Michael Calmer
66ced8b26b
- fix PKINIT null pointer deref in pkinit_check_kdc_pkid()
...
CVE-2012-1016 (bnc#807556)
bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif
bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif
- fix PKINIT null pointer deref in pkinit_check_kdc_pkid()
CVE-2012-1016 (bnc#807556)
bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif
bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=88
2013-03-06 11:03:13 +00:00
Michael Calmer
b06750d1e3
- fix PKINIT null pointer deref
...
CVE-2013-1415 (bnc#806715)
- package missing file (bnc#794784)
- revert the -p usage in %postun to fix SLE build
- fix PKINIT null pointer deref
CVE-2013-1415 (bnc#806715)
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=87
2013-03-04 10:24:33 +00:00
Michael Calmer
3833bf033c
osc copypac from project:openSUSE:Factory package:krb5 revision:87, using keep-link
...
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=84
2013-01-25 14:25:26 +00:00
Michael Calmer
9107e5e0a0
- package missing file (bnc#794784)
...
- package missing file (bnc#794784)
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=82
2013-01-14 09:13:37 +00:00
Michael Calmer
ebe2f14d13
- update to version 1.11
...
* Improve ASN.1 support code, making it table-driven for
decoding as well as encoding
* Refactor parts of KDC
* Documentation consolidation
* build docs in the main package
* bugfixing
- revert the -p usage in %postun to fix SLE build
- update to version 1.11
* Improve ASN.1 support code, making it table-driven for
decoding as well as encoding
* Refactor parts of KDC
* Documentation consolidation
* build docs in the main package
* bugfixing
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=81
2013-01-13 16:54:32 +00:00
Michael Calmer
9f81fd6bf3
Accepting request 138418 from openSUSE:Factory:Staging:Systemd
...
- buildrequire systemd by pkgconfig provide to get systemd-mini
- revert the -p usage in %postun to fix SLE build
- buildrequire systemd by pkgconfig provide to get systemd-mini
OBS-URL: https://build.opensuse.org/request/show/138418
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=79
2012-10-17 07:48:12 +00:00
df32a9b4a9
Accepting request 138156 from openSUSE:Factory:Staging:Systemd
...
OBS-URL: https://build.opensuse.org/request/show/138156
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=77
2012-10-15 13:04:28 +00:00
Michael Calmer
dc50be2adf
- add systemd service files for kadmind, krb5kdc and kpropd
...
- add sysconfig templates for kadmind and krb5kdc
- add systemd service files for kadmind, krb5kdc and kpropd
- add sysconfig templates for kadmind and krb5kdc
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=74
2012-10-05 14:25:10 +00:00
Michael Calmer
ff4c5cf360
Accepting request 124805 from home:coolo:branches:openSUSE:Factory
...
- fix %files section for krb5-mini
OBS-URL: https://build.opensuse.org/request/show/124805
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=70
2012-06-13 09:15:26 +00:00
Michael Calmer
6735fa647b
- fix gcc47 issues
...
- fix gcc47 issues
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=68
2012-06-07 11:40:00 +00:00
Michael Calmer
84f939323f
- update to version 1.10.2
...
obsolte patches:
* krb5-1.7-nodeplibs.patch
* krb5-1.9.1-ai_addrconfig.patch
* krb5-1.9.1-ai_addrconfig2.patch
* krb5-1.9.1-sendto_poll.patch
* krb5-1.9-canonicalize-fallback.patch
* krb5-1.9-paren.patch
* krb5-klist_s.patch
* krb5-pkinit-cms2.patch
* krb5-trunk-chpw-err.patch
* krb5-trunk-gss_delete_sec.patch
* krb5-trunk-kadmin-oldproto.patch
* krb5-1.9-MITKRB5-SA-2011-006.dif
* krb5-1.9-gss_display_status-iakerb.patch
* krb5-1.9.1-sendto_poll2.patch
* krb5-1.9.1-sendto_poll3.patch
* krb5-1.9-MITKRB5-SA-2011-007.dif
- Fix an interop issue with Windows Server 2008 R2 Read-Only Domain
Controllers.
- Update a workaround for a glibc bug that would cause DNS PTR queries
to occur even when rdns = false.
