From unknown Sat Aug 16 00:34:32 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#28755 <28755@debbugs.gnu.org> To: bug#28755 <28755@debbugs.gnu.org> Subject: Status: [PATCH] gnu: mit-krb5: Replace with 1.15.2 [fixes CVE-2017-{11368, 11462}]. Reply-To: bug#28755 <28755@debbugs.gnu.org> Date: Sat, 16 Aug 2025 07:34:32 +0000 retitle 28755 [PATCH] gnu: mit-krb5: Replace with 1.15.2 [fixes CVE-2017-{1= 1368, 11462}]. reassign 28755 guix-patches submitter 28755 Leo Famulari severity 28755 normal tag 28755 patch thanks From debbugs-submit-bounces@debbugs.gnu.org Sun Oct 08 23:04:11 2017 Received: (at submit) by debbugs.gnu.org; 9 Oct 2017 03:04:11 +0000 Received: from localhost ([127.0.0.1]:56939 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e1OMV-0006pD-B4 for submit@debbugs.gnu.org; Sun, 08 Oct 2017 23:04:11 -0400 Received: from eggs.gnu.org ([208.118.235.92]:51834) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e1OMT-0006p0-UN for submit@debbugs.gnu.org; Sun, 08 Oct 2017 23:04:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e1OMN-00049m-EH for submit@debbugs.gnu.org; Sun, 08 Oct 2017 23:04:04 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_20,T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:56494) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e1OMN-00049g-Ar for submit@debbugs.gnu.org; Sun, 08 Oct 2017 23:04:03 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:42792) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e1OMM-0005Lm-2j for guix-patches@gnu.org; Sun, 08 Oct 2017 23:04:03 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e1OMH-000482-5Z for guix-patches@gnu.org; Sun, 08 Oct 2017 23:04:02 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:44355) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e1OMH-00047l-1y for guix-patches@gnu.org; Sun, 08 Oct 2017 23:03:57 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 39A6520C31; Sun, 8 Oct 2017 23:03:56 -0400 (EDT) Received: from frontend2 ([10.202.2.161]) by compute4.internal (MEProxy); Sun, 08 Oct 2017 23:03:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:message-id:subject:to:x-me-sender:x-me-sender :x-sasl-enc:x-sasl-enc; s=mesmtp; bh=s2HiqlZFRb/dx+qV9CcSgv1Nz2J rKDuFlnW6lAf3bTg=; b=cvd8MUE04jHoryQk1rpHEIsN7gQLKGVisrXdoF4C3hb +attDHViJOx/2xDTZEaMK8ibWPsNwFvmVRKGk9MnprvQYbkUUfYWqj4/JiIk/6zp 8J2jMzMCmKHai742UIh+jO9FIrtQ9G/ezfInaF83Y7AD6sM9zmZ2n/UyzzW7RmEw = DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=date:from:message-id:subject:to :x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=s2Hiql ZFRb/dx+qV9CcSgv1Nz2JrKDuFlnW6lAf3bTg=; b=J6TaxLnHU+zxCuL4AY3WZV FBI1yYNkrnz7Ge+V6yKT5g9rE1T5i9TM/0DlgvUMPNDM7fDgGH3/2gdrp++ZdHNw YGmBxGlw+VeD8tIEiW4Ba+6lnAykliqcPJi9mO7FlFe+4chPA+BeA4BfHFujx3sT NuQwbTkgQAQHsEt1GMOONEBKk4prFZG/3hOYH/Db5o3ix0d1IvWNqNUSsTvTrlYF OPcfw+qOBXFUeOL60WFgcQ4YaNm/ZJBnGxzIH8ugDtmo9q3YFHOt90hY1S66dyQI UbuheMvtwKQfaHrhMrOoVtvDeJAL+y+FQ7fg7epSGula8H7zo0Zn9Yx9zbyA4y/Q == X-ME-Sender: X-Sasl-enc: VNysy4zknNPGbM1zMwpqfNV7/SSHrFfNs1/oK2AoOKsA 1507518235 Received: from jasmine.lan (c-73-165-108-70.hsd1.pa.comcast.net [73.165.108.70]) by mail.messagingengine.com (Postfix) with ESMTPA id E73FF2418B for ; Sun, 8 Oct 2017 23:03:55 -0400 (EDT) From: Leo Famulari To: guix-patches@gnu.org Subject: [PATCH] gnu: mit-krb5: Replace with 1.15.2 [fixes CVE-2017-{11368, 11462}]. Date: Sun, 8 Oct 2017 23:03:51 -0400 Message-Id: X-Mailer: git-send-email 2.14.2 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.1 (----) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.1 (----) * gnu/packages/kerberos.scm (mit-krb5)[replacement]: New field. (mit-krb5-1.15.2): New variable. --- gnu/packages/kerberos.scm | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm index 48b220419..501cede3e 100644 --- a/gnu/packages/kerberos.scm +++ b/gnu/packages/kerberos.scm @@ -46,6 +46,7 @@ (define-public mit-krb5 (package (name "mit-krb5") + (replacement mit-krb5-1.15.2) (version "1.15.1") (source (origin (method url-fetch) @@ -93,6 +94,19 @@ cryptography.") (home-page "http://web.mit.edu/kerberos/") (properties '((cpe-name . "kerberos"))))) +(define mit-krb5-1.15.2 ; CVE-2017-{11368,11462} + (package + (inherit mit-krb5) + (version "1.15.2") + (source (origin + (method url-fetch) + (uri (string-append "http://web.mit.edu/kerberos/dist/krb5/" + (version-major+minor version) + "/krb5-" version ".tar.gz")) + (sha256 + (base32 + "0zn8s7anb10hw3nzwjz7vg10fgmmgvwnibn2zrn3nppjxn9f6f8n")))))) + (define-public shishi (package (name "shishi") -- 2.14.2 From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 09 03:33:30 2017 Received: (at 28755) by debbugs.gnu.org; 9 Oct 2017 07:33:30 +0000 Received: from localhost ([127.0.0.1]:57052 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e1SZ8-0004oH-2Z for submit@debbugs.gnu.org; Mon, 09 Oct 2017 03:33:30 -0400 Received: from eggs.gnu.org ([208.118.235.92]:42054) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e1SZ6-0004o4-TL for 28755@debbugs.gnu.org; Mon, 09 Oct 2017 03:33:29 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e1SYy-00087O-Hv for 28755@debbugs.gnu.org; Mon, 09 Oct 2017 03:33:23 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD, UNWANTED_LANGUAGE_BODY autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:52716) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e1SYy-000873-E8; Mon, 09 Oct 2017 03:33:20 -0400 Received: from [193.50.110.231] (port=46160 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1e1SYx-0006rB-Tz; Mon, 09 Oct 2017 03:33:20 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Leo Famulari Subject: Re: [bug#28755] [PATCH] gnu: mit-krb5: Replace with 1.15.2 [fixes CVE-2017-{11368, 11462}]. References: X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 18 =?utf-8?Q?Vend=C3=A9miaire?= an 226 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Mon, 09 Oct 2017 09:33:18 +0200 In-Reply-To: (Leo Famulari's message of "Sun, 8 Oct 2017 23:03:51 -0400") Message-ID: <87tvz8ai81.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: 28755 Cc: 28755@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) Leo Famulari skribis: > * gnu/packages/kerberos.scm (mit-krb5)[replacement]: New field. > (mit-krb5-1.15.2): New variable. LGTM, thanks! Ludo'. From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 09 13:35:29 2017 Received: (at control) by debbugs.gnu.org; 9 Oct 2017 17:35:29 +0000 Received: from localhost ([127.0.0.1]:58518 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e1bxg-0000pY-QR for submit@debbugs.gnu.org; Mon, 09 Oct 2017 13:35:28 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:52917) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e1bxe-0000pQ-KT for control@debbugs.gnu.org; Mon, 09 Oct 2017 13:35:27 