From d342aedfcc1356e36d5e77fd8224be2eb73e2bf884ac7f729e2b7028cca8329d Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Mon, 9 Aug 2021 08:50:11 +0000 Subject: [PATCH] Accepting request 909709 from home:scabrero:branches:network - Update to 1.19.2 * Fix a denial of service attack against the KDC encrypted challenge code; (CVE-2021-36222); * Fix a memory leak when gss_inquire_cred() is called without a credential handle. OBS-URL: https://build.opensuse.org/request/show/909709 OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=252 --- krb5-1.19.1.tar.gz | 3 --- krb5-1.19.1.tar.gz.asc | 16 ---------------- krb5-1.19.2.tar.gz | 3 +++ krb5-1.19.2.tar.gz.asc | 16 ++++++++++++++++ krb5-mini.changes | 9 +++++++++ krb5-mini.spec | 2 +- krb5.changes | 9 +++++++++ krb5.spec | 2 +- 8 files changed, 39 insertions(+), 21 deletions(-) delete mode 100644 krb5-1.19.1.tar.gz delete mode 100644 krb5-1.19.1.tar.gz.asc create mode 100644 krb5-1.19.2.tar.gz create mode 100644 krb5-1.19.2.tar.gz.asc diff --git a/krb5-1.19.1.tar.gz b/krb5-1.19.1.tar.gz deleted file mode 100644 index 5ee7e6e..0000000 --- a/krb5-1.19.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fa16f87eb7e3ec3586143c800d7eaff98b5e0dcdf0772af7d98612e49dbeb20b -size 8738142 diff --git a/krb5-1.19.1.tar.gz.asc b/krb5-1.19.1.tar.gz.asc deleted file mode 100644 index 588eb6e..0000000 --- a/krb5-1.19.1.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmAuntAACgkQDLoIV1+D -ct8TIhAArFittFBcz4ZfMxqhHVGdK6kOeQXrrV27d3FW6y28BvS7yHJ8CkyK+I3g -4rsaaf7srkH8jaiCjmjHC2rWJIuceOwkD4GRqXtb2CiqKxXI9eZ+g9ipB7DGKixg -+1nki7mOhd3oaeUkCRFXgyiOqSE/ird7/itLYzEoAroLpTazNp6Kk4gXmhJIENlq -dj1God+JxhuwzzWZRdsy2SyvMQPQMOTIilsXRboObZFvPrhZKkJmgNm+RzU/YRSg -/1Po7takBXq8qhgnwPHTnTPb+BYRdrqQc/a2WcmEdgbzeMpijNmkFsgAFeKDijSz -1nmFO4SQd/rAfgUovkDd+GMAYZ6DCLFqoI/WeKOgCrRMxJMMRbLlr48bTvMwjuIl -xE5gy8h2Iju/UP1lxz8KheCm/FyNzNw4pe74zbGgK5fdiEQ8xNlKZOs9LRrtvyfL -j1G+IX6cK+5yTo/NceYjnHVAatbuW6C6xJmsIQ1GYdMPvto7Wctq/4/BmwxqgFAJ -HCPuQgAGi875JpPYvi/c3tioRiIPwOz54CXCrcFyKELvgHi6lGN6MRNSzAP4QdA0 -HlXZQ4/4NFOJxjLGu9ZXKUbYPaGizhI+ayzg5/RJLHPIgW7yLvwFqkBIa1xs26bA -xiP5JKuDC4mqDPwVjwpufkUBH6SoBFnbiIWEYSKVPLJFw+Dbhv0= -=PP6r ------END PGP SIGNATURE----- diff --git a/krb5-1.19.2.tar.gz b/krb5-1.19.2.tar.gz new file mode 100644 index 0000000..2957518 --- /dev/null +++ b/krb5-1.19.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:10453fee4e3a8f8ce6129059e5c050b8a65dab1c257df68b99b3112eaa0cdf6a +size 8741053 diff --git a/krb5-1.19.2.tar.gz.asc b/krb5-1.19.2.tar.gz.asc new file mode 100644 index 0000000..0c38c44 --- /dev/null +++ b/krb5-1.19.2.