Information for build krb5-1.17.1-5.fc32
| ID | 132798 | |||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Package Name | krb5 | |||||||||||||||||||||||||||||||||||
| Version | 1.17.1 | |||||||||||||||||||||||||||||||||||
| Release | 5.fc32 | |||||||||||||||||||||||||||||||||||
| Epoch | ||||||||||||||||||||||||||||||||||||
| Source | git+https://src.fedoraproject.org/rpms/krb5.git#84aac1fa6d4b38294368c59544b8023d94db976d | |||||||||||||||||||||||||||||||||||
| Summary | The Kerberos network authentication system | |||||||||||||||||||||||||||||||||||
| Description | Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. | |||||||||||||||||||||||||||||||||||
| Built by | davidlt | |||||||||||||||||||||||||||||||||||
| State | complete | |||||||||||||||||||||||||||||||||||
| Volume | DEFAULT | |||||||||||||||||||||||||||||||||||
| Started | Thu, 16 Jan 2020 06:33:18 UTC | |||||||||||||||||||||||||||||||||||
| Completed | Thu, 16 Jan 2020 11:24:11 UTC | |||||||||||||||||||||||||||||||||||
| Task | build (f32-candidate, /rpms/krb5.git:84aac1fa6d4b38294368c59544b8023d94db976d) | |||||||||||||||||||||||||||||||||||
| Extra | {'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/krb5.git#84aac1fa6d4b38294368c59544b8023d94db976d'}} | |||||||||||||||||||||||||||||||||||
| Tags |
|
|||||||||||||||||||||||||||||||||||
| RPMs |
|
|||||||||||||||||||||||||||||||||||
| Logs |
|
|||||||||||||||||||||||||||||||||||
| Changelog | * Wed Jan 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-5 - Fix LDAP policy enforcement of pw_expiration - Fix handling of invalid CAMMAC service verifier * Mon Jan 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-4 - Fix xdr_bytes() strict-aliasing violations * Fri Jan 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-3 - Don't warn in kadmin when no policy is specified - Do not always canonicalize enterprise principals * Fri Dec 13 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-2 - Enable the LMDB backend for the KDB * Thu Dec 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-1 - New upstream version - 1.17.1 - Stop building and packaging PDFs * Fri Dec 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-54 - Qualify short hostnames when not using DNS * Wed Nov 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-53 - Various gssalloc fixes * Thu Nov 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-52 - Turns out openssl has an epoch * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-51 - Fix runtime openssl version to actually propogate * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-50 - Add runtime openssl version requirement too * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-49 - Fix kadmin addprinc -randkey -kvno * Tue Nov 19 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-48 - Use OpenSSL's backported KDFs - Restore MD4 in FIPS mode (for samba) * Fri Nov 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-47 - Add default_principal_flags to example kdc.conf * Wed Oct 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-46 - Log unknown enctypes as unsupported in KDC * Wed Sep 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-45 - Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) * Thu Sep 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-44 - Static analyzer appeasement * Tue Aug 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-43 - Simplify krb5_dbe_def_search_enctype() * Thu Aug 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-42 - Update FIPS patches to remove SPAKE * Thu Aug 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-41 - Fix KCM client time offset propagation * Fri Aug 09 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-40 - Initialize life/rlife in kdcpolicy interface * Tue Aug 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-39 - Fix memory leaks in soft-pkcs11 code * Tue Jul 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-38 - Add soft-pkcs11 and use it for testing * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-37 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu Jul 18 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-36 - Filter enctypes in gss_set_allowable_enctypes() * Mon Jul 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-35 - Don't error on invalid enctypes in keytab - Resolves: #1724380 * Tue Jul 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-34 - Remove now-unused checksum functions * Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-33 - Fix typo in 3des commit * Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-32 - Remove PKINIT draft9 support (compat with EOL, pre-2008 Windows) * Mon Jun 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-31 - Remove strerror() calls from k5_get_error() * Fri Jun 07 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-30 - Remove 3des from kdc.conf example * Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-29 - Remove 3DES support * Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-28 - Remove 3des support * Thu May 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-27 - Remove krb5int_c_combine_keys() and no-flags SAM-2 preauth * Tue May 28 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-26 - Remove support for single-DES and CRC * Wed May 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-25 - Add missing newlines to deprecation warnings - Switch to upstream's ksu path patch * Tue May 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-24 - Update default krb5kdc mkey manual-entry enctype - Also update account lockout patch to upstream version * Mon May 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-23 - Test & docs fixes in preparation for DES removal * Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-22 - Drop krb5_realm_compare() etc. NULL check patches * Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-21 - Re-provide krb5-kdb-version in -devel as well (IPA wants it) * Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-20 - (Patch consolidation; hopefully no changes) * Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-19 - Remove checksum type profile variables * Fri May 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-18 - Pull in 2019-05-02 static analysis updates * Fri May 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-17 - Move krb5-kdb-version provide into krb5-server for freeipa * Wed May 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-16 - Use secure_getenv() where appropriate * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-15 - Fix us up real nice with rpmlint * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-14 - Add dns_canonicalize_hostname=fallback support * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-13 - Check more errors in OpenSSL crypto backend * Mon Apr 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-12 - Fix potential close(-1) in cc_file.c * Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-11 - Remove ovsec_adm_export and confvalidator * Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-10 - Fix config realm change logic in FILE remove_cred * Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-9 - Remove Kerberos v4 support vestiges (including ktany support) * Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-8 - Implement krb5_cc_remove_cred for remaining types - Resolves: #1693836 * Mon Apr 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-7 - FIPS-aware SPAKE group negotiation * Mon Feb 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-6 - Fix memory leak in 'none' replay cache type - Silence a coverity warning while we're here. * Fri Feb 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-5 - Update FIPS blocking for RC4 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jan 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-3 - enctype logging and explicit_bzero() * Tue Jan 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-2 - New upstream version (1.17) * Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.6 - Use openssl's PRNG in FIPS mode * Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.5 - Address some optimized-out memset() calls * Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.4 - Remove incorrect KDC assertion * Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.3 - Fix syntax on pkinit_anchors field in default krb5.conf * Mon Dec 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.2 - Restore pdfs source file - Resolves: #1659716 * Thu Dec 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.1 - New upstream release (1.17-beta2) - Drop pdfs source file * Thu Nov 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.3 - Add tests for KCM ccache type * Mon Nov 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.2 - Gain FIPS awareness * Thu Nov 08 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.1 - Fix spurious errors from kcmio_unix_socket_write - Resolves: #1645912 * Thu Nov 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-0.beta1.1 - New upstream beta release * Wed Oct 24 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-25 - Update man pages to reference kerberos(7) - Resolves: #1143767 * Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-24 - Use port-sockets.h macros in cc_kcm, sendto_kdc - Resolves: #1631998 * Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-23 - Correct kpasswd_server description in krb5.conf(5) - Resolves: #1640272 * Mon Oct 15 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-22 - Prefer TCP to UDP for password changes - Resolves: #1637611 * Tue Oct 09 2018 Adam Williamson <awilliam@redhat.com> - 1.16.1-21 - Revert the patch from -20 for now as it seems to make FreeIPA worse * Tue Oct 02 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-20 - Fix bugs with concurrent use of MEMORY ccaches * Wed Aug 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-19 - In FIPS mode, add plaintext fallback for RC4 usages and taint * Thu Jul 26 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-18 - Fix k5test prompts for Python 3 * Thu Jul 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-17 - Remove outdated note in krb5kdc man page * Thu Jul 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-16 - Make krb5kdc -p affect TCP ports * Thu Jul 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-15 - Eliminate preprocessor-disabled dead code * Wed Jul 18 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-14 - Fix some broken tests for Python 3 * Mon Jul 16 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-13 - Zap copy of secret in RC4 string-to-key * Thu Jul 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-12 - Convert Python tests to Python 3 * Wed Jul 11 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-11 - Add build dependency on gcc * Tue Jul 10 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-10 - Use SHA-256 instead of MD5 for audit ticket IDs * Fri Jul 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-9 - Add BuildRequires on python2 so we can run tests at build-time * Fri Jul 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-8 - Explicitly look for python2 in configure.in * Thu Jun 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-7 - Add flag to disable encrypted timestamp on client * Thu Jun 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-6 - Switch to python3-sphinx for docs - Resolves: #1590928 * Thu Jun 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-5 - Make docs build python3-compatible - Resolves: #1590928 * Thu Jun 07 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-4 - Update includedir processing to match upstream * Fri Jun 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-3 - Log when non-root ksu authorization fails - Resolves: #1575771 * Fri May 04 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-2 - Remove "-nodes" option from make-certs scripts * Fri May 04 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-1 - New upstream release - 1.16.1 * Thu May 03 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-27 - Fix configuration of default ccache name to match file indentation * Mon Apr 30 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-26 - Set error message on KCM get_princ failure * Mon Apr 30 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-25 - Set error message on KCM get_princ failure * Tue Apr 24 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-24 - Fix KDC null dereference on large TGS replies * Mon Apr 23 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-23 - Explicitly use openssl rather than builtin crypto - Resolves: #1570910 * Tue Apr 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-22 - Merge duplicate subsections in profile library * Mon Apr 09 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-21 - Restrict pre-authentication fallback cases * Tue Apr 03 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-20 - Be more careful asking for AS key in SPAKE client * Mon Apr 02 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-19 - Zap data when freeing krb5_spake_factor * Thu Mar 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-18 - Continue after KRB5_CC_END in KCM cache iteration * Tue Mar 27 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-17 - Fix SPAKE memory leak * Tue Mar 27 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-16 - Fix gitignore problem with previous patchset * Tue Mar 27 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-15 - Add SPAKE support - Improve protections on internal sensitive buffers - Improve internal hex encoding/decoding * Tue Mar 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-14 - Fix problem with ccache_name logic in previous build * Tue Mar 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-13 - Add pkinit_anchors default value to krb5.conf - Reindent krb5.conf to not be terrible * Tue Mar 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-12 - Log preauth names in trace output - Misc bugfixes from upstream * Mon Mar 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-11 - Add PKINIT KDC support for freshness token * Wed Mar 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-10 - Exit with status 0 from kadmind * Tue Mar 13 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-9 - Fix hex conversion of PKINIT certid strings * Wed Mar 07 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-8 - Fix capaths "." values on client - Resolves: 1551099 * Tue Feb 13 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-7 - Fix flaws in LDAP DN checking - CVE-2018-5729, CVE-2018-5730 * Mon Feb 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-6 - Fix a leak in the previous commit - Restore dist macro that was accidentally removed - Resolves: #1540939 * Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.16-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.16-4 - Switch to %ldconfig_scriptlets * Mon Jan 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-3 - Process included directories in alphabetical order |