- Fix a kadmind denial of service issue (null pointer dereference),
which could only be triggered by an administrator with the "create"
privilege. [CVE-2012-1013]
- Fix access controls for KDB string attributes [CVE-2012-1012]
- Make the ASN.1 encoding of key version numbers interoperate with
Windows Read-Only Domain Controllers
- Avoid generating spurious password expiry warnings in cases where
the KDC sends an account expiry time without a password expiry time
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=65
2012-06-06 14:55:51 +00:00
3e20fdd243
Accepting request 102242 from home:msmeissn:branches:network
...
move license/summary/group tags out of ifdef
OBS-URL: https://build.opensuse.org/request/show/102242
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=61
2012-02-08 08:11:14 +00:00
Stephan Kulow
7cd74a1dc5
Accepting request 97386 from home:coolo:removeautoconf
...
add autoconf to buildrequires
OBS-URL: https://build.opensuse.org/request/show/97386
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=59
2011-12-25 21:43:39 +00:00
Michael Calmer
6e6175d4bc
- fix KDC null pointer dereference in TGS handling
...
(MITKRB5-SA-2011-007, bnc#730393)
CVE-2011-1530
- fix KDC null pointer dereference in TGS handling
(MITKRB5-SA-2011-007, bnc#730393)
CVE-2011-1530
(RT#6951, bnc#731648)
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=56
2011-12-07 08:41:31 +00:00
Michael Calmer
f4d30b42a2
- fix KDC HA feature introduced with implementing KDC poll
...
(RT#6951)
- fix KDC HA feature introduced with implementing KDC poll
(RT#6951)
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=55
2011-11-21 10:17:08 +00:00
Michael Calmer
46ef3c181c
Accepting request 92055 from home:rhafer:branches:network
...
fix minor error messages for the IAKERB GSSAPI mechanism
(see: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7020 )
OBS-URL: https://build.opensuse.org/request/show/92055
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=54
2011-11-21 09:54:25 +00:00
Michael Calmer
f55551038a
- fix kdc remote denial of service
...
(MITKRB5-SA-2011-006, bnc#719393)
CVE-2011-1527, CVE-2011-1528, CVE-2011-1529
- fix kdc remote denial of service
(MITKRB5-SA-2011-006, bnc#719393)
CVE-2011-1527, CVE-2011-1528, CVE-2011-1529
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=51
2011-10-19 07:48:04 +00:00
Michael Calmer
fa4d11a0f8
- use --without-pam to build krb5-mini
...
- use --without-pam to build krb5-mini
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=49
2011-08-23 11:52:42 +00:00
Michael Calmer
da75d9099c
Accepting request 79466 from home:mcalmer:branches:network
...
- add patches from Fedora and upstream
- fix init scripts (bnc#689006)
- update to version 1.9.1
* obsolete patches:
MITKRB5-SA-2010-007-1.8.dif
krb5-1.8-MITKRB5-SA-2010-006.dif
krb5-1.8-MITKRB5-SA-2011-001.dif
krb5-1.8-MITKRB5-SA-2011-002.dif
krb5-1.8-MITKRB5-SA-2011-003.dif
krb5-1.8-MITKRB5-SA-2011-004.dif
krb5-1.4.3-enospc.dif
* replace krb5-1.6.1-compile_pie.dif
- fix init scripts (bnc#689006)
OBS-URL: https://build.opensuse.org/request/show/79466
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=46
2011-08-22 08:19:13 +00:00
Michael Calmer
4434f35b8f
- fix kadmind invalid pointer free()
...
(MITKRB5-SA-2011-004, bnc#687469)
CVE-2011-0285
- fix kadmind invalid pointer free()
(MITKRB5-SA-2011-004, bnc#687469)
CVE-2011-0285
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=43
2011-04-14 09:34:57 +00:00
Michael Calmer
b12b5169d7
- Fix vulnerability to a double-free condition in KDC daemon
...
(MITKRB5-SA-2011-003, bnc#671717)
CVE-2011-0284
- Fix vulnerability to a double-free condition in KDC daemon
(MITKRB5-SA-2011-003, bnc#671717)
CVE-2011-0284
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=41
2011-03-16 07:59:53 +00:00
Michael Calmer
1e4178c989
- Fix kpropd denial of service
...
(MITKRB5-SA-2011-001, bnc#662665)
CVE-2010-4022
- Fix KDC denial of service attacks with LDAP back end
(MITKRB5-SA-2011-002, bnc#663619)
CVE-2011-0281, CVE-2011-0282
- Fix kpropd denial of service
(MITKRB5-SA-2011-001, bnc#662665)
CVE-2010-4022
- Fix KDC denial of service attacks with LDAP back end
(MITKRB5-SA-2011-002, bnc#663619)
CVE-2011-0281, CVE-2011-0282
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=39
2011-02-09 09:12:27 +00:00
Michael Calmer
248552dcc5
- Fix multiple checksum handling vulnerabilities
...
