e605684 110668 libgssapi-krb5-2_1.20.1-2+deb12u2_armel.deb 27af8d52ba71e4160037912e1e922e8586d14865 50584 libgssrpc4_1.20.1-2+deb12u2_armel.deb 68a03d4fdf1e408638ea111af1b749e660867633 74284 libk5crypto3_1.20.1-2+deb12u2_armel.deb f5b7c236089808d785c47bbe5e19c7fad7ab196e 35888 libkadm5clnt-mit12_1.20.1-2+deb12u2_armel.deb 08dfbd79724dc4a579bf9faf9cfc12e9ba8e4bff 45648 libkadm5srv-mit12_1.20.1-2+deb12u2_armel.deb 64eb8b91f70ad13fd1a3c3a7cb0dcb6b716212a2 35492 libkdb5-10_1.20.1-2+deb12u2_armel.deb 2609905a39edc3f43871501e0ed6f5b8c105bad5 15292 libkrad-dev_1.20.1-2+deb12u2_armel.deb df41831e23319706c8cc091725d32ecbf1e2a70e 22268 libkrad0_1.20.1-2+deb12u2_armel.deb 6a03139c66fec22c743d13f4c1e431fb91f127b7 284464 libkrb5-3_1.20.1-2+deb12u2_armel.deb 263df1604324a83c7c4bcad41a899fcd64c50fde 2119564 libkrb5-dbg_1.20.1-2+deb12u2_armel.deb 2e9f94ce69ebbc2fb8b94f6e729450f8f9f0884b 14820 libkrb5-dev_1.20.1-2+deb12u2_armel.deb 1209ca84e1257a87d91b33b3c8ede2613b7c4ab1 29464 libkrb5support0_1.20.1-2+deb12u2_armel.deb Checksums-Sha256: ef8443dc930eeac26363597badf1d897f1ffbb14e3e0da9e5f38c5eb120aa72f 204736 krb5-admin-server-dbgsym_1.20.1-2+deb12u2_armel.deb 80d3dcdf0c2576673f93bd4363867264cef26c7a84d5cdb438ebfb74d2f59209 83208 krb5-admin-server_1.20.1-2+deb12u2_armel.deb 31ad18e31561747b5ea16ba86138810c59279574c74ade2a25a09980efd94bbd 37744 krb5-gss-samples-dbgsym_1.20.1-2+deb12u2_armel.deb b490796a96ca0da849fb8513ca8cce50ff5ecdbc42f83cdcdd416db580ca2aac 27992 krb5-gss-samples_1.20.1-2+deb12u2_armel.deb a0b5e683d65d146626b1d1a5c85f5017bbb085617d3e9aa32d4432d7c8dd38ec 20084 krb5-k5tls-dbgsym_1.20.1-2+deb12u2_armel.deb 7f025caf528f2ad7e97e86c2cfd1a2fcd9f85ab097f65f79b81a3bcc817c48e1 18020 krb5-k5tls_1.20.1-2+deb12u2_armel.deb ba9a10bba47409eebbe2ef2d388639ed80a7933870e2cecd3f653b97cfc5ccb1 449692 krb5-kdc-dbgsym_1.20.1-2+deb12u2_armel.deb e6ff1e0f0f1796e66ace8b7d65ec0c78765f64418e34a4dc4461f7a77c83ef49 187980 krb5-kdc-ldap-dbgsym_1.20.1-2+deb12u2_armel.deb a3e650d9cc723fba4a2cbd2136c42ce0462eaa1ee9905d674973fcd49c647fa9 79048 krb5-kdc-ldap_1.20.1-2+deb12u2_armel.deb a3a1c903061c40ed35a4ae6f3a42d9eda7775ee30296d633eca24bb10acf66ca 159760 krb5-kdc_1.20.1-2+deb12u2_armel.deb 5764865e85cfdec5264afde8abfedf42ab5de97a08cfda6f85e1be298a1ef28c 45032 krb5-kpropd-dbgsym_1.20.1-2+deb12u2_armel.deb 48bfbcb4acaef4b0413e007d7f638d806134237ffc8f25c67522944199a07cfe 30536 krb5-kpropd_1.20.1-2+deb12u2_armel.deb 99a30eb6c738ab189d2bd42103f10ac716ec1fe203fd6cc78df5b942944cd7dd 125024 krb5-multidev_1.20.1-2+deb12u2_armel.deb 9d79acd86d3d30ddad37d3a3a45ce4cc8b1c3f77a6a80149b2e02f9762c91ab9 29028 krb5-otp-dbgsym_1.20.1-2+deb12u2_armel.deb 53d5ea2c16e7087aa7949827273b3db8f96efb6db5140f37b8dc4919a9315ebd 20060 krb5-otp_1.20.1-2+deb12u2_armel.deb d96de4edf2d1c06ca29e0e19c0a9ad00ce04263f1bcce3437d07ec007c4ac6a5 149508 krb5-pkinit-dbgsym_1.20.1-2+deb12u2_armel.deb 