krb5-locales - Internationalization support for MIT Kerberos

Property Value
Distribution Ubuntu 16.04 LTS (Xenial Xerus)
Repository Ubuntu Updates Main amd64
Package filename krb5-locales_1.13.2+dfsg-5ubuntu2.1_all.deb
Package name krb5-locales
Package version 1.13.2+dfsg
Package release 5ubuntu2.1
Package architecture all
Package type deb
Category localization
License -
Maintainer Ubuntu Developers <>
Download size 13.27 KB
Installed size 2.70 MB
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service.  That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
This is the MIT reference implementation of Kerberos V5.
This package contains internationalized messages for MIT Kerberos.


Package Version Architecture Repository
krb5-locales_1.13.2+dfsg-5ubuntu2.1_all.deb 1.13.2+dfsg all Ubuntu Updates Main
krb5-locales_1.13.2+dfsg-5_all.deb 1.13.2+dfsg all Ubuntu Main
krb5-locales_1.13.2+dfsg-5_all.deb 1.13.2+dfsg all Ubuntu Main
krb5-locales - - -


Type URL
Binary Package krb5-locales_1.13.2+dfsg-5ubuntu2.1_all.deb
Source Package krb5

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install krb5-locales deb package:
    # sudo apt-get install krb5-locales




2019-01-11 - Eduardo Barretto <>
krb5 (1.13.2+dfsg-5ubuntu2.1) xenial-security; urgency=medium
* SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
modify a principal
- debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
empty arg
- CVE-2016-3119
* SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
- debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
is restricted
- CVE-2016-3120
* SECURITY UPDATE: KDC assertion failure
- debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
assertion failures
- debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
- CVE-2017-11368
* SECURITY UPDATE: Double free vulnerability
- debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
- CVE-2017-11462
* SECURITY UPDATE: Authenticated kadmin with permission to add principals
to an LDAP Kerberos can DoS or bypass DN container check.
- debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
- CVE-2018-5729
- CVE-2018-5730 
2017-01-16 - Eric Desrochers <>
krb5 (1.13.2+dfsg-5ubuntu2) xenial; urgency=medium
* Fix segfault in context_handle (LP: #1648901).
- d/p/check_internal_context_on_init_context_errors.patch: 
Cherry picked patch from upstream VCS.
2016-11-21 - Steve Langasek <>
krb5 (1.13.2+dfsg-5ubuntu1) xenial; urgency=medium
* d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
Cherry-pick from upstream to add SPNEGO special case for
NTLMSSP+MechListMIC.  LP: #1643708.
2016-02-23 - Sam Hartman <>
krb5 (1.13.2+dfsg-5) unstable; urgency=high
*  Security Update
* Verify decoded kadmin C strings [CVE-2015-8629]
CVE-2015-8629: An authenticated attacker can cause kadmind to read
beyond the end of allocated memory by sending a string without a
terminating zero byte. Information leakage may be possible for an
attacker with permission to modify the database. (Closes: #813296)
* Check for null kadm5 policy name [CVE-2015-8630]
CVE-2015-8630: An authenticated attacker with permission to modify a
principal entry can cause kadmind to dereference a null pointer by
supplying a null policy value but including KADM5_POLICY in the mask.
(Closes: #813127)
* Fix leaks in kadmin server stubs [CVE-2015-8631]
CVE-2015-8631: An authenticated attacker can cause kadmind to leak
memory by supplying a null principal name in a request which uses one.
Repeating these requests will eventually cause kadmind to exhaust all
available memory. (Closes: #813126)
2015-11-04 - Benjamin Kaduk <>
krb5 (1.13.2+dfsg-4) unstable; urgency=high
* Import upstream patches fixing regressions in the previous upload:
- CVE-2015-2698: the patch for CVE-2015-2696 caused memory corruption
for applications calling gss_export_sec_context() on contexts
established using the IAKERB mechanism.
- Supply gss_import_sec_context implementations for SPNEGO and IAKERB,
which were not implemented due to the erroneous belief that the
exported context tokens would be tagged with the underlying
context's mechanism.
2015-10-26 - Benjamin Kaduk <>
krb5 (1.13.2+dfsg-3) unstable; urgency=high
* Import upstream patches for three CVEs:
- CVE-2015-2695: SPNEGO context aliasing during establishment
- CVE-2015-2696: IAKERB context aliasing during establishment
- CVE-2015-2697: unsafe string handling in TGS processing
2015-06-25 - Benjamin Kaduk <>
krb5 (1.13.2+dfsg-2) unstable; urgency=medium
* No-change rebuild to target unstable

See Also

Package Description
krb5-multidev_1.13.2+dfsg-5ubuntu2.1_amd64.deb Development files for MIT Kerberos without Heimdal conflict
landscape-client_16.03-0ubuntu2.16.04.7_amd64.deb The Landscape administration system client
landscape-common_16.03-0ubuntu2.16.04.7_amd64.deb The Landscape administration system client - Common files
language-pack-af-base_16.04+20160627_all.deb translations for language Afrikaans
language-pack-af_16.04+20160627_all.deb translation updates for language Afrikaans
language-pack-am-base_16.04+20160627_all.deb translations for language Amharic
language-pack-am_16.04+20160627_all.deb translation updates for language Amharic
language-pack-an-base_16.04+20160627_all.deb translations for language Aragonese
language-pack-an_16.04+20160627_all.deb translation updates for language Aragonese
language-pack-ar-base_16.04+20160627_all.deb translations for language Arabic
language-pack-ar_16.04+20160627_all.deb translation updates for language Arabic
language-pack-as-base_16.04+20160627_all.deb translations for language Assamese
language-pack-as_16.04+20160627_all.deb translation updates for language Assamese
language-pack-ast-base_16.04+20160627_all.deb translations for language Asturian
language-pack-ast_16.04+20160627_all.deb translation updates for language Asturian