| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: krb5-x86 | Distribution: openSUSE 11.4 |
| Version: 1.8.3 | Vendor: openSUSE |
| Release: 16.49.1 | Build date: Tue Jun 19 10:36:07 2012 |
| Group: Productivity/Networking/Security | Build host: build06 |
| Size: 1607228 | Source RPM: krb5-1.8.3-16.49.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: http://web.mit.edu/kerberos/www/ | |
| Summary: MIT Kerberos5 Implementation--Libraries | |
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of clear text passwords.
Authors:
--------
The MIT Kerberos Team
Sam Hartman <hartmans@mit.edu>
Ken Raeburn <raeburn@mit.edu>
Tom Yu <tlyu@mit.edu>
MIT License (or similar)
* Mon Jun 18 2012 mc@suse.de
- fix kadmind denial of service via null pointer dereference
CVE-2012-1013 (bnc#765485)
* Mon Oct 17 2011 mc@suse.de
- fix kdc remote denial of service
(MITKRB5-SA-2011-006, bnc#719393)
CVE-2011-1528, CVE-2011-1529
* Thu Apr 14 2011 mc@suse.de
- fix kadmind invalid pointer free()
(MITKRB5-SA-2011-004, bnc#687469)
CVE-2011-0285
* Mon Mar 14 2011 mc@suse.de
- Fix vulnerability to a double-free condition in KDC daemon
(MITKRB5-SA-2011-003, bnc#671717)
CVE-2011-0284
* Wed Jan 19 2011 mc@suse.de
- Fix kpropd denial of service
(MITKRB5-SA-2011-001, bnc#662665)
CVE-2010-4022
- Fix KDC denial of service attacks with LDAP back end
(MITKRB5-SA-2011-002, bnc#663619)
CVE-2011-0281, CVE-2011-0282
* Wed Dec 01 2010 mc@suse.de
- Fix multiple checksum handling vulnerabilities
(MITKRB5-SA-2010-007, bnc#650650)
CVE-2010-1324
* krb5 GSS-API applications may accept unkeyed checksums
* krb5 application services may accept unkeyed PAC checksums
* krb5 KDC may accept low-entropy KrbFastArmoredReq checksums
CVE-2010-1323
* krb5 clients may accept unkeyed SAM-2 challenge checksums
* krb5 may accept KRB-SAFE checksums with low-entropy derived keys
CVE-2010-4020
* krb5 may accept authdata checksums with low-entropy derived keys
CVE-2010-4021
* krb5 KDC may issue unrequested tickets due to KrbFastReq forgery
* Thu Oct 28 2010 mc@suse.de
- fix csh profile (bnc#649856)
* Fri Oct 22 2010 mc@suse.de
- update to krb5-1.8.3
* remove patches which are now upstrem
- krb5-1.7-MITKRB5-SA-2010-004.dif
- krb5-1.8.1-gssapi-error-table.dif
- krb5-MITKRB5-SA-2010-005.dif
* Fri Oct 22 2010 mc@suse.de
- change environment variable PATH directly for csh
(bnc#642080)
* Mon Sep 27 2010 mc@suse.de
- fix a dereference of an uninitialized pointer while processing
authorization data.
CVE-2010-1322, MITKRB5-SA-2010-006 (bnc#640990)
* Mon Jun 21 2010 lchiquitto@novell.com
- add correct error table when initializing gss-krb5 (bnc#606584,
bnc#608295)
* Wed May 19 2010 mc@suse.de
- fix GSS-API library null pointer dereference
CVE-2010-1321, MITKRB5-SA-2010-005 (bnc#596826)
* Wed Apr 14 2010 mc@suse.de
- fix a double free vulnerability in the KDC
CVE-2010-1320, MITKRB5-SA-2010-004 (bnc#596002)
* Fri Apr 09 2010 mc@suse.de
- update to version 1.8.1
* include krb5-1.8-POST.dif
* include MITKRB5-SA-2010-002
* Tue Apr 06 2010 mc@suse.de
- update krb5-1.8-POST.dif
* Tue Mar 23 2010 mc@suse.de
- fix a bug where an unauthenticated remote attacker could cause
a GSS-API application including the Kerberos administration
daemon (kadmind) to crash.