7cd10217fe740b23b6cf38d9bbfaffb032c6856978b21b92aa2b295bde73b0c1 48256 krb5-pkinit_1.20.1-2+deb12u2_armel.deb dc884950c29fc87b67db43fe819c6adc06bb459c318c150a803fbbcb115df26f 195336 krb5-user-dbgsym_1.20.1-2+deb12u2_armel.deb 510b801503bd757a89a06d7849c5e992a62ee7cc7e488d3c8267c6c8670dbf74 110592 krb5-user_1.20.1-2+deb12u2_armel.deb db81650a805a2ec02f8ba0ad064a333718b407b8f0e406bb1569dfa68a0c7e51 15723 krb5_1.20.1-2+deb12u2_armel-buildd.buildinfo 47647c744f893c63f2f7d2b91e3e1a53656ca4d24ba71e10660b92aa2d9d78ff 110668 libgssapi-krb5-2_1.20.1-2+deb12u2_armel.deb 0b8481e2f17cfcf9f9213344b54015803d036b86123a0ebf68fbcc5bc45c511a 50584 libgssrpc4_1.20.1-2+deb12u2_armel.deb cf4753a4fc5b3796b89d0a953a28605540974fa0ae3a045ecd63d28f84a2b6b5 74284 libk5crypto3_1.20.1-2+deb12u2_armel.deb 53abf713a75d4720001178775c33b3179d888a2ce71ed274e3087514f8e25f4a 35888 libkadm5clnt-mit12_1.20.1-2+deb12u2_armel.deb c0f46aac6d9a06ae328b47f27de469d1793668dd512f9f94910277d22a891ab6 45648 libkadm5srv-mit12_1.20.1-2+deb12u2_armel.deb 306204fa82a6130875d48f3b5f4a0f9afc554cd60c27bfa474d7fc4353239d76 35492 libkdb5-10_1.20.1-2+deb12u2_armel.deb 6ebac6a305253fc5eebacfec0264a3f3fbb9d9f5609c463a4a101bacc1209483 15292 libkrad-dev_1.20.1-2+deb12u2_armel.deb fd72786b4c4456c79557b1e64b244d8f0cbed402110efaa67cb8efdfaa3911e2 22268 libkrad0_1.20.1-2+deb12u2_armel.deb 039d3afc881d59bd4b48bed028f174d5d90d011ed5ff82fabfcade002eefd71b 284464 libkrb5-3_1.20.1-2+deb12u2_armel.deb d920eb929b9ae46b286c6946c7457ae5af69face94e7dd8aa8b4a1247ac7bbd1 2119564 libkrb5-dbg_1.20.1-2+deb12u2_armel.deb d01e316718278d2ce834c11b6bb48dff4b51df3cce05a3c60aef6c0f2750a19f 14820 libkrb5-dev_1.20.1-2+deb12u2_armel.deb a3455a0afe4fa1c3bf5edecc69f3d5c762834a579b914adb253daffe05a139d1 29464 libkrb5support0_1.20.1-2+deb12u2_armel.deb Files: ce1a4afc8ad151fd3d9edaad5133806c 204736 debug optional krb5-admin-server-dbgsym_1.20.1-2+deb12u2_armel.deb a3b8b67003594543bf038198e88bae78 83208 net optional krb5-admin-server_1.20.1-2+deb12u2_armel.deb ccfc1ac4aeec5babdd8160d9d7cb058d 37744 debug optional krb5-gss-samples-dbgsym_1.20.1-2+deb12u2_armel.deb fabea1bf727f50a1d7b70ae42a97f30f 27992 net optional krb5-gss-samples_1.20.1-2+deb12u2_armel.deb d126794d0572f60149d04a8e13dc4027 20084 debug optional krb5-k5tls-dbgsym_1.20.1-2+deb12u2_armel.deb 8645501953a65fda241c5f0fd7bcd495 18020 net optional krb5-k5tls_1.20.1-2+deb12u2_armel.deb 05fdefe980072eb4045b6ba7a9017112 449692 debug optional krb5-kdc-dbgsym_1.20.1-2+deb12u2_armel.deb 70a2c8f99a04041ddfcce81f6e35de35 187980 debug optional krb5-kdc-ldap-dbgsym_1.20.1-2+deb12u2_armel.deb 40ff65c4158d49964c2884ead0be0675 79048 net optional krb5-kdc-ldap_1.20.1-2+deb12u2_armel.deb 43ef5ede8bfa8c73e4d2679ad0d97ad5 159760 net optional krb5-kdc_1.20.1-2+deb12u2_armel.deb 83c818f9912ef51c6758bffb633957da 45032 debug optional