pool/krb5
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
210 Commits 1 Branch 0 Tags 11 MiB
ceafe406ff
Commit Graph

210 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Ismail Dönmez
e206af5319 Accepting request 357309 from home:guohouzuo:branches:network 
- Fix CVE-2015-8629: krb5: xdr_nullstring() doesn't check for terminating null character
  with patch 0104-Verify-decoded-kadmin-C-strings-CVE-2015-8629.patch
  (bsc#963968)
- Fix CVE-2015-8631: krb5: Memory leak caused by supplying a null principal name in request
  with patch 0105-Fix-leaks-in-kadmin-server-stubs-CVE-2015-8631.patch
  (bsc#963975)
- Fix CVE-2015-8630: krb5: krb5 doesn't check for null policy when KADM5_POLICY is set in the mask
  with patch 0106-Check-for-null-kadm5-policy-name-CVE-2015-8630.patch
  (bsc#963964)

OBS-URL: https://build.opensuse.org/request/show/357309
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=158
 2016-02-02 08:54:49 +00:00
Ismail Dönmez
b9ca4cd2ca - Add two patches from Fedora, fixing two crashes: 
* krb5-fix_interposer.patch
  * krb5-mechglue_inqure_attrs.patch

- Add two patches from Fedora, fixing two crashes:
  * krb5-fix_interposer.patch
  * krb5-mechglue_inqure_attrs.patch

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=156
 2016-01-11 12:39:08 +00:00
Ismail Dönmez
89512499b6 - 
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=155
 2016-01-10 16:46:56 +00:00
Ismail Dönmez
e9af2abc6d Accepting request 352796 from home:stroeder:branches:network 
update to 1.14, successfully tested on Tumbleweed x86_64 
1. purely as client for MS AD and
2. as KDC with LDAP backend

OBS-URL: https://build.opensuse.org/request/show/352796
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=154
 2016-01-10 16:41:42 +00:00
Ismail Dönmez
ee705d6c1a Accepting request 347770 from home:stroeder:branches:network 
update to 1.13.3

OBS-URL: https://build.opensuse.org/request/show/347770
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=152
 2015-12-07 12:50:29 +00:00
Ismail Dönmez
ea14ad7c34 Accepting request 343479 from home:guohouzuo:branches:network 
- Apply patch 0103-Fix-IAKERB-context-export-import-CVE-2015-2698.patch
  to fix a memory corruption regression introduced by resolution of
  CVE-2015-2698. bsc#954204

OBS-URL: https://build.opensuse.org/request/show/343479
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=150
 2015-11-10 16:57:00 +00:00
Ismail Dönmez
aa93054403 Accepting request 341521 from home:guohouzuo:branches:network 
One bug fix in manual page + 3 CVE fixes.

OBS-URL: https://build.opensuse.org/request/show/341521
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=148
 2015-10-29 18:14:03 +00:00
Ismail Dönmez
172a23219f Accepting request 309550 from home:guohouzuo:freeipa 
Let server depend on libev (module of libverto). This was the
 embedded implementation before the separation of libverto from krb.

OBS-URL: https://build.opensuse.org/request/show/309550
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=146
 2015-06-01 09:44:23 +00:00
Ismail Dönmez
f1babf4554 Accepting request 309029 from home:dimstar:Factory 
- Drop libverto and libverto-libev Requires from the -server
  package: those package names don't exist and the shared libs
  are pulled in automatically.

- Drop libverto and libverto-libev Requires from the -server
  package: those package names don't exist and the shared libs
  are pulled in automatically.

