Context Navigation

← Previous Ticket
Next Ticket →

#1350 closed defect (fixed)

MIT Kerberos-1.6

Reported by:	Randy McMurchy	Owned by:	Randy McMurchy
Priority:	highest	Milestone:	6.2.0
Component:	BOOK	Version:	SVN
Severity:	blocker	Keywords:	KRB5 Kerberos
Cc:

Description

Version increment to 1.4.1

Change History (11)

comment:1 by Randy McMurchy, 19 years ago

Priority:	normal → highest
Severity:	normal → major

This version fixes a buffer overflow vulnerability in the telnet program.

comment:2 by bdubbs@…, 19 years ago

Milestone:	future → 6.1

comment:3 by LFS-User@…, 19 years ago

Owner:	changed from blfs-book@… to Randy McMurchy

comment:4 by LFS-User@…, 19 years ago

Status:	new → assigned

comment:5 by Randy McMurchy, 19 years ago

Owner:	changed from Randy McMurchy to blfs-book@…
Status:	assigned → new

Unassigning myself from this bug. There are simply too many issues for me to update the version at this time. I am continuing to work on it, but there are patches for the libcom_err library and DB to create to make the package really correct.

comment:6 by bdubbs@…, 19 years ago

Milestone:	6.1 → 6.2

Redesignating to release 6.2.

Temporarily removed instructions for building this package and directed users to use heimdal as a substitute.

comment:7 by LFS-User@…, 19 years ago

Milestone:	6.2 → future
Priority:	highest → normal
Severity:	major → normal
Summary:	MIT Kerberos-1.4.1 → MIT Kerberos-1.4.2

Version increment to 1.4.2

comment:8 by Randy McMurchy, 18 years ago

Keywords:	KRB5 Kerberos added
Milestone:	future → 6.2
Priority:	normal → highest
Severity:	normal → blocker
Summary:	MIT Kerberos-1.4.2 → MIT Kerberos-1.4.3

The book is at 1.4.1, 1.4.3 is now available. 1.4.2 fixed two security vulnerabilities:

Major changes in 1.4.2

[3120] Fix [MITKRB5-SA-2005-002] KDC double-free and heap overflow. Thanks to Daniel Wachdorf for reporting these vulnerabilities.

[3121] Fix [MITKRB5-SA-2005-003] krb5_recvauth() double-free. Thanks to Magnus Hagander for reporting this vulnerability.

Upgrading the bug as there are security vulnerabilities.

comment:9 by Randy McMurchy, 18 years ago

Summary:	MIT Kerberos-1.4.3 → MIT Kerberos-1.5

Version increment to 1.5

comment:10 by Randy McMurchy, 17 years ago

Owner:	changed from blfs-book@… to Randy McMurchy
Status:	new → assigned
Summary:	MIT Kerberos-1.5 → MIT Kerberos-1.6

Version increment to 1.6

comment:11 by Randy McMurchy, 17 years ago

Resolution:	→ fixed
Status:	assigned → closed

Updated BLFS to MIT Kerberos V5-1.6. This update fixes two major security holes.

Note: See TracTickets for help on using tickets.

Download in other formats: