[Secure-testing-commits] r28338 - in data: . CVE DLA
Thorsten Alteholz
alteholz at moszumanska.debian.org
Mon Aug 18 17:37:50 UTC 2014
Author: alteholz
Date: 2014-08-18 17:37:50 +0000 (Mon, 18 Aug 2014)
New Revision: 28338
Modified:
data/CVE/list
data/DLA/list
data/lts-needed.txt
Log:
krb5 done
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-18 16:31:48 UTC (rev 28337)
+++ data/CVE/list 2014-08-18 17:37:50 UTC (rev 28338)
@@ -2236,25 +2236,30 @@
RESERVED
{DSA-3000-1}
- krb5 1.12.1+dfsg-7 (bug #757416)
+ [squeeze] - krb5 1.8.3+dfsg-4squeeze8
NOTE: https://github.com/krb5/krb5/commit/81c332e29f10887c6b9deb065f81ba259f4c7e03
NOTE: http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2014-001.txt
CVE-2014-4344 [NULL dereference in GSSAPI servers]
RESERVED
{DSA-3000-1}
- krb5 1.12.1+dfsg-5 (bug #755521)
+ [squeeze] - krb5 1.8.3+dfsg-4squeeze8
NOTE: https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b
CVE-2014-4343 [double-free in SPNEGO initiators]
RESERVED
{DSA-3000-1}
- krb5 1.12.1+dfsg-5 (bug #755520)
+ [squeeze] - krb5 1.8.3+dfsg-4squeeze8
NOTE: https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f
CVE-2014-4342 (MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows ...)
{DSA-3000-1}
- krb5 1.12.1+dfsg-4 (bug #753625)
+ [squeeze] - krb5 1.8.3+dfsg-4squeeze8
NOTE: https://github.com/krb5/krb5/commit/fb99962cbd063ac04c9a9d2cc7c75eab73f3533d
CVE-2014-4341 (MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to ...)
{DSA-3000-1}
- krb5 1.12.1+dfsg-4 (bug #753624)
+ [squeeze] - krb5 1.8.3+dfsg-4squeeze8
NOTE: https://github.com/krb5/krb5/commit/fb99962cbd063ac04c9a9d2cc7c75eab73f3533d
CVE-2014-4340
RESERVED
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2014-08-18 16:31:48 UTC (rev 28337)
+++ data/DLA/list 2014-08-18 17:37:50 UTC (rev 28338)
@@ -1,3 +1,5 @@
+[18 Aug 2014] DLA-37-1 krb5 - security update
+ [squeeze] - krb5 1.8.3+dfsg-4squeeze8
[12 Aug 2014] DLA-25-3 python2.6 - regression update
[squeeze] - python2.6 2.6.6-8+deb6u3
[11 Aug 2014] DLA-36-1 polarssl - security update
Modified: data/lts-needed.txt
===================================================================
--- data/lts-needed.txt 2014-08-18 16:31:48 UTC (rev 28337)
+++ data/lts-needed.txt 2014-08-18 17:37:50 UTC (rev 28338)
@@ -24,8 +24,6 @@
--
icinga
--
-krb5 (Thorsten Alteholz)
---
libextlib-ruby
--
libjson-ruby
More information about the Secure-testing-commits
mailing list