krb5-multidev - Development files for MIT Kerberos without Heimdal conflict

Property Value
Distribution Debian 8 (Jessie)
Repository Debian Main amd64
Package name krb5-multidev
Package version 1.12.1+dfsg
Package release 19+deb8u4
Package architecture amd64
Package type deb
Installed size 726 B
Download size 142.03 KB
Official Mirror
Kerberos is a system for authenticating users and services on a network.
Kerberos is a trusted third-party service.  That means that there is a
third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
This is the MIT reference implementation of Kerberos V5.
Most users wishing to build applications against MIT Kerberos should
install libkrb5-dev.  However, that package conflicts with heimdal-dev.
This package installs libraries and headers in /usr/include/mit-krb5 and
/usr/lib/mit-krb5 and can be installed along side heimdal-multidev, which
provides the same facilities for Heimdal.


Package Version Architecture Repository
krb5-multidev_1.12.1+dfsg-19+deb8u4_i386.deb 1.12.1+dfsg i386 Debian Main
krb5-multidev - - -


Name Value
comerr-dev -
libgssapi-krb5-2 = 1.12.1+dfsg-19+deb8u4
libgssrpc4 = 1.12.1+dfsg-19+deb8u4
libk5crypto3 = 1.12.1+dfsg-19+deb8u4
libkadm5clnt-mit9 = 1.12.1+dfsg-19+deb8u4
libkadm5srv-mit9 = 1.12.1+dfsg-19+deb8u4
libkrb5-3 = 1.12.1+dfsg-19+deb8u4


Type URL
Binary Package krb5-multidev_1.12.1+dfsg-19+deb8u4_amd64.deb
Source Package krb5

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install krb5-multidev deb package:
    # sudo apt-get install krb5-multidev




2017-08-28 - Sam Hartman <>
krb5 (1.12.1+dfsg-19+deb8u4) jessie; urgency=medium
* New version number; same code as deb8u3 but rebuilt to build arch all
packages and because dgit doesn't deal well with reusing a version
number when a package is rejected
2017-08-13 - Sam Hartman <>
krb5 (1.12.1+dfsg-19+deb8u3) jessie; urgency=high
* CVE-2017-11368: Remote authenticated attackers can crash the KDC,
Closes: #869260
*  fix for CVE-2016-3120 (kdc crash on restrict_anon_to_tgt), Closes:
* fix for CVE-2016-3119: remote DOS with ldap for authenticated
attackers, Closes: #819468
* Prevent requires_preauth bypass (CVE-2015-2694), Closes: #783557
2016-01-31 - Salvatore Bonaccorso <>
krb5 (1.12.1+dfsg-19+deb8u2) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* Verify decoded kadmin C strings [CVE-2015-8629]
CVE-2015-8629: An authenticated attacker can cause kadmind to read
beyond the end of allocated memory by sending a string without a
terminating zero byte. Information leakage may be possible for an
attacker with permission to modify the database. (Closes: #813296)
* Check for null kadm5 policy name [CVE-2015-8630]
CVE-2015-8630: An authenticated attacker with permission to modify a
principal entry can cause kadmind to dereference a null pointer by
supplying a null policy value but including KADM5_POLICY in the mask.
(Closes: #813127)
* Fix leaks in kadmin server stubs [CVE-2015-8631]
CVE-2015-8631: An authenticated attacker can cause kadmind to leak
memory by supplying a null principal name in a request which uses one.
Repeating these requests will eventually cause kadmind to exhaust all
available memory. (Closes: #813126)
2015-11-04 - Benjamin Kaduk <>
krb5 (1.12.1+dfsg-19+deb8u1) jessie-security; urgency=high
* Import upstream patches for four CVEs:
- CVE-2015-2695: SPNEGO context aliasing during establishment,
Closes: #803083
- CVE-2015-2696: IAKERB context aliasing during establishment,
Closes: #803084
- CVE-2015-2697: unsafe string handling in TGS processing,
Closes: #803088
- CVE-2015-2698: regression (memory corruption) in patch for CVE-2015-2696
* In addition to CVE-2015-2698, the upstream patches for CVE-2015-2695
and CVE-2015-2696 introduced regressions preventing the use of
gss_import_sec_context() with contexts established using IAKERB
or SPNEGO; the fixes for those regressions are included here.
2015-03-20 - Sam Hartman <>
krb5 (1.12.1+dfsg-19) unstable; urgency=medium
* mark systemd unit directories as optional, Closes: #780831
2015-02-18 - Benjamin Kaduk <>
krb5 (1.12.1+dfsg-18) unstable; urgency=high
* Import upstream patch for CVE-2014-5355, Closes: #778647
2015-02-03 - Sam Hartman <>
krb5 (1.12.1+dfsg-17) unstable; urgency=high
* MITKRB5-SA-2015-001
- CVE-2014-5352: gss_process_context_token() incorrectly frees context
- CVE-2014-9421: kadmind doubly frees partial deserialization results
- CVE-2014-9422: kadmind incorrectly validates server principal name  
- CVE-2014-9423: libgssrpc server applications leak uninitialized bytes
2014-12-15 - Benjamin Kaduk <>
krb5 (1.12.1+dfsg-16) unstable; urgency=medium
* Import upstream patches for CVE-2014-5353 and CVE-2014-5354,
Closes: #773226, Closes: #773228
2014-11-21 - Benjamin Kaduk <>
krb5 (1.12.1+dfsg-15) unstable; urgency=medium
* Also apply slapd-before-kdc.conf to krb5-admin-server.service.d,
Closes: #769710
2014-11-07 - Benjamin Kaduk <>
krb5 (1.12.1+dfsg-14) unstable; urgency=medium
* The upstream patch in 1.12.1+dfsg-13 was incomplete; pull in
another upstream patch upon which it depended, to fix the
kfreebsd build, Closes: #768379

See Also

Package Description
krb5-otp_1.12.1+dfsg-19+deb8u4_amd64.deb OTP plugin for MIT Kerberos
krb5-pkinit_1.12.1+dfsg-19+deb8u4_amd64.deb PKINIT plugin for MIT Kerberos
krb5-strength_3.0-1_amd64.deb Password strength checking for Kerberos KDCs
krb5-sync-plugin_3.0-4_amd64.deb MIT Kerberos Active Directory synchronization plugin
krb5-sync-tools_3.0-4_amd64.deb Kerberos Active Directory synchronization tools
krb5-user_1.12.1+dfsg-19+deb8u4_amd64.deb Basic programs to authenticate using MIT Kerberos
krdc_4.14.1-1_amd64.deb Remote Desktop Connection client
krecipes-data_2.0~beta2-3_all.deb recipes manager for KDE - data files
krecipes-doc_2.0~beta2-3_all.deb recipes manager for KDE - documentation
krecipes_2.0~beta2-3_amd64.deb recipes manager for KDE
kredentials_2.0~pre3-1.1_amd64.deb KDE taskbar applet to update kerberos/AFS credentials
kremotecontrol_4.14.2-1_amd64.deb frontend for using remote controls
krename_4.0.9-3+b1_amd64.deb powerful batch renamer for KDE
kreversi_4.13.1-1_amd64.deb reversi board game
krfb_4.14.2-1_amd64.deb Desktop Sharing utility