enterprise-support team mailing list archive

Thread
Date
[Bug 2064411] [NEW] Merge krb5 from Debian unstable for oracular

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Bryce Harrington <2064411@xxxxxxxxxxxxxxxxxx>
Date: Wed, 01 May 2024 06:12:44 -0000
Reply-to: Bug 2064411 <2064411@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
Public bug reported:

Scheduled-For: Backlog
Upstream: tbd
Debian:   1.20.1-6    
Ubuntu:   1.20.1-6ubuntu2


There is nothing yet to merge for krb5 currently, but this ticket is
filed prospectfully for tracking purposes in case a merge does become
available later this cycle.

If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.

If this merge pulls in a new upstream version, also consider adding an
entry to the Oracular Release Notes:
https://discourse.ubuntu.com/c/release/38


### New Debian Changes ###

krb5 (1.20.1-6) unstable; urgency=medium

  * Fix up libverto1*->libverto1*t64, Closes: #1065702

 -- Sam Hartman <hartmans@xxxxxxxxxx>  Sun, 10 Mar 2024 19:36:33 -0600

krb5 (1.20.1-5.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Rename libraries for 64-bit time_t transition.  Closes: #1064164

 -- Lukas Märdian <slyon@xxxxxxxxxx>  Wed, 28 Feb 2024 15:25:37 +0000

krb5 (1.20.1-5) unstable; urgency=medium

  [ Helmut Grohne ]
  * Annotate test dependencies <!nocheck>. (Closes: #1054461)

  [ Sam Hartman ]
  * Fix keyutils to be linux-any

 -- Helmut Grohne <helmut@xxxxxxxxxx>  Tue, 24 Oct 2023 07:17:27 +0200

krb5 (1.20.1-4) unstable; urgency=low

  [ Steve Langasek ]
  * libkrb5support0: require strict binary dependency to deal with glibc 2.38, Closes: #1043184

  [Jelmer Vernooij]
  * krb5-user: Use alternatives for kinit, klist, kswitch, ksu, kpasswd,
    kdestroy, kadmin and ktutil. This allows installation
    together with heimdal-clients. Closes: #213316, #751203

  [ Sam Hartman ]
  * Enable build-time tests, Thanks Andreas Hasenack, Closes: #1017763
  * Work around doxygen change that breaks doc build, Thanks Greg
    Hudson, Closes: #1051523

 -- Sam Hartman <hartmans@xxxxxxxxxx>  Mon, 11 Sep 2023 11:06:57 -0600

krb5 (1.20.1-3) unstable; urgency=high

  * Fixes CVE-2023-36054: a  remote authenticated attacker can cause
    kadmind to free an uninitialized pointer.  Upstream believes remote
    code execusion is unlikely, Closes: #1043431 

 -- Sam Hartman <hartmans@xxxxxxxxxx>  Mon, 14 Aug 2023 14:06:53 -0600

krb5 (1.20.1-2) unstable; urgency=medium

  * Tighten dependencies on libkrb5support0.  This means that the entire
    upgrade from bullseye to bookworm needs to be lockstep, but it appears
    that's what is required, Closes: #1036055
  

 -- Sam Hartman <hartmans@xxxxxxxxxx>  Mon, 15 May 2023 17:44:41 -0600

krb5 (1.20.1-1) unstable; urgency=high

  [ Bastian Germann ]
  * Sync debian/copyright with NOTICE from upstream

  [ Debian Janitor ]
  * Trim trailing whitespace.
  * Strip unusual field spacing from debian/control.
  * Use secure URI in Homepage field.
  * Merge upstream signing key files.
  * Update renamed lintian tag names in lintian overrides.
  * Update standards version to 4.6.1, no changes needed.
  * Remove field Section on binary package krb5-gss-samples that
    duplicates source.
  * Fix field name cases in debian/control (VCS-Browser => Vcs-Browser,
    VCS-Git => Vcs-Git).

  [ Sam Hartman ]
  * New upstream release
    - Integer overflows in PAC parsing; potentially critical for 32-bit
    KDCs or when cross-realm acts maliciously; DOS in other conditions;
    CVE-2022-42898, Closes: #1024267
  * Tighten version dependencies around crypto library, Closes: 1020424
  * krb5-user reccomends rather than Depends on krb5-config.  This avoids
    a hard dependency on bind9-host, but also supports cases where
    krb5-config is externally managed, Closes: #1005821

 -- Sam Hartman <hartmans@xxxxxxxxxx>  Thu, 17 Nov 2022 10:34:28 -0700

krb5 (1.20-1) unstable; urgency=medium

  * New Upstream Version
  * Do not specify master key type to avoid weak crypto, Closes: #1009927

 -- Sam Hartman <hartmans@xxxxxxxxxx>  Fri, 22 Jul 2022 16:32:38 -0600

krb5 (1.20~beta1-1) experimental; urgency=medium

  * New Upstream version

 -- Sam Hartman <hartmans@xxxxxxxxxx>  Thu, 07 Apr 2022 11:57:27 -0600

krb5 (1.19.2-2) unstable; urgency=medium


### Old Ubuntu Delta ###

krb5 (1.20.1-6ubuntu2) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <steve.langasek@xxxxxxxxxx>  Sun, 31 Mar 2024
07:42:10 +0000

krb5 (1.20.1-6ubuntu1) noble; urgency=medium

  * Fix tests with Python 3.12.

 -- Matthias Klose <doko@xxxxxxxxxx>  Sun, 24 Mar 2024 12:51:41 +0100

** Affects: krb5 (Ubuntu)
     Importance: Undecided
         Status: Incomplete


** Tags: needs-merge upgrade-software-version

** Changed in: krb5 (Ubuntu)
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to krb5 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/2064411

Title:
  Merge krb5 from Debian unstable for oracular

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/2064411/+subscriptions
Follow ups

[Bug 2064411] Re: Merge krb5 from Debian unstable for oracular
From: Andreas Hasenack, 2024-07-18