OBS-URL: https://build.opensuse.org/request/show/309029
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=144
 2015-05-28 08:59:56 +00:00
Ismail Dönmez
d9be576ce1 Accepting request 308898 from home:dimstar:Factory 
Also build dep libverto for the -mini variant... so it can actually be built

OBS-URL: https://build.opensuse.org/request/show/308898
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=143
 2015-05-27 16:09:38 +00:00
Marcus Meissner
7991a93622 - pre_checkin.sh aligned changes between krb5/krb5-mini 
- added krb5.keyring

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=142
 2015-05-22 09:30:16 +00:00
Marcus Meissner
8103840325 * Add client support for the Kerberos Cache Manager protocol. If the host 
* Add support for doing unlocked database dumps for the DB2 KDC back end,
  * krb5-1.7-doublelog.patch

- Work around replay cache creation race; (bnc#898439).
  krb5-1.13-work-around-replay-cache-creation-race.patch

-  bnc#897874 CVE-2014-5351: krb5: current keys returned when randomizing the keys for a service principal 
- added patches:
  * bnc#897874-CVE-2014-5351.diff

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=141
 2015-05-22 09:22:57 +00:00
Andrey Karepin
cdaf49db88 OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=140 2015-05-13 19:33:48 +00:00
Andrey Karepin
71a09ab035 Accepting request 306592 from home:stroeder:branches:network 
update to 1.13.2

OBS-URL: https://build.opensuse.org/request/show/306592
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=139
 2015-05-13 19:25:01 +00:00
Marcus Meissner
24de3e2bab Accepting request 305915 from home:guohouzuo:freeipa 
OBS-URL: https://build.opensuse.org/request/show/305915
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=138
 2015-05-11 11:41:14 +00:00
Marcus Meissner
cefda77aa1 Accepting request 286613 from home:stroeder:branches:network 
security update 1.13.1

OBS-URL: https://build.opensuse.org/request/show/286613
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=136
 2015-02-18 17:22:56 +00:00
Marcus Meissner
42eb1db8e7 Accepting request 280024 from home:mlin7442:branches:network 
update to 1.13, also fixed build with bison3

OBS-URL: https://build.opensuse.org/request/show/280024
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=134
 2015-01-06 10:58:20 +00:00
Marcus Meissner
35dbbe780b Accepting request 252436 from home:dmdiss:branches:bnc898439_krb_reply_cache_race_factory 
- Work around replay cache creation race; (bnc#898439).
  krb5-1.13-work-around-replay-cache-creation-race.patch

OBS-URL: https://build.opensuse.org/request/show/252436
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=132
 2014-10-01 07:19:37 +00:00
Marcus Meissner
23582573aa Accepting request 251631 from home:varkoly:branches:network 
-  bnc#897874 CVE-2014-5351: krb5: current keys returned when randomizing the keys for a service principal 
- added patches:
  * bnc#897874-CVE-2014-5351.diff

OBS-URL: https://build.opensuse.org/request/show/251631
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=130
 2014-09-25 08:28:07 +00:00
Marcus Meissner
1e26a2fb1a Accepting request 246966 from home:AndreasStieger:branches:network 
krb5 5.12.2

- Fix build with doxygen 1.8.8 - adding krb5-1.12-doxygen.patch
  from upstream
  See https://build.opensuse.org/request/show/246780

OBS-URL: https://build.opensuse.org/request/show/246966
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=128
 2014-09-01 15:41:18 +00:00
Christian Kornacker
e1506944cc - buffer overrun in kadmind with LDAP backend 
CVE-2014-4345 (bnc#891082)
  krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=126
 2014-08-11 11:01:01 +00:00
Christian Kornacker
f2e853070c - Fix double-free in SPNEGO [CVE-2014-4343] (bnc#888697) 
krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
  Fix null deref in SPNEGO acceptor [CVE-2014-4344]
  krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=124
 2014-07-28 09:58:41 +00:00
Christian Kornacker
3ac7b19a80 Accepting request 241590 from home:posophe:branches:network 
Fix for systemd

OBS-URL: https://build.opensuse.org/request/show/241590
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=122
 2014-07-21 12:42:45 +00:00
Christian Kornacker
3f646c425e - denial of service flaws when handling RFC 1964 tokens (bnc#886016) 
krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
- start krb5kdc after slapd (bnc#886102)
- obsolete krb5-plugin-preauth-pkinit-nss (bnc#881674)
  similar functionality is provided by krb5-plugin-preauth-pkinit

