Accepting request 909709 from home:scabrero:branches:network

- Update to 1.19.2 * Fix a denial of service attack against the KDC encrypted challenge code; (CVE-2021-36222); * Fix a memory leak when gss_inquire_cred() is called without a credential handle. OBS-URL: https://build.opensuse.org/request/show/909709 OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=252
2021-08-09 08:50:11 +00:00 · 2021-08-09 08:50:11 +00:00 · d342aedfcc
commit d342aedfcc
parent b7fb4fe943
8 changed files with 39 additions and 21 deletions
--- a/krb5-1.19.1.tar.gz
+++ b/krb5-1.19.1.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fa16f87eb7e3ec3586143c800d7eaff98b5e0dcdf0772af7d98612e49dbeb20b
-size 8738142
--- a/krb5-1.19.1.tar.gz.asc
+++ b/krb5-1.19.1.tar.gz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmAuntAACgkQDLoIV1+D
-ct8TIhAArFittFBcz4ZfMxqhHVGdK6kOeQXrrV27d3FW6y28BvS7yHJ8CkyK+I3g
-4rsaaf7srkH8jaiCjmjHC2rWJIuceOwkD4GRqXtb2CiqKxXI9eZ+g9ipB7DGKixg
-+1nki7mOhd3oaeUkCRFXgyiOqSE/ird7/itLYzEoAroLpTazNp6Kk4gXmhJIENlq
-dj1God+JxhuwzzWZRdsy2SyvMQPQMOTIilsXRboObZFvPrhZKkJmgNm+RzU/YRSg
-/1Po7takBXq8qhgnwPHTnTPb+BYRdrqQc/a2WcmEdgbzeMpijNmkFsgAFeKDijSz
-1nmFO4SQd/rAfgUovkDd+GMAYZ6DCLFqoI/WeKOgCrRMxJMMRbLlr48bTvMwjuIl
-xE5gy8h2Iju/UP1lxz8KheCm/FyNzNw4pe74zbGgK5fdiEQ8xNlKZOs9LRrtvyfL
-j1G+IX6cK+5yTo/NceYjnHVAatbuW6C6xJmsIQ1GYdMPvto7Wctq/4/BmwxqgFAJ
-HCPuQgAGi875JpPYvi/c3tioRiIPwOz54CXCrcFyKELvgHi6lGN6MRNSzAP4QdA0
-HlXZQ4/4NFOJxjLGu9ZXKUbYPaGizhI+ayzg5/RJLHPIgW7yLvwFqkBIa1xs26bA
-xiP5JKuDC4mqDPwVjwpufkUBH6SoBFnbiIWEYSKVPLJFw+Dbhv0=
-=PP6r
-----END PGP SIGNATURE-----
--- a/krb5-1.19.2.tar.gz
+++ b/krb5-1.19.2.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:10453fee4e3a8f8ce6129059e5c050b8a65dab1c257df68b99b3112eaa0cdf6a
+size 8741053
--- a/krb5-1.19.2.tar.gz.asc
+++ b/krb5-1.19.2.tar.gz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmD5qLoACgkQDLoIV1+D
+ct9NEw//XhDJPE38UzvURT/RsuL3TQZoHGHtRA/seXcKkrX1wFLUjnOUK39RxzkS
+5y0BGOBoByGlqMxcpBlQv3mdtOAkdbgUtb9sT90eUObsG3cqa/0ou3Nm2ta+UNb7
+UC72UC9ZCXzUEl3be2/q/geHHE69e62t4YGcnwZ4koI3b/cZU6xL3N0ox9Gxdi37
+rUe7i5TZAKvKo+eKhLpC/k1F0HSvLzxcPyRlfpAYb607lvc4MYNvbOZZUk8aNEt
+0OhoSak1mXSdYwt4HHTj2NY1q5d+wviGOYby/Q1Wv7qVZHLFvCCr7Lr7ba0bIWas
+cYl13OgLq2uwA85k9/BzAxIgPVpMpt0aRaoTeiH2fKm8kNA9YfIagyRgX4vNfFWp
+RKXpVu5SFNMgFVAHJu/QID8Lf8YV/PU4H7kdMyFy9gA66nTN4KvdeoRyrHgv2r1c
+c5MhV9bJDDFalC1VLYTJ3iSZFy5Y95wrr59KI2OTQKgQxsylfGXW+OR1hWKua5Y5
+nqF0b/TKiryrdah3aw2Ac78MggC+3RDHQ8yHG4tC0/nJzbf4WnP6lqUJhQIat+lE
+g62Kh+fAUjuYw/8tuxVUFlMMa9cDHV7XGGYQS/JoUq/BaGWheNYrvPXxr4u0oSOa
+kJyOUfZuJvgiDakbEAuVNm8Gr6lKDH/omn8dl9r/CHdyEANqvi0=
+=QM0F
+-----END PGP SIGNATURE-----
--- a/krb5-mini.changes
+++ b/krb5-mini.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Mon Aug  2 08:39:31 UTC 2021 - Samuel Cabrero <scabrero@suse.de>
+
+- Update to 1.19.2
+  * Fix a denial of service attack against the KDC encrypted challenge
+    code; (CVE-2021-36222);
+  * Fix a memory leak when gss_inquire_cred() is called without a
+    credential handle.
+
 -------------------------------------------------------------------
 Thu Apr 22 15:10:12 UTC 2021 - Samuel Cabrero <scabrero@suse.de>

--- a/krb5-mini.spec
+++ b/krb5-mini.spec
@ -24,7 +24,7 @@
  %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           krb5-mini
-Version:        1.19.1
+Version:        1.19.2
 Release:        0
 Summary:        MIT Kerberos5 implementation and libraries with minimal dependencies
 License:        MIT
--- a/krb5.changes
+++ b/krb5.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Mon Aug  2 08:39:31 UTC 2021 - Samuel Cabrero <scabrero@suse.de>
+
+- Update to 1.19.2
+  * Fix a denial of service attack against the KDC encrypted challenge
+    code; (CVE-2021-36222);
+  * Fix a memory leak when gss_inquire_cred() is called without a
+    credential handle.
+
 -------------------------------------------------------------------
 Mon May  3 09:40:17 UTC 2021 - Rodrigo Lourenço <rzl@rzl.ooo>

--- a/krb5.spec
+++ b/krb5.spec
@ -21,7 +21,7 @@
  %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           krb5
-Version:        1.19.1
+Version:        1.19.2
 Release:        0
 Summary:        MIT Kerberos5 implementation
 License:        MIT