2007-09-13 18:47:35 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Sep 11 15:11:34 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- update krb5-1.6.2-post.dif
|
|
|
|
* new -S sname option for kvno
|
|
|
|
* read_entropy_from_device on partial read will not fill buffer
|
|
|
|
* Bail out if encoded "ticket" doesn't decode correctly.
|
|
|
|
* patch for referrals loop
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Sep 6 10:43:50 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- fix a problem with the originally published patch
|
|
|
|
for MITKRB5-SA-2007-006 - CVE-2007-3999
|
|
|
|
[#302377]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Sep 5 12:18:38 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- fix execute arbitrary code
|
|
|
|
(MITKRB5-SA-2007-006 - CVE-2007-3999,2007-4000)
|
|
|
|
[#302377]
|
|
|
|
|
2007-08-09 20:01:33 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Aug 7 11:59:05 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- add krb5-1.6.2-post.dif
|
|
|
|
* during the referrals loop, check to see if the
|
|
|
|
session key enctype of a returned credential for the final
|
|
|
|
service is among the enctypes explicitly selected by the
|
|
|
|
application, and retry with old_use_conf_ktypes if it is not.
|
|
|
|
* If mkstemp() is available, the new ccache file gets created but
|
|
|
|
the subsequent open(O_CREAT|O_EXCL) call fails because the file
|
|
|
|
was already created by mkstemp(). Apply patch from Apple to keep
|
|
|
|
the file descriptor open.
|
|
|
|
|
2007-07-13 17:58:15 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jul 12 17:02:19 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- update to version 1.6.2
|
|
|
|
- remove krb5-1.6.1-post.dif all fixes are included in this release
|
|
|
|
|
2007-07-05 01:08:36 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jul 2 11:39:54 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- update krb5-1.6.1-post.dif
|
|
|
|
* fix leak in krb5_walk_realm_tree
|
|
|
|
* rd_req_decoded needs to deal with referral realms
|
|
|
|
* fix buffer overflow in kadmind
|
|
|
|
(MITKRB5-SA-2007-005 - CVE-2007-2798)
|
|
|
|
[#278689]
|
|
|
|
* fix kadmind code execution bug
|
|
|
|
(MITKRB5-SA-2007-004 - CVE-2007-2442 - CVE-2007-2443)
|
|
|
|
[#271191]
|
|
|
|
|
2007-05-11 10:36:44 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed May 9 15:31:08 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- fix uninitialized salt length
|
|
|
|
- add extra check for keytab file
|
|
|
|
|
2007-05-04 00:16:34 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu May 3 12:13:35 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- adding krb5-1.6.1-post.dif
|
|
|
|
* fix segfault in krb5_get_init_creds_password
|
|
|
|
* remove debug output in ftp client
|
|
|
|
* profile stores empty string values without double quotes
|
|
|
|
|
2007-04-23 23:17:31 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Apr 23 11:17:04 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- update to final 1.6.1 version
|
|
|
|
|
2007-04-17 00:35:48 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Apr 16 14:39:58 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- update to version 1.6.1 Beta1
|
|
|
|
- remove obsolete patches
|
|
|
|
(krb5-1.6-post.dif, krb5-1.6-patchlevel.dif)
|
|
|
|
- rework compile_pie patch
|
|
|
|
|
2007-04-12 17:50:56 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Apr 11 10:59:20 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- update krb5-1.6-post.dif
|
|
|
|
* fix kadmind stack overflow in krb5_klog_syslog
|
|
|
|
(MITKRB5-SA-2007-002 - CVE-2007-0957)
|
|
|
|
[#253548]
|
|
|
|
* fix double free attack in the RPC library
|
|
|
|
(MITKRB5-SA-2007-003 - CVE-2007-1216)
|
|
|
|
[#252487]
|
|
|
|
* fix krb5 telnetd login injection
|
|
|
|
(MIT-SA-2007-001 - CVE-2007-0956)
|
|
|
|
#247765
|
|
|
|
|
2007-03-29 17:14:52 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Mar 29 12:42:51 CEST 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- add ncurses-devel and bison to BuildRequires
|
|
|
|
- rework some patches
|
|
|
|
|
2007-02-19 21:42:34 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Feb 19 14:00:34 CET 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- update krb5-1.6-post.dif
|
|
|
|
|
2007-02-09 16:55:04 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Feb 9 13:31:54 CET 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- update krb5-1.6-post.dif
|
|
|
|
|
2007-02-02 14:20:45 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jan 29 17:47:22 CET 2007 - ro@suse.de
|
|
|
|
|
|
|
|
- no main package, no debuginfo
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jan 29 11:30:35 CET 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- krb5-1.6-fix-passwd-tcp.dif and krb5-1.6-fix-sendto_kdc-memset.dif
|
|
|
|
are now upstream. Remove patches.
|
|
|
|
- fix leak in krb5_kt_resolve and krb5_kt_wresolve
|
|
|
|
|
2007-01-26 17:41:59 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jan 23 17:21:53 CET 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- fix "local variable used before set" in ftp.c
|
|
|
|
[#237684]
|
|
|
|
- use less BuildRequires
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jan 22 12:21:41 CET 2007 - mc@suse.de
|
|
|
|
|
|
|
|
- initial release (version 1.6)
|
|
|
|
* Major changes in 1.6 include
|
|
|
|
* Partial client implementation to handle server name referrals.
|
|
|
|
* Pre-authentication plug-in framework, donated by Red Hat.
|
|
|
|
* LDAP KDB plug-in, donated by Novell.
|
|
|
|
|