-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 07 May 2025 19:06:22 +0200 Source: krb5 Binary: krb5-admin-server krb5-admin-server-dbgsym krb5-gss-samples krb5-gss-samples-dbgsym krb5-k5tls krb5-k5tls-dbgsym krb5-kdc krb5-kdc-dbgsym krb5-kdc-ldap krb5-kdc-ldap-dbgsym krb5-kpropd krb5-kpropd-dbgsym krb5-multidev krb5-otp krb5-otp-dbgsym krb5-pkinit krb5-pkinit-dbgsym krb5-user krb5-user-dbgsym libgssapi-krb5-2 libgssrpc4 libk5crypto3 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 libkrad-dev libkrad0 libkrb5-3 libkrb5-dbg libkrb5-dev libkrb5support0 Architecture: mips64el Version: 1.20.1-2+deb12u4 Distribution: bookworm Urgency: medium Maintainer: mipsel Build Daemon (mipsel-osuosl-03) Changed-By: Bastien Roucariès Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-k5tls - TLS plugin for MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-kpropd - MIT Kerberos key server (Slave KDC Support) krb5-multidev - development files for MIT Kerberos without Heimdal conflict krb5-otp - OTP plugin for MIT Kerberos krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit12 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit12 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-10 - MIT Kerberos runtime libraries - Kerberos database libkrad-dev - MIT Kerberos RADIUS Library Development libkrad0 - MIT Kerberos runtime libraries - RADIUS library libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - debugging files for MIT Kerberos libkrb5-dev - headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Closes: 1103525 Changes: krb5 (1.20.1-2+deb12u4) bookworm; urgency=medium . * Non Maintainer upload by LTS team * Fix CVE-2025-3576. Closes: #1103525 A Vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. * Tickets will not be issued with RC4 or triple-DES session keys unless explicitly configured with the new allow_rc4 or allow_des3 variables respectively. * In KDC, assume all services support aes256-sha1 To facilitate negotiating session keys with acceptable security, assume that services support aes256-cts-hmac-sha1 unless a session_enctypes string attribute says otherwise. Checksums-Sha1: 7c5e16b9217a24fd6d87eb23184179e0291a62cb 215128 krb5-admin-server-dbgsym_1.20.1-2+deb12u4_mips64el.deb ce6fdaf25ceff20573a54f8ce3ec299c6750b70f 87224 krb5-admin-server_1.20.1-2+deb12u4_mips64el.deb e50c9c420152b91224f0cf8d3ae2a6e01d14dda5 39440 krb5-gss-samples-dbgsym_1.20.1-2+deb12u4_mips64el.deb 45e677b77f0db527559c358f0b41d939a85a76b6 28680 krb5-gss-samples_1.20.1-2+deb12u4_mips64el.deb f852cfc2a7a58227258efa3cee5a27e03ddec5e1 