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=121
 2014-07-15 08:18:37 +00:00
Christian Kornacker
5f3b47a9fc - don't deliver SysV init files to systemd distributions 
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=119
 2014-02-18 17:40:34 +00:00
Christian Kornacker
869a682f2d - update to version 1.12.1 
* Make KDC log service principal names more consistently during
    some error conditions, instead of "<unknown server>"
  * Fix several bugs related to building AES-NI support on less
    common configurations
  * Fix several bugs related to keyring credential caches
- upstream obsoletes:
  krb5-1.12-copy_context.patch
  krb5-1.12-enable-NX.patch
  krb5-1.12-pic-aes-ni.patch
  krb5-master-no-malloc0.patch
  krb5-master-ignore-empty-unnecessary-final-token.patch

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=117
 2014-01-21 15:06:23 +00:00
Christian Kornacker
673bd84f01 extended changelog for Factory 
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=115
 2014-01-16 13:19:42 +00:00
Michael Calmer
03254981cb Accepting request 213903 from home:ckornacker:branches:network 
- update to version 1.12
  * Add GSSAPI extensions for constructing MIC tokens using IOV lists
  * Add a FAST OTP preauthentication module for the KDC which uses
    RADIUS to validate OTP token values.
  * The AES-based encryption types will use AES-NI instructions
    when possible for improved performance.
- revert dependency on libcom_err-mini-devel since it's not yet
  available
- update and rebase patches

OBS-URL: https://build.opensuse.org/request/show/213903
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=114
 2014-01-15 14:14:20 +00:00
Marcus Meissner
9e3edabdc0 OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=113 2013-12-10 16:50:56 +00:00
Marcus Meissner
10b96098f3 Accepting request 210105 from home:neilbrown:branches:network 
Reduce build dependencies for krb5-mini
This requires a change to e2fsprogs which will include
the creation of e2fsprogs-mini, so it shouldn't be accepted
before that other change is accepted

- Reduce build dependencies for krb5-mini by removing
  doxygen and changing libcom_err-devel to
  libcom_err-mini-devel
- Small fix to pre_checkin.sh so krb5-mini.spec is correct.

- Reduce build dependencies for krb5-mini by removing
  doxygen and changing libcom_err-devel to
  libcom_err-mini-devel
- Small fix to pre_checkin.sh so krb5-mini.spec is correct.

OBS-URL: https://build.opensuse.org/request/show/210105
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=112
 2013-12-10 09:48:22 +00:00
Marcus Meissner
3e0687cac7 Accepting request 207746 from home:ckornacker:branches:network 
- update to version 1.11.4
  - Fix a KDC null pointer dereference [CVE-2013-1417] that could
    affect realms with an uncommon configuration.
  - Fix a KDC null pointer dereference [CVE-2013-1418] that could
    affect KDCs that serve multiple realms.
  - Fix a number of bugs related to KDC master key rollover.

OBS-URL: https://build.opensuse.org/request/show/207746
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=110
 2013-11-20 12:36:50 +00:00
Michael Calmer
6ca487dd65 - install and enable systemd service files also in -mini package 
- install and enable systemd service files also in -mini package

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=108
 2013-06-24 16:22:21 +00:00
Michael Calmer
071b9cc1bd Accepting request 180374 from home:elvigia:branches:network 
- remove fstack-protector-all from CFLAGS, just use the 
  lighter/fast version already present in %optflags
- Use LFS_CFLAGS to build in 32 bit archs.

- remove fstack-protector-all from CFLAGS, just use the 
  lighter/fast version already present in %optflags
- Use LFS_CFLAGS to build in 32 bit archs.

