diff --git a/krb5-mini.changes b/krb5-mini.changes index 02f6833..0977f3e 100644 --- a/krb5-mini.changes +++ b/krb5-mini.changes @@ -72,7 +72,7 @@ Thu Nov 19 09:30:13 UTC 2020 - Samuel Cabrero - Update to 1.18.3 * Fix a denial of service vulnerability when decoding Kerberos - protocol messages. + protocol messages; (CVE-2020-28196); (bsc#1178512); * Fix a locking issue with the LMDB KDB module which could cause KDC and kadmind processes to lose access to the database. * Fix an assertion failure when libgssapi_krb5 is repeatedly loaded @@ -276,7 +276,8 @@ Mon Jan 14 16:10:06 UTC 2019 - Samuel Cabrero dropped. * The KDC now supports cross-realm S4U2Self requests when used with a third-party KDB module such as Samba's. The client code for - cross-realm S4U2Self requests is also now more robust. + cross-realm S4U2Self requests is also now more robust + (CVE-2018-20217). User experience: * The new ktutil addent -f flag can be used to fetch salt information from the KDC for password-based keys. diff --git a/krb5.changes b/krb5.changes index 7ad87aa..7d8d703 100644 --- a/krb5.changes +++ b/krb5.changes @@ -85,7 +85,7 @@ Thu Nov 19 09:30:13 UTC 2020 - Samuel Cabrero - Update to 1.18.3 * Fix a denial of service vulnerability when decoding Kerberos - protocol messages. + protocol messages; (CVE-2020-28196); (bsc#1178512); * Fix a locking issue with the LMDB KDB module which could cause KDC and kadmind processes to lose access to the database. * Fix an assertion failure when libgssapi_krb5 is repeatedly loaded @@ -299,7 +299,8 @@ Mon Jan 14 16:10:06 UTC 2019 - Samuel Cabrero dropped. * The KDC now supports cross-realm S4U2Self requests when used with a third-party KDB module such as Samba's. The client code for - cross-realm S4U2Self requests is also now more robust. + cross-realm S4U2Self requests is also now more robust + (CVE-2018-20217). User experience: * The new ktutil addent -f flag can be used to fetch salt information from the KDC for password-based keys.