20944 krb5-k5tls-dbgsym_1.20.1-2+deb12u4_mips64el.deb 3d4d3144124c414370b992a9ac9a5ad9f1ed4d46 19376 krb5-k5tls_1.20.1-2+deb12u4_mips64el.deb 7a97cbf16a4746533a198a5eabb58d9597e10a61 469244 krb5-kdc-dbgsym_1.20.1-2+deb12u4_mips64el.deb 67c0e57b2ec531665a7dad0a9bf2c6bfe6a68a5f 194720 krb5-kdc-ldap-dbgsym_1.20.1-2+deb12u4_mips64el.deb e63428b6d8c2a622ccea8eb1c4172f9f6de407f9 82032 krb5-kdc-ldap_1.20.1-2+deb12u4_mips64el.deb ccfef3d137236d9df4b8ba5ace2948f577069990 173736 krb5-kdc_1.20.1-2+deb12u4_mips64el.deb 78f06e1ee3cd595c54443ff985eb31f44243c67e 44872 krb5-kpropd-dbgsym_1.20.1-2+deb12u4_mips64el.deb 31aac8be3d0d79737312b3c6cee6893dd7a6472d 31196 krb5-kpropd_1.20.1-2+deb12u4_mips64el.deb a0b01045eb6dbe98ab9133fd1806b4bc1152b710 125628 krb5-multidev_1.20.1-2+deb12u4_mips64el.deb 40a0cfde95e361e56f95e8b608a7c7a348963caf 30420 krb5-otp-dbgsym_1.20.1-2+deb12u4_mips64el.deb 6b60f20e9c82131addc80a798bbbe7fa1d188b19 21676 krb5-otp_1.20.1-2+deb12u4_mips64el.deb f0c3630c96f682aa0a2c26754305ec6a19f2b01a 161908 krb5-pkinit-dbgsym_1.20.1-2+deb12u4_mips64el.deb 4919037fdd2be0e487a13a5335bbc088d6ee76aa 52872 krb5-pkinit_1.20.1-2+deb12u4_mips64el.deb 9aaa83cf193191aee58ddc120d6bdd48d6db70cd 204584 krb5-user-dbgsym_1.20.1-2+deb12u4_mips64el.deb 6d976b6b2ea0e0cd67f1ebff28dbfcee8c2a1edb 115476 krb5-user_1.20.1-2+deb12u4_mips64el.deb ca69a3500179cfb87b47f56d568e6b13e432fe99 16074 krb5_1.20.1-2+deb12u4_mips64el-buildd.buildinfo e7ef57268b9c1aa20839221cbc7ad3d2f8e597de 118032 libgssapi-krb5-2_1.20.1-2+deb12u4_mips64el.deb b0a14ea39e410e65b61e2794710b166fcaf79d09 53472 libgssrpc4_1.20.1-2+deb12u4_mips64el.deb 2b5882b96d0912bf26d348d9824df49e718d6dfc 86240 libk5crypto3_1.20.1-2+deb12u4_mips64el.deb ce1b478ce9f57fcbd06ed1581ceb459f64ded266 38264 libkadm5clnt-mit12_1.20.1-2+deb12u4_mips64el.deb dd2ebad05feecc3637804f75d43a22155310500b 48548 libkadm5srv-mit12_1.20.1-2+deb12u4_mips64el.deb e87ab1da2473d51f039038db0c7bc4f7d99b73ef 38360 libkdb5-10_1.20.1-2+deb12u4_mips64el.deb b634e7854628efc19d1f033b8a7331c3876bae8f 15904 libkrad-dev_1.20.1-2+deb12u4_mips64el.deb 22adde6e33081dc2c2a5c4da9a07ee27fb51d897 23976 libkrad0_1.20.1-2+deb12u4_mips64el.deb b83e71162f0955274b0fba333857f07f64840702 296912 libkrb5-3_1.20.1-2+deb12u4_mips64el.deb 2e8135ff733ce1f9d321a6a7abb91b4f3a8deb62 2229896 libkrb5-dbg_1.20.1-2+deb12u4_mips64el.deb f9861f4a44d6b4e42311dda6c68692c9e57e277b 15436 libkrb5-dev_1.20.1-2+deb12u4_mips64el.deb e8d82fb0880657514605d724d2503c2986c1208c 31056 libkrb5support0_1.20.1-2+deb12u4_mips64el.deb Checksums-Sha256: e183ed0aa9770afe35db6e31ac28abfa56bcec5f6bacbdfacaade92a7293e4cf 215128 krb5-admin-server-dbgsym_1.20.1-2+deb12u4_mips64el.deb eb7240f69c930e06edd721c0e8694bfd5a4d6169923d3db4d310de22a285b478 87224 krb5-admin-server_1.20.1-2+deb12u4_mips64el.deb 0ae70568eb1cd76aaba51d80c2c2329c1bfc87d4156335a63b4da271f3d4de10 39440 krb5-gss-samples-dbgsym_1.20.1-2+deb12u4_mips64el.deb 80e2079d4010c788b98e447575bd0334ae9a392bbc7a6abf037b5e0769d31439 28680 krb5-gss-samples_1.20.1-2+deb12u4_mips64el.deb d21270ded1a8661dfcce2edc3a8165feb4a5866fbc87007b2a8d65e8af380d75 20944 krb5-k5tls-dbgsym_1.20.1-2+deb12u4_mips64el.deb 4a30a45574e1d84aba1ae54989922a81079f5d9f63eb060693fe3795142db879 19376 krb5-k5tls_1.20.1-2+deb12u4_mips64el.deb 24fa718bb602204d1f7ae54e9bb48c6a1a3ccc9201a7b4aeb1e316cc2b65779c 469244 krb5-kdc-dbgsym_1.20.1-2+deb12u4_mips64el.deb 837941697c17f5cfd206d9c31bb6dde432c1fd95b5dbc7a158238dff2c3cb830 194720 krb5-kdc-ldap-dbgsym_1.20.1-2+deb12u4_mips64el.deb 7ab763c541d551a861f34bafcec70daa501b62b5546677d75dee5eeee42a879f 82032 krb5-kdc-ldap_1.20.1-2+deb12u4_mips64el.deb 167e56c2736bdba254d7cb90584e2e5ac5496a817cf0d150ea76811efccedee9 173736 krb5-kdc_1.20.1-2+deb12u4_mips64el.deb c1c0652bf48abe42fc6a165dce293932b029d6858cf5711ba4b76a86062b01f2 44872 krb5-kpropd-dbgsym_1.20.1-2+deb12u4_mips64el.deb d946cc529da85265ad60faba31bab7d4a86ff875049a68df8dc731587328d0a2 31196 krb5-kpropd_1.20.1-2+deb12u4_mips64el.deb 09a16c6f4744ed7b50668e08147bc5b31eb9820b60f139da8db8dff652b70764 125628 krb5-multidev_1.20.1-2+deb12u4_mips64el.deb e3f02508a5a79e9b4320fde87dfefd8456bbd22ae46ef53b399a62dac3438213 30420 krb5-otp-dbgsym_1.20.1-2+deb12u4_mips64el.deb d6e4ca0bcd954dcbc66586cf6597c2bdb4397f0c532874a08935e5aa6f7fcc8f 21676 krb5-otp_1.20.1-2+deb12u4_mips64el.deb 53b802fe60670fc71c29fa2f5ab615960f1decfb42ee79ded220fc5507cfe009 161908 krb5-pkinit-dbgsym_1.20.1-2+deb12u4_mips64el.deb 4f188ef1784fd10859f4367f7863a0f6cf50ed7bf87fc664b968a3bd2e47397b 52872 krb5-pkinit_1.20.1-2+deb12u4_mips64el.deb 8418bbde9a110143e835ec44b0d09782c47019bf68f3716ab48e448594103725 204584 krb5-user-dbgsym_1.20.1-2+deb12u4_mips64el.deb 9ba1bcc7b57e6381d154a762c6041fdafc55e7bbaf351ed5d00c12de7063d2ec 115476 krb5-user_1.20.1-2+deb12u4_mips64el.deb 58f36539d94698a5a263d8387b07778aa9f3b5eb9aab1f62bac2fb09fe3ce702 16074 krb5_1.20.1-2+deb12u4_mips64el-buildd.buildinfo 18dfa6ebacfa4348f5d40ad4af8bce40c210b0a19d7796ca7da1897a71fee821 118032 libgssapi-krb5-2_1.20.1-2+deb12u4_mips64el.deb 0453e3134973ab132d4fea298d0b2b668ab373e6491fa949bbe956da460ffc7c 53472 libgssrpc4_1.20.1-2+deb12u4_mips64el.deb 