(MITKRB5-SA-2010-007, bnc#650650)
CVE-2010-1324
* krb5 GSS-API applications may accept unkeyed checksums
* krb5 application services may accept unkeyed PAC checksums
* krb5 KDC may accept low-entropy KrbFastArmoredReq checksums
CVE-2010-1323
* krb5 clients may accept unkeyed SAM-2 challenge checksums
* krb5 may accept KRB-SAFE checksums with low-entropy derived keys
CVE-2010-4020
* krb5 may accept authdata checksums with low-entropy derived keys
CVE-2010-4021
* krb5 KDC may issue unrequested tickets due to KrbFastReq forgery
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=37
2010-12-01 10:45:18 +00:00
Michael Calmer
69ae6baf15
- fix csh profile (bnc#649856)
...
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=35
2010-10-28 10:53:57 +00:00
Michael Calmer
2e757e8e48
add changes to -mini
...
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=31
2010-10-22 09:18:00 +00:00
Michael Calmer
089523862c
- change environment variable PATH directly for csh
...
(bnc#642080)
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=29
2010-10-22 08:51:14 +00:00
OBS User buildservice-autocommit
b40723da81
Updating link to change in openSUSE:Factory/krb5 revision 55.0
...
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=16c75c266da5ee523e21706d624b6e46
2010-10-11 09:50:03 +00:00
OBS User autobuild
74e4ec3b00
Accepting request 50195 from network
...
checked in (request 50195)
OBS-URL: https://build.opensuse.org/request/show/50195
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=28
2010-10-11 09:50:02 +00:00
Michael Calmer
9482246780
- fix a dereference of an uninitialized pointer while processing
...
authorization data.
CVE-2010-1322, MITKRB5-SA-2010-006 (bnc#640990)
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=27
2010-10-11 08:46:56 +00:00
Michael Calmer
09a8594db3
Accepting request 41854 from home:leonardocf:branches:network
...
Copy from home:leonardocf:branches:network/krb5 via accept of submit request 41854 revision 2.
Request was accepted with message:
OBS-URL: https://build.opensuse.org/request/show/41854
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=25
2010-06-22 07:49:38 +00:00
OBS User buildservice-autocommit
c773282ebc
Updating link to change in openSUSE:Factory/krb5 revision 51.0
...
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=76e7c9e1fc886111a06aa8aebfb6ed24
2010-05-25 08:35:36 +00:00
OBS User autobuild
3631c963d5
Accepting request 40365 from network
...
checked in (request 40365)
OBS-URL: https://build.opensuse.org/request/show/40365
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=24
2010-05-25 08:35:35 +00:00
Michael Calmer
b83e316992
- fix GSS-API library null pointer dereference
...
CVE-2010-1321, MITKRB5-SA-2010-005 (bnc#596826)
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=23
2010-05-19 12:28:19 +00:00
OBS User buildservice-autocommit
b4fda1ea93
Updating link to change in openSUSE:Factory/krb5 revision 50.0
...
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=9e2221a1d23355de5bbe8ae3fe775e8d
2010-04-23 17:17:38 +00:00
OBS User autobuild
8eb1b656d3
Accepting request 38408 from network
...
checked in (request 38408)
OBS-URL: https://build.opensuse.org/request/show/38408
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=22
2010-04-23 17:17:37 +00:00
Michael Calmer
26f8bba482
- fix a double free vulnerability in the KDC
...
CVE-2010-1320, MITKRB5-SA-2010-004 (bnc#596002)
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=21
2010-04-21 08:32:07 +00:00
OBS User buildservice-autocommit
0d6b79cec0
Updating link to change in openSUSE:Factory/krb5 revision 49.0
...
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=ce934bf77d29ffcb7323f9a17cc82caf
2010-04-14 13:16:17 +00:00
OBS User autobuild
8f6bba81c7
Accepting request 37899 from network
...
checked in (request 37899)
OBS-URL: https://build.opensuse.org/request/show/37899
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=20
2010-04-14 13:16:16 +00:00
Michael Calmer
558c7472cd
- update to version 1.8.1
...