CVE-2010-0628, MITKRB5-SA-2010-002 (bnc#582557)
* Tue Mar 23 2010 mc@suse.de
- add post 1.8 fixes
* Add IPv6 support to changepw.c
* fix two problems in kadm5_get_principal mask handling
* Ignore improperly encoded signedpath AD elements
* handle NT_SRV_INST in service principal referrals
* dereference options while checking
KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT
* Fix the kpasswd fallback from the ccache principal name
* Document the ticket_lifetime libdefaults setting
* Change KRB5_AUTHDATA_SIGNTICKET from 142 to 512
* Thu Mar 04 2010 mc@suse.de
- update to version 1.8
* Increase code quality
* Move toward improved KDB interface
* Investigate and remedy repeatedly-reported performance
bottlenecks.
* Reduce DNS dependence by implementing an interface that allows
client library to track whether a KDC supports service
principal referrals.
* Disable DES by default
* Account lockout for repeated login failures
* Bridge layer to allow Heimdal HDB modules to act as KDB
backend modules
* FAST enhancements
* Microsoft Services for User (S4U) compatibility
* Anonymous PKINIT
- fix KDC denial of service
CVE-2010-0283, MITKRB5-SA-2010-001 (bnc#571781)
- fix KDC denial of service in cross-realm referral processing
CVE-2009-3295, MITKRB5-SA-2009-003 (bnc#561347)
- fix integer underflow in AES and RC4 decryption
CVE-2009-4212, MITKRB5-SA-2009-004 (bnc#561351)
- moved krb5 applications (telnet, ftp, rlogin, ...) to krb5-appl
* Mon Dec 14 2009 jengelh@medozas.de
- add baselibs.conf as a source
* Fri Nov 13 2009 mc@suse.de
- enhance '$PATH' only if the directories are available
and not empty (bnc#544949)
* Sun Jul 12 2009 coolo@novell.com
- readd lost baselibs.conf
* Wed Jun 03 2009 mc@suse.de
- update to final 1.7 release
* Wed May 13 2009 mc@suse.de
- update to version 1.7 Beta2
* Incremental propagation support for the KDC database.
* Flexible Authentication Secure Tunneling (FAST), a preauthentiation
framework that can protect the AS exchange from dictionary attack.
* Implement client and KDC support for GSS_C_DELEG_POLICY_FLAG, which
allows a GSS application to request credential delegation only if
permitted by KDC policy.
* Fix CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847 --
various vulnerabilities in SPNEGO and ASN.1 code.
/emul/ia32-linux/usr /emul/ia32-linux/usr/lib /emul/ia32-linux/usr/lib/krb5 /emul/ia32-linux/usr/lib/krb5/plugins /emul/ia32-linux/usr/lib/krb5/plugins/preauth /emul/ia32-linux/usr/lib/krb5/plugins/preauth/encrypted_challenge.so /emul/ia32-linux/usr/lib/libgssapi_krb5.so /emul/ia32-linux/usr/lib/libgssapi_krb5.so.2 /emul/ia32-linux/usr/lib/libgssapi_krb5.so.2.2 /emul/ia32-linux/usr/lib/libgssrpc.so.4 /emul/ia32-linux/usr/lib/libgssrpc.so.4.1 /emul/ia32-linux/usr/lib/libk5crypto.so.3 /emul/ia32-linux/usr/lib/libk5crypto.so.3.1 /emul/ia32-linux/usr/lib/libkadm5clnt_mit.so.7 /emul/ia32-linux/usr/lib/libkadm5clnt_mit.so.7.0 /emul/ia32-linux/usr/lib/libkadm5srv_mit.so.7 /emul/ia32-linux/usr/lib/libkadm5srv_mit.so.7.0 /emul/ia32-linux/usr/lib/libkdb5.so.4 /emul/ia32-linux/usr/lib/libkdb5.so.4.0 /emul/ia32-linux/usr/lib/libkrb5.so.3 /emul/ia32-linux/usr/lib/libkrb5.so.3.3 /emul/ia32-linux/usr/lib/libkrb5support.so.0 /emul/ia32-linux/usr/lib/libkrb5support.so.0.1
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon May 13 08:46:15 2013