SHA256
1
0
forked from pool/krb5
Commit Graph

79 Commits

Author SHA256 Message Date
Michael Calmer
6e6175d4bc - fix KDC null pointer dereference in TGS handling
(MITKRB5-SA-2011-007, bnc#730393)
  CVE-2011-1530

- fix KDC null pointer dereference in TGS handling
  (MITKRB5-SA-2011-007, bnc#730393)
  CVE-2011-1530
  (RT#6951, bnc#731648)

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=56
2011-12-07 08:41:31 +00:00
Michael Calmer
f4d30b42a2 - fix KDC HA feature introduced with implementing KDC poll
(RT#6951)

- fix KDC HA feature introduced with implementing KDC poll
  (RT#6951)

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=55
2011-11-21 10:17:08 +00:00
Michael Calmer
46ef3c181c Accepting request 92055 from home:rhafer:branches:network
fix minor error messages for the IAKERB GSSAPI mechanism
(see: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7020)

OBS-URL: https://build.opensuse.org/request/show/92055
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=54
2011-11-21 09:54:25 +00:00
Michael Calmer
f55551038a - fix kdc remote denial of service
(MITKRB5-SA-2011-006, bnc#719393)
  CVE-2011-1527, CVE-2011-1528, CVE-2011-1529

- fix kdc remote denial of service
  (MITKRB5-SA-2011-006, bnc#719393)
  CVE-2011-1527, CVE-2011-1528, CVE-2011-1529

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=51
2011-10-19 07:48:04 +00:00
Michael Calmer
fa4d11a0f8 - use --without-pam to build krb5-mini
- use --without-pam to build krb5-mini

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=49
2011-08-23 11:52:42 +00:00
Michael Calmer
da75d9099c Accepting request 79466 from home:mcalmer:branches:network
- add patches from Fedora and upstream 
- fix init scripts (bnc#689006)

- update to version 1.9.1
  * obsolete patches:
    MITKRB5-SA-2010-007-1.8.dif
    krb5-1.8-MITKRB5-SA-2010-006.dif
    krb5-1.8-MITKRB5-SA-2011-001.dif
    krb5-1.8-MITKRB5-SA-2011-002.dif
    krb5-1.8-MITKRB5-SA-2011-003.dif
    krb5-1.8-MITKRB5-SA-2011-004.dif
    krb5-1.4.3-enospc.dif
  * replace krb5-1.6.1-compile_pie.dif

- fix init scripts (bnc#689006)

OBS-URL: https://build.opensuse.org/request/show/79466
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=46
2011-08-22 08:19:13 +00:00
Michael Calmer
c4923edfdd - add patches from Fedora and upstream
- update to version 1.9.1
  * obsolete patches:
    MITKRB5-SA-2010-007-1.8.dif
    krb5-1.8-MITKRB5-SA-2010-006.dif
    krb5-1.8-MITKRB5-SA-2011-001.dif
    krb5-1.8-MITKRB5-SA-2011-002.dif
    krb5-1.8-MITKRB5-SA-2011-003.dif
    krb5-1.8-MITKRB5-SA-2011-004.dif
    krb5-1.4.3-enospc.dif
  * replace krb5-1.6.1-compile_pie.dif

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=45
2011-08-21 09:43:02 +00:00
Michael Calmer
4434f35b8f - fix kadmind invalid pointer free()
(MITKRB5-SA-2011-004, bnc#687469)
  CVE-2011-0285

- fix kadmind invalid pointer free()
  (MITKRB5-SA-2011-004, bnc#687469)
  CVE-2011-0285

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=43
2011-04-14 09:34:57 +00:00
Michael Calmer
b12b5169d7 - Fix vulnerability to a double-free condition in KDC daemon
(MITKRB5-SA-2011-003, bnc#671717)
  CVE-2011-0284

- Fix vulnerability to a double-free condition in KDC daemon
  (MITKRB5-SA-2011-003, bnc#671717)
  CVE-2011-0284

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=41
2011-03-16 07:59:53 +00:00
Michael Calmer
1e4178c989 - Fix kpropd denial of service
(MITKRB5-SA-2011-001, bnc#662665)
  CVE-2010-4022
- Fix KDC denial of service attacks with LDAP back end
  (MITKRB5-SA-2011-002, bnc#663619)
  CVE-2011-0281, CVE-2011-0282 

- Fix kpropd denial of service
  (MITKRB5-SA-2011-001, bnc#662665)
  CVE-2010-4022
- Fix KDC denial of service attacks with LDAP back end
  (MITKRB5-SA-2011-002, bnc#663619)
  CVE-2011-0281, CVE-2011-0282