* include krb5-1.8-POST.dif
* include MITKRB5-SA-2010-002
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=17
2010-04-09 10:47:38 +00:00
Michael Calmer
9b7065a839
- update krb5-1.8-POST.dif
...
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=16
2010-04-06 12:16:20 +00:00
OBS User buildservice-autocommit
527022b424
Updating link to change in openSUSE:Factory/krb5 revision 48.0
...
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=03eeb0c694a7c98f62758afbaf724d78
2010-03-25 23:13:31 +00:00
OBS User autobuild
2c72bcf882
Accepting request 35620 from network
...
checked in (request 35620)
OBS-URL: https://build.opensuse.org/request/show/35620
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=15
2010-03-25 23:13:30 +00:00
Michael Calmer
28dc0dd056
Accepting request 35618 from home:mcalmer:branches:network
...
Copy from home:mcalmer:branches:network/krb5 via accept of submit request 35618 revision 2.
Request was accepted with message:
OBS-URL: https://build.opensuse.org/request/show/35618
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=14
2010-03-24 09:00:53 +00:00
Michael Calmer
f9e6d882fd
- add post 1.8 fixes
...
* Add IPv6 support to changepw.c
* fix two problems in kadm5_get_principal mask handling
* Ignore improperly encoded signedpath AD elements
* handle NT_SRV_INST in service principal referrals
* dereference options while checking
KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT
* Fix the kpasswd fallback from the ccache principal name
* Document the ticket_lifetime libdefaults setting
* Change KRB5_AUTHDATA_SIGNTICKET from 142 to 512
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=13
2010-03-23 11:40:55 +00:00
OBS User autobuild
2e036bfdfd
Accepting request 33933 from network
...
checked in (request 33933)
OBS-URL: https://build.opensuse.org/request/show/33933
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=12
2010-03-05 01:10:03 +00:00
Michael Calmer
6c03664bc8
- update to version 1.8
...
- update to version 1.8
* Increase code quality
* Move toward improved KDB interface
* Investigate and remedy repeatedly-reported performance
bottlenecks.
* Reduce DNS dependence by implementing an interface that allows
client library to track whether a KDC supports service
principal referrals.
* Disable DES by default
* Account lockout for repeated login failures
* Bridge layer to allow Heimdal HDB modules to act as KDB
backend modules
* FAST enhancements
* Microsoft Services for User (S4U) compatibility
* Anonymous PKINIT
- fix KDC denial of service
CVE-2010-0283, MITKRB5-SA-2010-001 (bnc#571781)
CVE-2009-4212, MITKRB5-SA-2009-004 (bnc#561351)
- moved krb5 applications (telnet, ftp, rlogin, ...) to krb5-appl
- update to version 1.8
* Increase code quality
* Move toward improved KDB interface
* Investigate and remedy repeatedly-reported performance
bottlenecks.
* Reduce DNS dependence by implementing an interface that allows
client library to track whether a KDC supports service
principal referrals.
* Disable DES by default
* Account lockout for repeated login failures
* Bridge layer to allow Heimdal HDB modules to act as KDB
backend modules
* FAST enhancements
* Microsoft Services for User (S4U) compatibility
* Anonymous PKINIT
- fix KDC denial of service
CVE-2010-0283, MITKRB5-SA-2010-001 (bnc#571781)
CVE-2009-4212, MITKRB5-SA-2009-004 (bnc#561351)
- moved krb5 applications (telnet, ftp, rlogin, ...) to krb5-appl
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=11
2010-03-04 10:58:13 +00:00
OBS User autobuild
2400da9106
Accepting request 33933 from network
...
Copy from network/krb5 based on submit request 33933 from user mcalmer
OBS-URL: https://build.opensuse.org/request/show/33933
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=46
2010-03-05 01:10:04 +00:00
OBS User autobuild
5670e1eed5
Accepting request 28402 from network
...
Copy from network/krb5 based on submit request 28402 from user coolo
OBS-URL: https://build.opensuse.org/request/show/28402
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=45
2010-01-14 14:34:47 +00:00
OBS User autobuild
7f71d89cdd
Accepting request 24524 from network
...
Copy from network/krb5 based on submit request 24524 from user mcalmer
OBS-URL: https://build.opensuse.org/request/show/24524
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=44
2009-11-16 15:21:45 +00:00
OBS User unknown
2bdceaa356
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=42
2009-07-17 14:31:27 +00:00
OBS User unknown
7b77761d5a
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=41
2009-07-08 17:41:43 +00:00