09b956d2834cc0d96a4cbcfd9fa8b1ee1f696074ce6bc0abf6cadd2c092eb1e3 86240 libk5crypto3_1.20.1-2+deb12u4_mips64el.deb 4d3aec0ad16b2d61736b282f3aa1a30390f1b7f82338bafafd4b03a72ec211d8 38264 libkadm5clnt-mit12_1.20.1-2+deb12u4_mips64el.deb 90085a5ac2f08b368040f4c10f1c41c0de770fc8f0b09b12f47b51729b724b82 48548 libkadm5srv-mit12_1.20.1-2+deb12u4_mips64el.deb 0f39b345a9f2d44f63d20bca9254749cbb6cbea15590fc7d9c60b6c197e0544f 38360 libkdb5-10_1.20.1-2+deb12u4_mips64el.deb ee76c6168393760155014993dff199ed1fa94d5cafccda5b9647730c5cbc4a36 15904 libkrad-dev_1.20.1-2+deb12u4_mips64el.deb 9138250095ebbdd1a57216eaa7a8fa91c27e129ad7b0fa2773ee5b8a93ff6d84 23976 libkrad0_1.20.1-2+deb12u4_mips64el.deb fb151be5b4711be76a8cdd83b022185d3f892b438ba22aa76c2c2bde4ec56df6 296912 libkrb5-3_1.20.1-2+deb12u4_mips64el.deb bbbaa6e31e5bccf54c2fed6d72bee77859614be2d9a7f8236be4839e8710d1b7 2229896 libkrb5-dbg_1.20.1-2+deb12u4_mips64el.deb 1113c5f215059ea9de006567fb3bb78548fbdef72a0672d4b5ede80cd12a8f86 15436 libkrb5-dev_1.20.1-2+deb12u4_mips64el.deb 711caf74b307b2f5b86717f568c2ba676e5fbe391abd2a0cc69d7d83dacbb5fc 31056 libkrb5support0_1.20.1-2+deb12u4_mips64el.deb Files: 0bb0ed5033097b6c83692ba2eec241cd 215128 debug optional krb5-admin-server-dbgsym_1.20.1-2+deb12u4_mips64el.deb a9e10ed78b836ee9538c7a1efff421a9 87224 net optional krb5-admin-server_1.20.1-2+deb12u4_mips64el.deb 26fd4e6ec0b489aaf6fb92d9b9c1a673 39440 debug optional krb5-gss-samples-dbgsym_1.20.1-2+deb12u4_mips64el.deb ac5e87bb3772a20bf7c1124cf75bc5d1 28680 net optional krb5-gss-samples_1.20.1-2+deb12u4_mips64el.deb c627f53423d25e15b92d0105a0428870 20944 debug optional krb5-k5tls-dbgsym_1.20.1-2+deb12u4_mips64el.deb 13de6b48f674832b2e563b720300e3c9 19376 net optional krb5-k5tls_1.20.1-2+deb12u4_mips64el.deb 372c883dcec075fcd99f022a153298c5 469244 debug optional krb5-kdc-dbgsym_1.20.1-2+deb12u4_mips64el.deb 2ff2a0371e11cfd265bca4c78fab86ee 194720 debug optional krb5-kdc-ldap-dbgsym_1.20.1-2+deb12u4_mips64el.deb 614118d7d36dc3eb480c36cffab7d0dc 82032 net optional krb5-kdc-ldap_1.20.1-2+deb12u4_mips64el.deb ce7b7fa412896be5bf8fb2aad0df71cb 173736 net optional krb5-kdc_1.20.1-2+deb12u4_mips64el.deb 4e6c741dea6884fa710d7dfc1fc2f6c6 44872 debug optional krb5-kpropd-dbgsym_1.20.1-2+deb12u4_mips64el.deb 0d0c13d9c009ad1425726e866c6e1f21 31196 net optional krb5-kpropd_1.20.1-2+deb12u4_mips64el.deb 6c0ae98267666f944768007421852854 125628 libdevel optional krb5-multidev_1.20.1-2+deb12u4_mips64el.deb 94509e43287fbbec6e6a4eb70ab78abb 30420 debug optional krb5-otp-dbgsym_1.20.1-2+deb12u4_mips64el.deb 608040b23aff105deeefd034e596bcb8 