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmD5qLoACgkQDLoIV1+D +ct9NEw//XhDJPE38UzvURT/RsuL3TQZoHGHtRA/seXcKkrX1wFLUjnOUK39RxzkS +5y0BGOBoByGlqMxcpBlQv3mdtOAkdbgUtb9sT90eUObsG3cqa/0ou3Nm2ta+UNb7 +UC72UC9ZCXzUEl3be2/q/geHHE69e62t4YGcnwZ4koI3b/cZU6xL3N0ox9Gxdi37 ++rUe7i5TZAKvKo+eKhLpC/k1F0HSvLzxcPyRlfpAYb607lvc4MYNvbOZZUk8aNEt +0OhoSak1mXSdYwt4HHTj2NY1q5d+wviGOYby/Q1Wv7qVZHLFvCCr7Lr7ba0bIWas +cYl13OgLq2uwA85k9/BzAxIgPVpMpt0aRaoTeiH2fKm8kNA9YfIagyRgX4vNfFWp +RKXpVu5SFNMgFVAHJu/QID8Lf8YV/PU4H7kdMyFy9gA66nTN4KvdeoRyrHgv2r1c +c5MhV9bJDDFalC1VLYTJ3iSZFy5Y95wrr59KI2OTQKgQxsylfGXW+OR1hWKua5Y5 +nqF0b/TKiryrdah3aw2Ac78MggC+3RDHQ8yHG4tC0/nJzbf4WnP6lqUJhQIat+lE +g62Kh+fAUjuYw/8tuxVUFlMMa9cDHV7XGGYQS/JoUq/BaGWheNYrvPXxr4u0oSOa +kJyOUfZuJvgiDakbEAuVNm8Gr6lKDH/omn8dl9r/CHdyEANqvi0= +=QM0F +-----END PGP SIGNATURE----- diff --git a/krb5-mini.changes b/krb5-mini.changes index 91f90bb..3c4f640 100644 --- a/krb5-mini.changes +++ b/krb5-mini.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Mon Aug 2 08:39:31 UTC 2021 - Samuel Cabrero + +- Update to 1.19.2 + * Fix a denial of service attack against the KDC encrypted challenge + code; (CVE-2021-36222); + * Fix a memory leak when gss_inquire_cred() is called without a + credential handle. + ------------------------------------------------------------------- Thu Apr 22 15:10:12 UTC 2021 - Samuel Cabrero diff --git a/krb5-mini.spec b/krb5-mini.spec index 49201f3..edff784 100644 --- a/krb5-mini.spec +++ b/krb5-mini.spec @@ -24,7 +24,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: krb5-mini -Version: 1.19.1 +Version: 1.19.2 Release: 0 Summary: MIT Kerberos5 implementation and libraries with minimal dependencies License: MIT diff --git a/krb5.changes b/krb5.changes index 1a60cdb..044ea1f 100644 --- a/krb5.changes +++ b/krb5.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Mon Aug 2 08:39:31 UTC 2021 - Samuel Cabrero + +- Update to 1.19.2 + * Fix a denial of service attack against the KDC encrypted challenge + code; (CVE-2021-36222); + * Fix a memory leak when gss_inquire_cred() is called without a + credential handle. + ------------------------------------------------------------------- Mon May 3 09:40:17 UTC 2021 - Rodrigo Lourenço diff --git a/krb5.spec b/krb5.spec index 4ac870c..ff97ba8 100644 --- a/krb5.spec +++ b/krb5.spec @@ -21,7 +21,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: krb5 -Version: 1.19.1 +Version: 1.19.2 Release: 0 Summary: MIT Kerberos5 implementation License: MIT