pool/krb5
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 921724 from home:scabrero:branches:network

Browse Source 
Add CVE references from SLE to prepare submission for SLE 15 SP4/Leap 15.4

OBS-URL: https://build.opensuse.org/request/show/921724
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=254
This commit is contained in:
Samuel Cabrero 2021-09-30 16:39:57 +00:00 committed by Git OBS Bridge
parent cba0a3d8f7
commit 10dc124f2d
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
krb5-mini.changes
View File

@ -72,7 +72,7 @@ Thu Nov 19 09:30:13 UTC 2020 - Samuel Cabrero <scabrero@suse.de>
- Update to 1.18.3 - Update to 1.18.3
* Fix a denial of service vulnerability when decoding Kerberos * Fix a denial of service vulnerability when decoding Kerberos
protocol messages. protocol messages; (CVE-2020-28196); (bsc#1178512);
* Fix a locking issue with the LMDB KDB module which could cause * Fix a locking issue with the LMDB KDB module which could cause
KDC and kadmind processes to lose access to the database. KDC and kadmind processes to lose access to the database.
* Fix an assertion failure when libgssapi_krb5 is repeatedly loaded * Fix an assertion failure when libgssapi_krb5 is repeatedly loaded
@ -276,7 +276,8 @@ Mon Jan 14 16:10:06 UTC 2019 - Samuel Cabrero <scabrero@suse.de>
dropped. dropped.
* The KDC now supports cross-realm S4U2Self requests when used with a * The KDC now supports cross-realm S4U2Self requests when used with a
third-party KDB module such as Samba's. The client code for third-party KDB module such as Samba's. The client code for
cross-realm S4U2Self requests is also now more robust. cross-realm S4U2Self requests is also now more robust
(CVE-2018-20217).
User experience: User experience:
* The new ktutil addent -f flag can be used to fetch salt information * The new ktutil addent -f flag can be used to fetch salt information
from the KDC for password-based keys. from the KDC for password-based keys.

5
krb5.changes
View File

@ -85,7 +85,7 @@ Thu Nov 19 09:30:13 UTC 2020 - Samuel Cabrero <scabrero@suse.de>
- Update to 1.18.3 - Update to 1.18.3
* Fix a denial of service vulnerability when decoding Kerberos * Fix a denial of service vulnerability when decoding Kerberos
protocol messages. protocol messages; (CVE-2020-28196); (bsc#1178512);
* Fix a locking issue with the LMDB KDB module which could cause * Fix a locking issue with the LMDB KDB module which could cause
KDC and kadmind processes to lose access to the database. KDC and kadmind processes to lose access to the database.
* Fix an assertion failure when libgssapi_krb5 is repeatedly loaded * Fix an assertion failure when libgssapi_krb5 is repeatedly loaded
@ -299,7 +299,8 @@ Mon Jan 14 16:10:06 UTC 2019 - Samuel Cabrero <scabrero@suse.de>
dropped. dropped.
* The KDC now supports cross-realm S4U2Self requests when used with a * The KDC now supports cross-realm S4U2Self requests when used with a
third-party KDB module such as Samba's. The client code for third-party KDB module such as Samba's. The client code for
cross-realm S4U2Self requests is also now more robust. cross-realm S4U2Self requests is also now more robust
(CVE-2018-20217).
User experience: User experience:
* The new ktutil addent -f flag can be used to fetch salt information * The new ktutil addent -f flag can be used to fetch salt information
from the KDC for password-based keys. from the KDC for password-based keys.