21676 net optional krb5-otp_1.20.1-2+deb12u4_mips64el.deb 54c964d7e130f615ec3b306a55053c02 161908 debug optional krb5-pkinit-dbgsym_1.20.1-2+deb12u4_mips64el.deb 568f4298cca0f8926b3d2cdf64e25a7c 52872 net optional krb5-pkinit_1.20.1-2+deb12u4_mips64el.deb d6debccea8d7d2c52c6aec863de08296 204584 debug optional krb5-user-dbgsym_1.20.1-2+deb12u4_mips64el.deb 517b5b3cb4debab5f25c6a4889918721 115476 net optional krb5-user_1.20.1-2+deb12u4_mips64el.deb 595707c8a1df9997785fd4168c8a6ea5 16074 net optional krb5_1.20.1-2+deb12u4_mips64el-buildd.buildinfo 6e2b7e8477a736511977c9ddbbee6488 118032 libs optional libgssapi-krb5-2_1.20.1-2+deb12u4_mips64el.deb b92fb96de0af23ff52268b02c27d9068 53472 libs optional libgssrpc4_1.20.1-2+deb12u4_mips64el.deb cda752468e2937243f0c7a6b042046a8 86240 libs optional libk5crypto3_1.20.1-2+deb12u4_mips64el.deb 291bd35a3d7cab32dc20201b92b24c03 38264 libs optional libkadm5clnt-mit12_1.20.1-2+deb12u4_mips64el.deb 494dc1a25d941632ddaa6c3dd7c5e1b5 48548 libs optional libkadm5srv-mit12_1.20.1-2+deb12u4_mips64el.deb 9b6b609224fc6846e8cfd567639fc2d4 38360 libs optional libkdb5-10_1.20.1-2+deb12u4_mips64el.deb 9348b298ca1597c9d69d3f016b460410 15904 libdevel optional libkrad-dev_1.20.1-2+deb12u4_mips64el.deb de44d7989c7c4179cfb1564d36162a09 23976 libs optional libkrad0_1.20.1-2+deb12u4_mips64el.deb 50811f5a2f124d1d179ad583cbfa2967 296912 libs optional libkrb5-3_1.20.1-2+deb12u4_mips64el.deb 44c59f1a36e1edbc2bc455af58302d54 2229896 debug optional libkrb5-dbg_1.20.1-2+deb12u4_mips64el.deb c8cd62b8e4cb2e2789aa7da9da202342 15436 libdevel optional libkrb5-dev_1.20.1-2+deb12u4_mips64el.deb e3f0de40d6dc35e56bb4844fa564967c 31056 libs optional libkrb5support0_1.20.1-2+deb12u4_mips64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEesE3YcWKZXIkRPMemf85J+x5/aoFAmg7ePAACgkQmf85J+x5 /aq3Ow//XSuDJysUw5j4RfDY9jApebDBJVFB2/zS76/PK03dAyZaC33Pe++GUby7 KHUE+RMqaQIAcWHw8yNPXzdDzx8H991DC9w3X+lr498M9WfXZOexJ6xYLA3N7fPs ZeDYMStOGGDOkWwLCZbcKc2kAnKv2sHCOzt6pEmbx/iGjIjGY4m7YYC7Wpq6G4Ft 1Olk9rtrD9giHPCzFcNdhTDO/lGpwQq0J3lqBndAilp6tArrtKl4FRAyT8a53opP 6PdeYqnNS+aHy8/6G5uOAvKgNWq9mMbEroJuWrspVGlvWxXq/IHJgxwhAPuLP+eb PNRDYOQyxnONkL9uE5Xw0HulUJkfDdqonwJQtu9vAAb+x/CYgtxAOIBCH26Zw3q7 J2hik13eIaCkU8optccWOfVd6ZyPR6NOHpNuct0n2g3cAtSVOeUaY7BZAX+czcNq UdJEbtkngg1xOt2LLM4ROlpZyRfkqmYziGmDVuvgTflZCFIBNpeIoRsFlUhEtQSG kRGp7GCL8a4vfVnlHLYB3ctE/cIViHjY6Kf9jhMQkvljjV7O2Bgr38KPcLbf5JSH 1AbH2klBmXavE6/xmLyVZOJdAp/nJDZvxkJtPKMMHFcdinEuIN1xNzf/i8B6m9DW njSejsuSj7L0uVFZJQTL7upCzwM92tmrbPL3ZV6ciLLUOS2HyF4= =T8De -----END PGP SIGNATURE-----