- update to 1.21.2 (bsc#1218211, CVE-2023-39975):

* Fix double-free in KDC TGS processing [CVE-2023-39975].
- update to 1.21.1 (CVE-2023-36054):
    with Windows KDCs.

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=278

krb5-1.21.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7881c3aaaa1b329bd27dbc6bf2bf1c85c5d0b6c7358aff2b35d513ec2d50fa1f
-size 8623049

krb5-1.21.1.tar.gz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmSsc/kACgkQDLoIV1+D
-ct+wPxAArlkJs5WpFIm2JDJXGF82BNw/FEhg+OkWcPHeLMWJF8qO0AxVp8Yq4g1g
-qFpTABwY8V2tfr84XQJ6rw7Qq93NjRjFHr1z1tDmCceLisXof6Tu7/RKjHwNmJt8
-M3srmsXPlmx/7cXuaYIljJfftun3D/iuEaydWluGb1DZicaU/OsofGhKE8/YEZrN
-H0XdIC45raG4O9t6CGjQRcAIv5Z4afCtXH4aaEmLg6E2+aTUyx+czu7nBASCaTyv
-s4df8fhbVpdBi6iA6BQJC296Rc1gyDnuxnjyCH8Rj2gTuiI4Oa2dxRPGT3mjksz3
-OheYcXK9XGCtUbG22zrxqUuHDA3jF6KKmsVSXnbygB6XSS/c0bqmeDRTQGPksWH6
-RJbmlKG9PQ0BavlXRa7Nupaa7f0jblFiduScYujRsyWxi/8YkckedugYyuww59gV
-piUwGGRDWldy+JIAYtvzirsfe6Oum0/SKY5wYXyKv0flM95pbfBEw+TzRxmlCQ5J
-+i8L9Frr4gTmT576GHB6WzBlOEPf6mRc8jg0DyyUOoDHXyj4MCyJGEJxvcyVV1WX
-tJlu0uH1f8pMZx4IQ279PsNFimO/NsdSTefqiVGXA7FWK1EPLc+l9ZBcrLi9KEmJ
-7TfVq9cAg6+m2tql+gjAQrfXHUU1mNdPLFMnShYlqHjTle4cQKE=
-=AIvQ
------END PGP SIGNATURE-----

krb5-1.21.2.tar.gz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmTbET4ACgkQDLoIV1+D
+ct8zBQ/+LugwKy9Y9b3lVaLxPM/qxntLi4Bq5C2GVQ+bED7YCvUiL8aIzJbuTVpf
+GLWLtVuf6vxKz2V17JKOluVMqRDBZDexHZv9EvVjhanqMpvV32tSa60HF4e7lER+
+3iP/bIjSi2U9ixOcNICNnK2DeFGY601C1KT4cLs3H76pfb1miPItm7p79UNicz1o
+V6KgG0J5F4ktYiTonb0TXYdCAvY/3ROEYwmmRpCjtkBCzTdr9tVXU0n6Yc0wsfBD
+AXkyqlUhisMWxqGrLZMnkIx3LA83nMHG8nY/doqOYzKuE9a4cBe69+Bl6e9NRY7G
+ysD2J1cZ2imCYoalUcxrLfnd3fwPpcrlnuwH5DKJtcJGEUNwydjyWZeMl87pbhb1
+lOggcn8DL6l3vqBpkTBE4IQw3s+B1+BylpjXBsvzxGYHerpffIqsHzHywguiJutT
+bkP5ktjZ0QHAZ6PYA6NleGjPbBg/Jeywg1Mjrx+2IdBAYnS0KtTSa72Zqqb8eGmQ
+iCVpy9gK7zX7UCLm33M6HVtC9ffJ4vajcShk25u8uKuomTQgK3lGoN0wX55OE+sO
+AkMSuFxPNsNheMI53Zjutc4NzEscy09G8VxHwGqcEwD+NF7+2GpPuOq9ot9nH+Jd
+xoVYjhqxeb5Uq6lgp0B8sILLqwg1+gEXWdA+rR5Tx+ykv8HESxg=
+=aMVp
+-----END PGP SIGNATURE-----

krb5-mini.spec

@@ -24,7 +24,7 @@
   %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           krb5-mini
-Version:        1.21.1
+Version:        1.21.2
 Release:        0
 Summary:        MIT Kerberos5 implementation and libraries with minimal dependencies
 License:        MIT

krb5.changes

@@ -1,7 +1,13 @@
+-------------------------------------------------------------------
+Wed Dec 20 23:18:05 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.21.2 (bsc#1218211, CVE-2023-39975):
+  * Fix double-free in KDC TGS processing [CVE-2023-39975].
+
 -------------------------------------------------------------------
 Sat Jul 15 18:19:32 UTC 2023 - Dirk Müller <dmueller@suse.com>
 
-- update to 1.121.1 (CVE-2023-36054):
+- update to 1.21.1 (CVE-2023-36054):
   * Fix potential uninitialized pointer free in kadm5 XDR parsing
     [CVE-2023-36054].
   * Added a credential cache type providing compatibility with
@@ -257,7 +263,7 @@ Mon May  4 09:24:21 UTC 2020 - Samuel Cabrero <scabrero@suse.de>
   * Fix a compile error when building with musl libc on Linux.
   * Fix a compile error when building with gcc 4.x.
   * Change the KDC constrained delegation precedence order for consistency
-    with Windows KDCs. 
+    with Windows KDCs.
 - Remove 0009-Fix-null-dereference-qualifying-short-hostnames.patch
 
 -------------------------------------------------------------------

krb5.spec

@@ -21,7 +21,7 @@
   %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           krb5
-Version:        1.21.1
+Version:        1.21.2
 Release:        0
 Summary:        MIT Kerberos5 implementation
 License:        MIT