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=39
2011-02-09 09:12:27 +00:00
Michael Calmer
248552dcc5 - Fix multiple checksum handling vulnerabilities
(MITKRB5-SA-2010-007, bnc#650650)
  CVE-2010-1324
  * krb5 GSS-API applications may accept unkeyed checksums
  * krb5 application services may accept unkeyed PAC checksums
  * krb5 KDC may accept low-entropy KrbFastArmoredReq checksums
  CVE-2010-1323
  * krb5 clients may accept unkeyed SAM-2 challenge checksums
  * krb5 may accept KRB-SAFE checksums with low-entropy derived keys
  CVE-2010-4020
  * krb5 may accept authdata checksums with low-entropy derived keys
  CVE-2010-4021
  * krb5 KDC may issue unrequested tickets due to KrbFastReq forgery

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=37
2010-12-01 10:45:18 +00:00
Michael Calmer
69ae6baf15 - fix csh profile (bnc#649856)
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=35
2010-10-28 10:53:57 +00:00
Michael Calmer
9018906477 - update to krb5-1.8.3
* remove patches which are now upstrem
    - krb5-1.7-MITKRB5-SA-2010-004.dif 
    - krb5-1.8.1-gssapi-error-table.dif 
    - krb5-MITKRB5-SA-2010-005.dif

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=30
2010-10-22 09:17:36 +00:00
Michael Calmer
089523862c - change environment variable PATH directly for csh
(bnc#642080)

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=29
2010-10-22 08:51:14 +00:00
OBS User buildservice-autocommit
b40723da81 Updating link to change in openSUSE:Factory/krb5 revision 55.0
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=16c75c266da5ee523e21706d624b6e46
2010-10-11 09:50:03 +00:00
OBS User autobuild
74e4ec3b00 Accepting request 50195 from network
checked in (request 50195)

OBS-URL: https://build.opensuse.org/request/show/50195
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=28
2010-10-11 09:50:02 +00:00
Michael Calmer
9482246780 - fix a dereference of an uninitialized pointer while processing
authorization data. 
  CVE-2010-1322, MITKRB5-SA-2010-006 (bnc#640990)

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=27
2010-10-11 08:46:56 +00:00
Michael Calmer
09a8594db3 Accepting request 41854 from home:leonardocf:branches:network
Copy from home:leonardocf:branches:network/krb5 via accept of submit request 41854 revision 2.
Request was accepted with message:

OBS-URL: https://build.opensuse.org/request/show/41854
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=25
2010-06-22 07:49:38 +00:00
OBS User buildservice-autocommit
c773282ebc Updating link to change in openSUSE:Factory/krb5 revision 51.0
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=76e7c9e1fc886111a06aa8aebfb6ed24
2010-05-25 08:35:36 +00:00
OBS User autobuild
3631c963d5 Accepting request 40365 from network
checked in (request 40365)

OBS-URL: https://build.opensuse.org/request/show/40365
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=24
2010-05-25 08:35:35 +00:00
Michael Calmer
b83e316992 - fix GSS-API library null pointer dereference
CVE-2010-1321, MITKRB5-SA-2010-005 (bnc#596826)

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=23
2010-05-19 12:28:19 +00:00
OBS User buildservice-autocommit
b4fda1ea93 Updating link to change in openSUSE:Factory/krb5 revision 50.0
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=9e2221a1d23355de5bbe8ae3fe775e8d
2010-04-23 17:17:38 +00:00
OBS User autobuild
8eb1b656d3 Accepting request 38408 from network
checked in (request 38408)

OBS-URL: https://build.opensuse.org/request/show/38408
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=22
2010-04-23 17:17:37 +00:00
Michael Calmer
26f8bba482 - fix a double free vulnerability in the KDC
CVE-2010-1320, MITKRB5-SA-2010-004 (bnc#596002)

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=21
2010-04-21 08:32:07 +00:00
OBS User buildservice-autocommit
0d6b79cec0 Updating link to change in openSUSE:Factory/krb5 revision 49.0
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=ce934bf77d29ffcb7323f9a17cc82caf
2010-04-14 13:16:17 +00:00
OBS User autobuild
8f6bba81c7 Accepting request 37899 from network
checked in (request 37899)

OBS-URL: https://build.opensuse.org/request/show/37899
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=20
2010-04-14 13:16:16 +00:00
Michael Calmer
558c7472cd - update to version 1.8.1
* include krb5-1.8-POST.dif
  * include MITKRB5-SA-2010-002

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=17
2010-04-09 10:47:38 +00:00
Michael Calmer
9b7065a839 - update krb5-1.8-POST.dif
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=16
2010-04-06 12:16:20 +00:00
OBS User buildservice-autocommit
527022b424 Updating link to change in openSUSE:Factory/krb5 revision 48.0
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=03eeb0c694a7c98f62758afbaf724d78
2010-03-25 23:13:31 +00:00
OBS User autobuild
2c72bcf882 Accepting request 35620 from network
checked in (request 35620)