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id A411921593; Mon, 9 Oct 2017 13:35:24 -0400 (EDT) Received: from frontend1 ([10.202.2.160]) by compute4.internal (MEProxy); Mon, 09 Oct 2017 13:35:24 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=content-type:date:from:message-id:mime-version:to:x-me-sender :x-me-sender:x-sasl-enc:x-sasl-enc; s=mesmtp; bh=dZ9g7KJPjthRXc2 gZiO1OiEJ4FOVXEfLu2bn7bqiOkY=; b=Z8LI6Msgcy2mNyM5550jZqI4nSYog/H +1C3q3SX2eB2F4KBudWUL7l//XziPHKaS8COLvnMpaP7OG3kvxv3RYKG5WbbrZV8 s5Kc0RBBNhCiGBeXzFUoj+Gv9ex7SCY3NpbSsO+9OwJSjzzzyXSx+zvdnRhrbqN8 lskfSTVnR94M= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=dZ9g7KJPjthRXc2gZiO1OiEJ4FOVXEfLu2bn7bqiOkY=; b=J40ct otfn7KzcUsoNLVuEeHxlsgs+LN9s2TOFYZdPnB25KAKQaTGIBP6km7mnl2d+Kcn+ xkd962CMBig6/YacX+aN5T8yAY0d2/K+Hr8SVCvtI/UqeKcWB182N221p5eUtQsO dIblYVYbS6Ygdb7qG098y8FV4ggst8xnxxC0vCWRj+c7z/z6MAvkhoR3rEYkx/BX wOPVXwgtBN9lxiREVxco4Cs7WQj7Pd3uK5ZFsew2Z60z9VqDjsTPUD5CWOj7l2H+ 1DUH3Uu9HCm3GP4NZ+8wEIS+tqEEI7xHrLv4QHQsjrJgrvXjxgM8R1BCYxPD0lD4 12FL0quhhMnbleVEA== X-ME-Sender: X-Sasl-enc: cveayF9n8e2FMEwd0U36VWLzkoctnJIL6ZhAfhdPGjLL 1507570524 Received: from localhost (c-73-165-108-70.hsd1.pa.comcast.net [73.165.108.70]) by mail.messagingengine.com (Postfix) with ESMTPA id 59D0F7FA5E for ; Mon, 9 Oct 2017 13:35:24 -0400 (EDT) Date: Mon, 9 Oct 2017 13:35:21 -0400 From: Leo Famulari To: control@debbugs.gnu.org Message-ID: <20171009173521.GA5518@jasmine.lan> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="VbJkn9YxBvnuCH5J" Content-Disposition: inline User-Agent: Mutt/1.9.1 (2017-09-22) X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: 28755 close close 28755 [...] Content analysis details: (1.3 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [66.111.4.25 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [66.111.4.25 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject -0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: 28755 close close 28755 [...] Content analysis details: (1.3 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [66.111.4.25 listed in wl.mailspike.net] -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [66.111.4.25 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject -0.0 RCVD_IN_MSPIKE_WL Mailspike good senders --VbJkn9YxBvnuCH5J Content-Type: text/plain; charset=us-ascii Content-Disposition: inline 28755 close close 28755 --VbJkn9YxBvnuCH5J Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlnbs1kACgkQJkb6MLrK fwghWg/+J/qDu8ZwehgCdWOPcLW/s6YllxT/z6OhzBhuzHYxHX/oy4WYlMfvLe7T KgxAptzfeWdBDkp1mdR8MCFtmyCjbbEhXKwe0QQJSUoyBefOW0DgbPkfD0/bLpY9 B7oYso+1oGjY6w5wSrC+sq8Iuti/m6roMxilELhYkGSizAbgwzf58wPHu76/JK6C Rx++vGvZo9f4w30tPPrIKE5j5IMufxNaC6hoy4PIFHaSVKtzl+1YC6wksPXSa2Km IC4OVBmV61pkR1LD3dIz+ZGoe6AEfLKJNX6lFDx6jZ+jmSeylwQG10jbar1nnBmK w1FpS6El34zn1vEZIJVE5SrUrzpheEDqEykThZORsXtk523w/Nt0OluSqkLFZn4V mc7zBiY8rUCQeyXJZ6iPyVBpKkDRkAMOPuZcp6v0waJpx6enWnlq37rGluWlLS5R bBTN4le6oIShp726GQlM1Ozw0vJH2aVJp3GfUpnO71GSAyFAS4xfsTyPVWJvEjf7 skLnhhMEaoo7fozvT/fqzqxlWFDO1301mbUIKJ87cXLlwIl4c9OVHppEjceknaTS sX7D3gAyGS9pj1tRmh1KNXnQDxHx6Mt2QlhCNd5lwKuydH9Qcox0WnHRrr6dhS8/ HYmlt0PvVYg70kFyrwa12fliR1X6aklTejyXM+trfMdMGFsVd28= =ZrEl -----END PGP SIGNATURE----- --VbJkn9YxBvnuCH5J-- From unknown Sat Aug 16 00:34:32 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Tue, 07 Nov 2017 12:24:06 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator