Information for build krb5-1.18.2-20.fc33
| ID | 185670 | |||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Package Name | krb5 | |||||||||||||||||||||||||||||||||||
| Version | 1.18.2 | |||||||||||||||||||||||||||||||||||
| Release | 20.fc33 | |||||||||||||||||||||||||||||||||||
| Epoch | ||||||||||||||||||||||||||||||||||||
| Source | git+https://src.fedoraproject.org/rpms/krb5.git#cd0b1d6ba6cfd96da3b09731a33b40d190751a09 | |||||||||||||||||||||||||||||||||||
| Summary | The Kerberos network authentication system | |||||||||||||||||||||||||||||||||||
| Description | Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. | |||||||||||||||||||||||||||||||||||
| Built by | davidlt | |||||||||||||||||||||||||||||||||||
| State | complete | |||||||||||||||||||||||||||||||||||
| Volume | DEFAULT | |||||||||||||||||||||||||||||||||||
| Started | Sun, 16 Aug 2020 05:44:08 UTC | |||||||||||||||||||||||||||||||||||
| Completed | Sun, 16 Aug 2020 11:53:30 UTC | |||||||||||||||||||||||||||||||||||
| Task | build (f33, /rpms/krb5.git:cd0b1d6ba6cfd96da3b09731a33b40d190751a09) | |||||||||||||||||||||||||||||||||||
| Extra | {'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/krb5.git#cd0b1d6ba6cfd96da3b09731a33b40d190751a09'}} | |||||||||||||||||||||||||||||||||||
| Tags |
|
|||||||||||||||||||||||||||||||||||
| RPMs |
|
|||||||||||||||||||||||||||||||||||
| Logs |
|
|||||||||||||||||||||||||||||||||||
| Changelog | * Thu Aug 13 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-20 - Temporarily dns_canonicalize_hostname=fallback changes - Hopefully unbreak IPA while we debug further * Fri Aug 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-19 - Expand dns_canonicalize_hostname=fallback support * Tue Aug 04 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-18 - Fix leak in KERB_AP_OPTIONS_CBT server support * Mon Aug 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-17 - Revert qualify_shortname removal * Mon Aug 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-16 - Disable tests on s390x - Resolves: #1863952 * Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.18.2-15 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Fri Jul 31 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-14 - Revert qualify_shortname changes * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.18.2-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-12 - Ignore bad enctypes in krb5_string_to_keysalts() - Allow gss_unwrap_iov() of unpadded RC4 tokens * Wed Jul 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-11 - Ignore bad enctypes in krb5_string_to_keysalts() * Wed Jul 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-10 - Set qualify_shortname empty in default configuration - Resolves: #1852041 * Mon Jun 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-9 - Use two queues for concurrent t_otp.py daemons * Mon Jun 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-8 - Match Heimdal behavior for channel bindings * Mon Jun 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-7 - Fix test suite by removing wrapper workarounds * Mon Jun 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-6 - Omit PA_FOR_USER if we can't compute its checksum * Sat May 30 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-5 - Replace gssrpc tests with a Python script * Sat May 30 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-4 - Default dns_canonicalize_hostname to "fallback" * Tue May 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-3 - dns_canonicalize_hostname = fallback * Tue May 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-2 - Pass channel bindings through SPNEGO * Fri May 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-1 - New upstream release (1.18.2) * Fri May 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-6 - Fix SPNEGO acceptor mech filtering * Mon May 18 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-5 - Fix typo ("in in") in the ksu man page * Fri May 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-4 - Omit KDC indicator check for S4U2Self requests * Tue Apr 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-3 - Pass gss_localname() through SPNEGO * Tue Apr 14 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-1.1 - Drop yasm requirement since we don't use builtin crypto * Tue Apr 14 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-1 - New upstream version (1.18.1) * Tue Apr 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-12 - Make ksu honor KRB5CCNAME again * Thu Apr 02 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-11 - Do expiration warnings for all init_creds APIs * Wed Apr 01 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-10 - Correctly import "service@" GSS host-based name * Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-9 - Eliminate redundant PKINIT responder invocation * Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-8 - Add finalization safety check to com_err * Fri Mar 20 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-7 - Add maximum openssl version in preparation for openssl 3 * Tue Mar 17 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-6 - Document client keytab usage * Tue Mar 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-5 - Refresh manually acquired creds from client keytab * Fri Feb 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-4 - Allow deletion of require_auth with LDAP KDB * Thu Feb 27 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-3 - Allow certauth modules to set hw-authent flag * Fri Feb 21 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-2 - Fix AS-REQ checking of KDB-modified indicators * Wed Feb 12 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-1 - New upstream version (1.18) * Fri Feb 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.3 - Don't assume OpenSSL failures are memory errors * Thu Feb 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.2 - Put KDB authdata first * Fri Jan 31 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.1 - New upstream beta release - 1.18-beta2 - Adjust naming convention for downstream patches * Fri Jan 10 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta1.1 - New upstream beta release - 1.18-beta1 * Wed Jan 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-5 - Fix LDAP policy enforcement of pw_expiration - Fix handling of invalid CAMMAC service verifier * Mon Jan 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-4 - Fix xdr_bytes() strict-aliasing violations * Fri Jan 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-3 - Don't warn in kadmin when no policy is specified - Do not always canonicalize enterprise principals * Fri Dec 13 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-2 - Enable the LMDB backend for the KDB * Thu Dec 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-1 - New upstream version - 1.17.1 - Stop building and packaging PDFs * Fri Dec 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-54 - Qualify short hostnames when not using DNS * Wed Nov 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-53 - Various gssalloc fixes * Thu Nov 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-52 - Turns out openssl has an epoch * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-51 - Fix runtime openssl version to actually propogate * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-50 - Add runtime openssl version requirement too * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-49 - Fix kadmin addprinc -randkey -kvno * Tue Nov 19 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-48 - Use OpenSSL's backported KDFs - Restore MD4 in FIPS mode (for samba) * Fri Nov 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-47 - Add default_principal_flags to example kdc.conf * Wed Oct 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-46 - Log unknown enctypes as unsupported in KDC * Wed Sep 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-45 - Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) * Thu Sep 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-44 - Static analyzer appeasement * Tue Aug 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-43 - Simplify krb5_dbe_def_search_enctype() * Thu Aug 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-42 - Update FIPS patches to remove SPAKE * Thu Aug 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-41 - Fix KCM client time offset propagation * Fri Aug 09 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-40 - Initialize life/rlife in kdcpolicy interface * Tue Aug 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-39 - Fix memory leaks in soft-pkcs11 code * Tue Jul 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-38 - Add soft-pkcs11 and use it for testing * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-37 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu Jul 18 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-36 - Filter enctypes in gss_set_allowable_enctypes() * Mon Jul 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-35 - Don't error on invalid enctypes in keytab - Resolves: #1724380 * Tue Jul 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-34 - Remove now-unused checksum functions * Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-33 - Fix typo in 3des commit * Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-32 - Remove PKINIT draft9 support (compat with EOL, pre-2008 Windows) * Mon Jun 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-31 - Remove strerror() calls from k5_get_error() * Fri Jun 07 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-30 - Remove 3des from kdc.conf example * Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-29 - Remove 3DES support * Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-28 - Remove 3des support * Thu May 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-27 - Remove krb5int_c_combine_keys() and no-flags SAM-2 preauth * Tue May 28 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-26 - Remove support for single-DES and CRC * Wed May 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-25 - Add missing newlines to deprecation warnings - Switch to upstream's ksu path patch * Tue May 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-24 - Update default krb5kdc mkey manual-entry enctype - Also update account lockout patch to upstream version * Mon May 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-23 - Test & docs fixes in preparation for DES removal * Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-22 - Drop krb5_realm_compare() etc. NULL check patches * Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-21 - Re-provide krb5-kdb-version in -devel as well (IPA wants it) * Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-20 - (Patch consolidation; hopefully no changes) * Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-19 - Remove checksum type profile variables * Fri May 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-18 - Pull in 2019-05-02 static analysis updates * Fri May 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-17 - Move krb5-kdb-version provide into krb5-server for freeipa * Wed May 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-16 - Use secure_getenv() where appropriate * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-15 - Fix us up real nice with rpmlint * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-14 - Add dns_canonicalize_hostname=fallback support * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-13 - Check more errors in OpenSSL crypto backend * Mon Apr 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-12 - Fix potential close(-1) in cc_file.c * Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-11 - Remove ovsec_adm_export and confvalidator * Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-10 - Fix config realm change logic in FILE remove_cred * Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-9 - Remove Kerberos v4 support vestiges (including ktany support) * Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-8 - Implement krb5_cc_remove_cred for remaining types - Resolves: #1693836 * Mon Apr 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-7 - FIPS-aware SPAKE group negotiation * Mon Feb 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-6 - Fix memory leak in 'none' replay cache type - Silence a coverity warning while we're here. * Fri Feb 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-5 - Update FIPS blocking for RC4 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jan 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-3 - enctype logging and explicit_bzero() * Tue Jan 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-2 - New upstream version (1.17) * Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.6 - Use openssl's PRNG in FIPS mode * Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.5 - Address some optimized-out memset() calls * Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.4 - