heimdal 7.5.0+dfsg-1ubuntu0.3 source package in Ubuntu
Changelog
heimdal (7.5.0+dfsg-1ubuntu0.3) bionic-security; urgency=medium * SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2021-44758.patch: add a call to send_reject() when preferred_mech_type is GSS_C_NO_OID in lib/gssapi/spnego/accept_sec_context.c. - debian/patches/CVE-2021-44758-post.patch: remove grep command in test file tests/gss/check-context.in to prevent FTBFS. - CVE-2021-44758 * SECURITY UPDATE: buffer overflow - debian/patches/CVE-2022-3437-1.patch: change calls to memcmp with ct_memcmp in lib/gssapi/krb5/arcfour.c. - debian/patches/CVE-2022-3437-2.patch: change calls to memcmp with ct_memcmp in lib/gssapi/krb5/unwrap.c - debian/patches/CVE-2022-3437-3.patch: add NULL pointer checks before memcpy in lib/gssapi/krb5/unwrap.c. - debian/patches/CVE-2022-3437-4.patch: change logic on pad buffer hanlding in _gssapi_verify_pad() in lib/gssapi/krb5/decapsulate.c. - debian/patches/CVE-2022-3437-5.patch: add buffer boundary checks in _gssapi_verify_mech_header() in lib/gssapi/krb5/decapsulate.c - debian/patches/CVE-2022-3437-6.patch: add buffer length checks in lib/gssapi/krb5/unwrap.c. - debian/patches/CVE-2022-3437-7.patch: add buffer length checks in _gsskrb5_get_mech() in lib/gssapi/krb5/decapsulate.c. - debian/patches/CVE-2022-3437-8.patch: change buffer length parameter when calling _gssapi_verify_pad() in lib/gssapi/krb5/unwrap.c. - CVE-2022-3437 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2022-42898-1.patch: change logic on PAC buffer parsing in lib/krb5/pac.c. - debian/patches/CVE-2022-42898-2.patch: change variable type from unsigned long to uint64_t in lib/krb5/store-int.c. - CVE-2022-42898 * SECURITY UPDATE: invalid free - debian/patches/CVE-2022-44640.patch: relocates a call to fprintf and parameters when calling it in decode_type() in lib/asn1/gen_decode.c and add a call to fprintf in free_type() in lib/asn1/gen_free.c. - CVE-2022-44640 -- Rodrigo Figueiredo Zaiden <email address hidden> Wed, 11 Jan 2023 19:19:12 -0300
Upload details
- Uploaded by:
- Rodrigo Figueiredo Zaiden
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
heimdal_7.5.0+dfsg.orig.tar.gz | 8.5 MiB | 489119b7a1a900b88163765654dc59cba9a321b078fafc76629e2b85ef140867 |
heimdal_7.5.0+dfsg-1ubuntu0.3.debian.tar.xz | 323.8 KiB | 952964d23c6261b27ce558f2771d51351319e04934c360f9bf4f21c3f30b2af4 |
heimdal_7.5.0+dfsg-1ubuntu0.3.dsc | 3.3 KiB | 1c017ceaf74ec7dd1002e9e4f1fe0e11c331e195b8209bf66f26e5cae0b5682b |
Available diffs
Binary packages built by this source
- heimdal-clients: Heimdal Kerberos - clients
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package includes Kerberos utilities like kadmin, kinit, kpasswd and
klist.
- heimdal-clients-dbgsym: debug symbols for heimdal-clients
- heimdal-dev: Heimdal Kerberos - development files
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This is the development package, required for developing
programs for Heimdal.
- heimdal-docs: Heimdal Kerberos - documentation
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package includes documentation (in info format) on how to
use Heimdal, and relevant standards for Kerberos.
- heimdal-kcm: Heimdal Kerberos - KCM daemon
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package includes the KCM daemon which can hold the credentials
for all users in the system. Access control is done with Unix-like
permissions. The daemon checks the access on all operations based on
the UID and GID of the user. The tickets are renewed as long as is
permitted by the KDC's policy.
- heimdal-kcm-dbgsym: debug symbols for heimdal-kcm
- heimdal-kdc: Heimdal Kerberos - key distribution center (KDC)
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package includes the KDC (key distribution center) server,
which is designed to run on a secure computer and keeps track
of users' passwords. This is done using the Kerberos protocol in
such a way that the server computers do not need to know the
passwords.
- heimdal-kdc-dbgsym: debug symbols for heimdal-kdc
- heimdal-multidev: Heimdal Kerberos - Multi-implementation Development
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package provides versions of the Heimdal development files that
can be installed along-side MIT Kerberos development files.
Normally, heimdal-dev should be used. However if a package needs to
build against both Heimdal Kerberos and MIT Kerberos, then the
multidev package should be used.
- heimdal-multidev-dbgsym: debug symbols for heimdal-multidev
- heimdal-servers: Heimdal Kerberos - server programs
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the kfd server, for receiving forwarded tickets.
- heimdal-servers-dbgsym: debug symbols for heimdal-servers
- libasn1-8-heimdal: Heimdal Kerberos - ASN.1 library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the ASN.1 parser required for Heimdal.
- libasn1-8-heimdal-dbgsym: debug symbols for libasn1-8-heimdal
- libgssapi3-heimdal: Heimdal Kerberos - GSSAPI support library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the library for GSSAPI support.
- libgssapi3-heimdal-dbgsym: debug symbols for libgssapi3-heimdal
- libhcrypto4-heimdal: Heimdal Kerberos - crypto library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the cryptographic library required for Heimdal.
- libhcrypto4-heimdal-dbgsym: debug symbols for libhcrypto4-heimdal
- libhdb9-heimdal: Heimdal Kerberos - kadmin server library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the library for storing the KDC database.
- libhdb9-heimdal-dbgsym: debug symbols for libhdb9-heimdal
- libheimbase1-heimdal: Heimdal Kerberos - Base library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the base library.
- libheimbase1-heimdal-dbgsym: debug symbols for libheimbase1-heimdal
- libheimntlm0-heimdal: Heimdal Kerberos - NTLM support library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the NTLM support library.
- libheimntlm0-heimdal-dbgsym: debug symbols for libheimntlm0-heimdal
- libhx509-5-heimdal: Heimdal Kerberos - X509 support library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the x509 supportlibrary.
- libhx509-5-heimdal-dbgsym: debug symbols for libhx509-5-heimdal
- libkadm5clnt7-heimdal: Heimdal Kerberos - kadmin client library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the client library for kadmin.
- libkadm5clnt7-heimdal-dbgsym: debug symbols for libkadm5clnt7-heimdal
- libkadm5srv8-heimdal: Libraries for Heimdal Kerberos
Heimdal is a free implementation of Kerberos 5, that aims to be
compatible with MIT Kerberos.
.
This package contains the server library for kadmin.
- libkadm5srv8-heimdal-dbgsym: debug symbols for libkadm5srv8-heimdal
- libkafs0-heimdal: Heimdal Kerberos - KAFS support library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the library for KAFS support.
- libkafs0-heimdal-dbgsym: debug symbols for libkafs0-heimdal
- libkdc2-heimdal: Heimdal Kerberos - KDC support library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the KDC support library.
- libkdc2-heimdal-dbgsym: debug symbols for libkdc2-heimdal
- libkrb5-26-heimdal: Heimdal Kerberos - libraries
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the Kerberos 5 library.
- libkrb5-26-heimdal-dbgsym: debug symbols for libkrb5-26-heimdal
- libotp0-heimdal: Heimdal Kerberos - OTP support library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the library for OTP support.
- libotp0-heimdal-dbgsym: debug symbols for libotp0-heimdal
- libroken18-heimdal: Heimdal Kerberos - roken support library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the library for roken support.
- libroken18-heimdal-dbgsym: debug symbols for libroken18-heimdal
- libsl0-heimdal: Heimdal Kerberos - SL support library
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the library for SL support.
- libsl0-heimdal-dbgsym: debug symbols for libsl0-heimdal
- libwind0-heimdal: Heimdal Kerberos - stringprep implementation
Heimdal is a free implementation of Kerberos 5 that aims to be
compatible with MIT Kerberos.
.
This package contains the stringprep library.
- libwind0-heimdal-dbgsym: debug symbols for libwind0-heimdal