File krb5-appl.changes of Package krb5-appl.26157
------------------------------------------------------------------- Tue Sep 27 07:52:37 UTC 2022 - pgajdos@suse.com - security update - added patches fix CVE-2022-39028 [bsc#1203759], NULL pointer dereference in krb5-appl telnetd + krb5-appl-CVE-2022-39028.patch ------------------------------------------------------------------- Fri Feb 5 09:55:10 UTC 2021 - Samuel Cabrero <scabrero@suse.de> - CVE-2019-25017: Check the filenames sent by the server match those requested by the client; (bsc#1131109); - Add patch CVE-2019-25017.patch - CVE-2019-25018: Disallow empty incoming filename or ones that refer to the current directory; (bsc#1131109); - Add patch CVE-2019-25018.patch ------------------------------------------------------------------- Thu May 28 16:20:42 UTC 2020 - Samuel Cabrero <scabrero@suse.de> - Fix CVE-2020-10188: krb5-appl,telnet-server: remote root code execution; (bsc#1165787) - Add patch CVE-2020-10188.patch ------------------------------------------------------------------- Fri Nov 16 19:36:35 UTC 2012 - aj@suse.de - Fix build failure with glibc 2.17 (patch krb5-appl-1.0.3-libc.patch, taken from Fedora) ------------------------------------------------------------------- Sat Oct 6 17:53:00 CEST 2012 - mc@suse.de - add group to subpackages ------------------------------------------------------------------- Fri Jan 27 11:13:30 CET 2012 - mc@suse.de - update to version 1.0.3 * Fixed a remote code execution in ktelnetd (CVE-2011-4862 / bnc#738632) ------------------------------------------------------------------- Wed Dec 21 10:10:21 UTC 2011 - coolo@suse.com - remove call to suse_update_config (very old work around) ------------------------------------------------------------------- Sun Aug 21 14:15:31 UTC 2011 - mc@novell.com - update to version 1.0.2 * include MITKRB5-SA-2011-005 ------------------------------------------------------------------- Wed Jul 6 15:47:31 CEST 2011 - mc@suse.de - fix krb5 ftpd unauthorized file access (bnc#698471, MITKRB5-SA-2011-005, CVE-2011-1526) ------------------------------------------------------------------- Fri Apr 29 13:46:26 CEST 2011 - mc@suse.de - update to version 1.0.1 - fix telnet issue (bnc#688281) ------------------------------------------------------------------- Thu Mar 4 11:03:42 CET 2010 - mc@suse.de - update to final version 1.0 ------------------------------------------------------------------- Fri Jan 8 17:17:53 CET 2010 - mc@suse.de - initial version 1.0 Alpha 1
