: VCS matches the version in the archive
- Git: https://salsa.debian.org/debian/libpam-krb5.git -b debian/master
- Branch: debian/master
- Path: debian/changelog
- Browser: https://salsa.debian.org/debian/libpam-krb5
- Last scan: 2020-06-03 22:00:08+00
- Next scan: 2020-06-12 21:53:00+00
- Merge requests: 1
- Debian changelog in Git:
libpam-krb5 (4.9-1) unstable; urgency=high
* New upstream release.
- Fix potential one-byte buffer overflow when relaying prompts from
the underlying Kerberos library. (CVE-2020-10595)
- Support use_pkinit with MIT Kerberos. (Closes: #871699)
- Reject passwords as long or longer than PAM_MAX_RESP_SIZE (512
octets) to avoid denial of service attacks.
- Use explicit_bzero to erase passwords before freeing.
- Return more accurate errors from the Kerberos prompter function.
- Fix an edge-case memory leak in pam_chauthtok.
* Update to debhelper compatibility level V12.
- Depend on debhelper-compat instead of debhelper.
* Update standards version to 4.5.0 (no changes required).
* Refresh upstream signing key.
-- Russ Allbery <firstname.lastname@example.org> Mon, 30 Mar 2020 19:46:43 -0700
- This branch is even with tag archive/debian/4.9-1