krb5-kpropd-dbgsym_1.20.1-2+deb12u2_armel.deb 20d0b3e287a8b90527301084cbde2c64 30536 net optional krb5-kpropd_1.20.1-2+deb12u2_armel.deb c6af9c14cd422641de5e3fc4b20e6dac 125024 libdevel optional krb5-multidev_1.20.1-2+deb12u2_armel.deb 9dbf6a03ee3f3f3580ba86836b9667cc 29028 debug optional krb5-otp-dbgsym_1.20.1-2+deb12u2_armel.deb d0f1ec1f1a166634e79503d68303feed 20060 net optional krb5-otp_1.20.1-2+deb12u2_armel.deb a09d26db7c811558bd00c7a12216e2ca 149508 debug optional krb5-pkinit-dbgsym_1.20.1-2+deb12u2_armel.deb b233e3dfd3d67a9f45e716f142ea918d 48256 net optional krb5-pkinit_1.20.1-2+deb12u2_armel.deb f9ebaa83275505a48baee72e816ec0f4 195336 debug optional krb5-user-dbgsym_1.20.1-2+deb12u2_armel.deb 1f2bc48e3815af858229e0a25dcc09b1 110592 net optional krb5-user_1.20.1-2+deb12u2_armel.deb 6dd8b33fc2f6e8d7a9039025986e769e 15723 net optional krb5_1.20.1-2+deb12u2_armel-buildd.buildinfo 3dc010311647f42833f013da71b00e7a 110668 libs optional libgssapi-krb5-2_1.20.1-2+deb12u2_armel.deb ed06ffc382feb26e0835312a90417ea5 50584 libs optional libgssrpc4_1.20.1-2+deb12u2_armel.deb 358a95f6ede8ce2ba75bef16d2441704 74284 libs optional libk5crypto3_1.20.1-2+deb12u2_armel.deb 52f57efea791e1afba014459f45b6b5c 35888 libs optional libkadm5clnt-mit12_1.20.1-2+deb12u2_armel.deb 1345b3cbf3e00ea04d7bd7f82e3523c8 45648 libs optional libkadm5srv-mit12_1.20.1-2+deb12u2_armel.deb 04424503865eb3ecf4d66eed67254367 35492 libs optional libkdb5-10_1.20.1-2+deb12u2_armel.deb 53c14bfb58f4f82d063cccaacb051671 15292 libdevel optional libkrad-dev_1.20.1-2+deb12u2_armel.deb cd76bbcc4f5cb02362aa23db15a0ef3e 22268 libs optional libkrad0_1.20.1-2+deb12u2_armel.deb 9ddaa5f852860d022189f5e1946a288f 284464 libs optional libkrb5-3_1.20.1-2+deb12u2_armel.deb cc9ecb36e9ecf434ec207fed2c326db6 2119564 debug optional libkrb5-dbg_1.20.1-2+deb12u2_armel.deb e4b3f669fe4df293e1b669d765356edf 14820 libdevel optional libkrb5-dev_1.20.1-2+deb12u2_armel.deb 331d1823aa33a0448b8d23ca2afa3a95 29464 libs optional libkrb5support0_1.20.1-2+deb12u2_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE6s8UzO+WAx8RRAOV80lOEvgzuSsFAmaDB4kACgkQ80lOEvgz uSuI/xAAmFb5tfMfJsah0nH/cEGtroplfOgw0RAuA1o0X3vKsSXT9YdpDNetDWV3 P799u79JqKKoQfmhcjwltzLqDiBhSivtLzhOak9Hr4bQ67+0WfqHo9YHp0kGoBTA jxdpjJ1ZF1NFSNI9HvZ4edqvMGbNWvZhlBSeAT/Uwtkw1PW1Dx13zRSp09k+2tms zmzGyERqJyoj0+b9qZkhO08dtpBeppm5GpxmyxVgTL3rlGa/I7TQMdi8dlsBXVQn +3JXI9JxsNMvKWZnzJerkgk5CvX0HTmWuXuAEBVWP/AkZU98+pwmbs0NPoIDBAHN GI0nZS+gDo7O/SCALaB+3LwtGMDHDA88Go/SK78JBRFJUl/0AnJylFsTO2u8tJx9 CgBsgyEiZBA0xgD1N2oDjV21cP+873Dpm7sq9uByMXaiaPYqFz1I4djUo4QVYr0l tveiyieZ6PY7rOPTsRMQAeYtCjnmI5maB4408/XIK/3E6t91pLS3FsMQ1NvzybR0 y0M1p7pd1PQPskITtN07yCekdXTynP6p/zAtUQQ/twxNmA+eK7rNbqCHl16t/TtT i1Fa7KOsNcnAfqCtHrkAgOst7d9D6sJC8kO3/F7egpuuc8yvhnPUgRZCkddwg5w4 60GBC42xepxAZ79SNJSRQlRoIAwcNDJ8B0R4RFwoYyFy2dgBGvo= =0lAk -----END PGP SIGNATURE-----