| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: krb5 | Distribution: openSUSE 10.2 (i586) |
| Version: 1.5.1 | Vendor: SUSE LINUX Products GmbH, Nuernberg, Germany |
| Release: 23.12 | Build date: Thu Dec 20 15:22:03 2007 |
| Group: Productivity/Networking/Security | Build host: eisler.suse.de |
| Size: 7164037 | Source RPM: krb5-1.5.1-23.12.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: http://web.mit.edu/kerberos/www/ | |
| Summary: MIT Kerberos5 Implementation--Libraries | |
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of clear text passwords.
Authors:
--------
The MIT Kerberos Team
Sam Hartman <hartmans@mit.edu>
Ken Raeburn <raeburn@mit.edu>
Tom Yu <tlyu@mit.edu>
X11/MIT
internal MD5: 11ad687d0fb7ac1d16b3a5b9f8c1219b
GPG
* Fri Dec 14 2007 - mc@suse.de
- fix several security bugs:
* CVE-2007-5894 apparent uninit length
* CVE-2007-5902 integer overflow
* CVE-2007-5971 free of non-heap pointer and double-free
* CVE-2007-5972 double fclose()
[#346745, #346748, #346746, #346749, #346747]
* Thu Sep 06 2007 - mc@suse.de
- fix a problem with the originally published patch
for MITKRB5-SA-2007-006 - CVE-2007-3999/CVE-2007-4743
[#302377]
* Fri Aug 24 2007 - mc@suse.de
- fix execute arbitrary code
(MITKRB5-SA-2007-006 - CVE-2007-3999,2007-4000)
[#302377]
* Thu Jun 14 2007 - mc@suse.de
- fix buffer overflow in kadmind
(MITKRB5-SA-2007-005 - CVE-2007-2798)
[#278689]
* Mon May 07 2007 - mc@suse.de
- fix kadmind code execution bug
(MITKRB5-SA-2007-004 - CVE-2007-2442 - CVE-2007-2443)
[#271191]
* Mon Mar 12 2007 - mc@suse.de
- fix kadmind stack overflow in krb5_klog_syslog
(MITKRB5-SA-2007-002 - CVE-2007-0957)
[#253548]
* Fri Mar 09 2007 - mc@suse.de
- fix double free attack in the RPC library
(MITKRB5-SA-2007-003 - CVE-2007-1216)
[#252487]
* Thu Feb 22 2007 - mc@suse.de
- fix krb5 telnetd login injection
(MIT-SA-2007-001 - CVE-2007-0956)
[#247765]
* Wed Dec 06 2006 - mc@suse.de
- fix for
kadmind (via RPC library) calls uninitialized function pointer
(CVE-2006-6143)(Bug #225990)
krb5-1.4-MITKRB5-SA-2006-002-fix-code-exec.dif
- fix for
kadmind (via GSS-API mechglue) frees uninitialized pointers
(CVE-2006-6144)(Bug #225992)
krb5-1.5-MITKRB5-SA-2006-003-fix-free-of-uninitialized-pointer.dif
* Mon Nov 06 2006 - mc@suse.de
- fix "local variable used before set" [#217692]
- fix strncat warning
* Fri Oct 27 2006 - mc@suse.de
- add a default kadm5.dict file
- require $network on daemon start
* Wed Sep 13 2006 - mc@suse.de
- fix function call with too few arguments [#203837]
* Thu Aug 24 2006 - mc@suse.de
- update to version 1.5.1
- remove obsolete patches which are now included upstream
* krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif
* trunk-fix-uninitialized-vars.dif
* Fri Aug 11 2006 - mc@suse.de
- krb5 setuid return check fixes
krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif
[#182351]
* Mon Aug 07 2006 - mc@suse.de
- remove update-messages
* Mon Jul 24 2006 - mc@suse.de
- add check for krb5_prop in services to kpropd init script.
[#192446]
* Mon Jul 03 2006 - mc@suse.de
- update to version 1.5
* KDB abstraction layer, donated by Novell.
* plug-in architecture, allowing for extension modules to be
loaded at run-time.
* multi-mechanism GSS-API implementation ("mechglue"),
donated by Sun Microsystems
* Simple and Protected GSS-API negotiation mechanism ("SPNEGO")
implementation, donated by Sun Microsystems
- remove obsolete patches and add some new
* Fri May 26 2006 - ro@suse.de
- libcom is not in e2fsck-devel but in its own package now, change
Requires accordingly.
* Mon Mar 27 2006 - mc@suse.de
- add all daemons to %stop_on_removal and %restart_on_update
- add reload to kpropd init script
- add force-reload to all init scripts
* Mon Mar 13 2006 - mc@suse.de
- add libgssapi_krb5.so link to main package [#147912]
* Fri Feb 03 2006 - mc@suse.de
- fix logging section for kadmind in convert script
* Wed Jan 25 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
* Fri Jan 13 2006 - mc@suse.de
- change the logging defaults
* Wed Jan 11 2006 - mc@suse.de
- add tools and README for heimdal => MIT update
* Mon Jan 09 2006 - mc@suse.de
- fix build problems, define _GNU_SOURCE
(krb5-1.4.3-set_gnu_source.dif )
* Tue Jan 03 2006 - mc@suse.de
- added "make %{?jobs:-j%jobs}"
* Fri Nov 18 2005 - mc@suse.de
- update to version 1.4.3
* some memmory leaks fixed
* fix for "AS_REP padata has wrong enctype"
* fix for "AS_REP padata missing PA-ETYPE-INFO"
* ... and more
* Wed Nov 02 2005 - dmueller@suse.de
- don't build as root
* Tue Oct 11 2005 - mc@suse.de
- update to version 1.4.2
- remove some obsolet patches
* Mon Aug 08 2005 - mc@suse.de
- build with --disable-static
* Thu Aug 04 2005 - ro@suse.de
- remove devel-static subpackage
* Thu Jun 30 2005 - mc@suse.de
- better patch for princ_comp problem
* Mon Jun 27 2005 - mc@suse.de
- update to version 1.4.1
- remove obsolet patches
- krb5-1.4-gcc4.dif
- krb5-1.4-reduce-namespace-polution.dif
- krb5-1.4-VUL-0-telnet.dif
* Thu Jun 23 2005 - mc@suse.de
- fixed krb5 KDC heap corruption by random free
[#80574, CAN-2005-1174, MITKRB5-SA-2005-002]
- fixed krb5 double free()
[#86768, CAN-2005-1689, MITKRB5-SA-2005-003]
- fix krb5 NULL pointer reference while comparing principals
[#91600]
* Fri Jun 17 2005 - mc@suse.de
- fix uninitialized variables
- compile with -fPIE/ link with -pie
* Wed Apr 20 2005 - mc@suse.de
- fixed wrong xinetd files [#77149]
* Fri Apr 08 2005 - mt@suse.de
- removed krb5-1.4-fix-error_tables.dif patch obsoleted
by libcom_err locking patches
* Thu Apr 07 2005 - mc@suse.de
- fixed missing descriptions in init files
[#76164, #76165, #76166, #76169]
* Wed Mar 30 2005 - mc@suse.de
- enhance $PATH via /etc/profile.d/ [#74018]
- remove the "links to important programs"
* Fri Mar 18 2005 - mc@suse.de
- fixed not running converter script [#72854]
* Thu Mar 17 2005 - mc@suse.de
- Fix CAN-2005-0469: Multiple Telnet Client slc_add_reply() Buffer
Overflow
- Fix CAN-2005-0468: Multiple Telnet Client env_opt_add() Buffer
Overflow
[#73618]
* Wed Mar 16 2005 - mc@suse.de
- fixed wrong PreReqs [#73020]
* Tue Mar 15 2005 - mc@suse.de
- add a simple krb5.conf converter [#72854]
* Mon Mar 14 2005 - mc@suse.de
- fixed: rckrb5kdc restart gives wrong status with non-running service
[#72446]
* Thu Mar 10 2005 - mc@suse.de
- add requires: e2fsprogs-devel to krb5-devel package [#71732]
* Fri Feb 25 2005 - mc@suse.de
- fix double free [#66534]
krb5-1.4-fix-error_tables.dif
* Fri Feb 11 2005 - mc@suse.de
- change mode for shared libraries to 755
* Fri Feb 04 2005 - mc@suse.de
- remove spx.c from tarball because of legal risk
- add README.Source which tell the user about this
action.
- add a check for spx.c in the spec-file
- use rich-text for update-messages [#50250]
* Tue Feb 01 2005 - mc@suse.de
- add krb5-1.4-reduce-namespace-polution.dif
reduce namespace polution in gssapi.h [#50356]
* Fri Jan 28 2005 - mc@suse.de
- update to version 1.4
- Add implementation of the RPCSEC_GSS authentication flavor to the
RPC library.
- Thread safety for krb5 libraries.
- Merged Athena telnetd changes for creating a new option for
requiring encryption.
- The kadmind4 backwards-compatibility admin server and the v5passwdd
backwards-compatibility password-changing server have been removed.
- Yarrow code now uses AES.
- Merged Athena changes to allow ftpd to require encrypted passwords.
- Incorporate gss_krb5_set_allowable_enctypes() and
gss_krb5_export_lucid_sec_context(), which are needed for NFSv4.
- remove obsolet patches
* Mon Jan 17 2005 - mc@suse.de
- add proofreaded update-messages
* Fri Jan 14 2005 - mc@suse.de
- remove Conflicts: and add Provides:
- add some insserv stuff
* Thu Jan 13 2005 - mc@suse.de
- move vendor files to vendor-files.tar.bz2
- add obsoletes: heimdal
- add %pre and %post sections to detect update
from heimdal and backup invalid configuration files
- add update-messages for heimdal update
* Mon Jan 10 2005 - mc@suse.de
- update to version 1.3.6
- fix for: heap buffer overflow in libkadm5srv
[CAN-2004-1189 / MITKRB5-SA-2004-004]
* Tue Dec 14 2004 - mc@suse.de
- build doc subpackage in an own specfile
- removed unnecessary neededforbuild requirements
* Wed Nov 24 2004 - coolo@suse.de
- fix build with gcc 4
* Mon Nov 15 2004 - mc@suse.de
- added Conflicts with heimdal*
- rename some manpages to avoid conflicts
* Thu Nov 04 2004 - mc@suse.de
- new init scripts
- fix logrotate scripts
- add some 64Bit fixes
- add default krb5.conf, kdc.conf and kadm5.acl
* Wed Nov 03 2004 - mc@suse.de
- add e2fsprogs to NFB
- use system-et and system-ss
- fix includes of com_err.h
* Thu Oct 28 2004 - mc@suse.de
- Initital checkin
Xpř '
Generated by rpm2html 1.8.1
Daniel Veillard, Fri Aug 22 04:20:22 2008