OBS-URL: https://build.opensuse.org/request/show/35620
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=15
2010-03-25 23:13:30 +00:00
Michael Calmer
28dc0dd056 Accepting request 35618 from home:mcalmer:branches:network
Copy from home:mcalmer:branches:network/krb5 via accept of submit request 35618 revision 2.
Request was accepted with message:

OBS-URL: https://build.opensuse.org/request/show/35618
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=14
2010-03-24 09:00:53 +00:00
Michael Calmer
f9e6d882fd - add post 1.8 fixes
* Add IPv6 support to changepw.c
  * fix two problems in kadm5_get_principal mask handling 
  * Ignore improperly encoded signedpath AD elements
  * handle NT_SRV_INST in service principal referrals
  * dereference options while checking 
    KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT
  * Fix the kpasswd fallback from the ccache principal name
  * Document the ticket_lifetime libdefaults setting
  * Change KRB5_AUTHDATA_SIGNTICKET from 142 to 512

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=13
2010-03-23 11:40:55 +00:00
OBS User autobuild
2e036bfdfd Accepting request 33933 from network
checked in (request 33933)

OBS-URL: https://build.opensuse.org/request/show/33933
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=12
2010-03-05 01:10:03 +00:00
Michael Calmer
6c03664bc8 - update to version 1.8
- update to version 1.8
  * Increase code quality 
  * Move toward improved KDB interface
  * Investigate and remedy repeatedly-reported performance 
    bottlenecks.
  * Reduce DNS dependence by implementing an interface that allows
    client library to track whether a KDC supports service 
    principal referrals.
  * Disable DES by default 
  * Account lockout for repeated login failures
  * Bridge layer to allow Heimdal HDB modules to act as KDB 
    backend modules
  * FAST enhancements
  * Microsoft Services for User (S4U) compatibility
  * Anonymous PKINIT
- fix KDC denial of service
  CVE-2010-0283, MITKRB5-SA-2010-001 (bnc#571781)
  CVE-2009-4212, MITKRB5-SA-2009-004 (bnc#561351)
- moved krb5 applications (telnet, ftp, rlogin, ...) to krb5-appl
 
- update to version 1.8
  * Increase code quality 
  * Move toward improved KDB interface
  * Investigate and remedy repeatedly-reported performance 
    bottlenecks.
  * Reduce DNS dependence by implementing an interface that allows
    client library to track whether a KDC supports service 
    principal referrals.
  * Disable DES by default 
  * Account lockout for repeated login failures
  * Bridge layer to allow Heimdal HDB modules to act as KDB 
    backend modules
  * FAST enhancements
  * Microsoft Services for User (S4U) compatibility
  * Anonymous PKINIT
- fix KDC denial of service
  CVE-2010-0283, MITKRB5-SA-2010-001 (bnc#571781)
  CVE-2009-4212, MITKRB5-SA-2009-004 (bnc#561351)
- moved krb5 applications (telnet, ftp, rlogin, ...) to krb5-appl

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=11
2010-03-04 10:58:13 +00:00
OBS User autobuild
2400da9106 Accepting request 33933 from network
Copy from network/krb5 based on submit request 33933 from user mcalmer

OBS-URL: https://build.opensuse.org/request/show/33933
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=46
2010-03-05 01:10:04 +00:00
OBS User autobuild
5670e1eed5 Accepting request 28402 from network
Copy from network/krb5 based on submit request 28402 from user coolo

OBS-URL: https://build.opensuse.org/request/show/28402
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=45
2010-01-14 14:34:47 +00:00
OBS User autobuild
7f71d89cdd Accepting request 24524 from network
Copy from network/krb5 based on submit request 24524 from user mcalmer

OBS-URL: https://build.opensuse.org/request/show/24524
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=44
2009-11-16 15:21:45 +00:00
OBS User unknown
2bdceaa356 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=42 2009-07-17 14:31:27 +00:00
OBS User unknown
7b77761d5a OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=41 2009-07-08 17:41:43 +00:00
OBS User unknown
4da4b4f6fa OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=40 2009-01-14 16:54:24 +00:00
OBS User unknown
be8ee38181 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=39 2008-12-15 13:48:05 +00:00
OBS User unknown
a10696fea1 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=38 2008-11-02 14:42:40 +00:00
OBS User unknown
7fe2afc091 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=37 2008-10-06 17:00:36 +00:00
OBS User unknown
f3bf4312fc OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=36 2008-08-01 23:11:46 +00:00
OBS User unknown
d5c17a28f6 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=35 2008-07-25 14:52:35 +00:00
OBS User unknown
7128383f1b OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=34 2008-06-23 02:16:38 +00:00
OBS User unknown
7a79e440be OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=33 2008-05-17 00:39:26 +00:00
OBS User unknown
983d9ce5de OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=32 2008-04-10 12:21:08 +00:00
OBS User unknown
65f311aa15 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=31 2008-04-09 19:26:24 +00:00
OBS User unknown
d41ac48ab6 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=30 2008-03-21 00:47:13 +00:00