OBS-URL: https://build.opensuse.org/request/show/180374
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=107
 2013-06-21 12:43:11 +00:00
Michael Calmer
62c3aa1413 fix mini spec and changes 
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=105
 2013-06-09 14:26:32 +00:00
Michael Calmer
eaff141ce0 - update to version 1.11.3 
- Fix a UDP ping-pong vulnerability in the kpasswd
    (password changing) service. [CVE-2002-2443]
  - Improve interoperability with some Windows native PKINIT clients.
- install translation files
- remove outdated configure options

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=104
 2013-06-09 14:19:29 +00:00
Michael Calmer
333c9356fd - cleanup systemd files (remove syslog.target) 
- cleanup systemd files (remove syslog.target)

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=102
 2013-05-28 17:08:58 +00:00
Michael Calmer
be7c32c3a0 - let krb5-mini conflict with all main packages 
- let krb5-mini conflict with all main packages

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=100
 2013-05-03 07:44:44 +00:00
Michael Calmer
d494e8c485 - add conflicts between krb5-mini and krb5-server 
- add conflicts between krb5-mini and krb5-server

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=99
 2013-05-02 14:44:19 +00:00
Michael Calmer
bb6c75aaa8 package new man page 
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=98
 2013-04-28 15:33:40 +00:00
Michael Calmer
703aff2fdd - update to version 1.11.2 
* Incremental propagation could erroneously act as if a slave's
    database were current after the slave received a full dump
    that failed to load.
  * gss_import_sec_context incorrectly set internal state that
    identifies whether an imported context is from an interposer
    mechanism or from the underlying mechanism. 
- upstream fix obsolete krb5-lookup_etypes-leak.patch

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=97
 2013-04-28 15:20:13 +00:00
Michael Calmer
fe67473a6d - add conflicts between krb5-mini-devel and krb5-devel 
- add conflicts between krb5-mini-devel and krb5-devel

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=95
 2013-04-04 13:10:58 +00:00
Michael Calmer
91ad28ede3 - add conflicts between krb5-mini and krb5 and krb5-client 
- add conflicts between krb5-mini and krb5 and krb5-client

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=94
 2013-04-02 15:33:04 +00:00
Michael Calmer
729292e472 better changelog 
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=93
 2013-04-02 09:44:14 +00:00
Michael Calmer
c043de4335 - enable selinux and set openssl as crypto implementation 
- enable selinux and set openssl as crypto implementation

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=92
 2013-03-27 10:45:21 +00:00
Michael Calmer
f4939a9fba - fix path to executables in service files 
(bnc#810926)

- fix path to executables in service files
  (bnc#810926)

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=91
 2013-03-22 09:35:21 +00:00
Michael Calmer
13e38775f6 - update to version 1.11.1 
* Improve ASN.1 support code, making it table-driven for
    decoding as well as encoding
  * Refactor parts of KDC
  * Documentation consolidation
  * build docs in the main package
  * bugfixing
- obsolets a lot of patches
- refactor some patches

- update to version 1.11.1
  * Improve ASN.1 support code, making it table-driven for
    decoding as well as encoding
  * Refactor parts of KDC
  * Documentation consolidation
  * build docs in the main package
  * bugfixing
- obsolets a lot of patches
- refactor some patches

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=90
 2013-03-15 10:21:16 +00:00
Michael Calmer
66ced8b26b - fix PKINIT null pointer deref in pkinit_check_kdc_pkid() 
CVE-2012-1016 (bnc#807556)
  bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif
  bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif

- fix PKINIT null pointer deref in pkinit_check_kdc_pkid()
  CVE-2012-1016 (bnc#807556)
  bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif
  bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=88
 2013-03-06 11:03:13 +00:00
Michael Calmer
b06750d1e3 - fix PKINIT null pointer deref 
CVE-2013-1415 (bnc#806715)

- package missing file (bnc#794784)

- revert the -p usage in %postun to fix SLE build

- fix PKINIT null pointer deref
  CVE-2013-1415 (bnc#806715)

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=87
 2013-03-04 10:24:33 +00:00
Michael Calmer
25e378d4c5 - package missing file (bnc#794784) 
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=85
 2013-01-25 14:30:07 +00:00
Michael Calmer
3833bf033c osc copypac from project:openSUSE:Factory package:krb5 revision:87, using keep-link 
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=84
 2013-01-25 14:25:26 +00:00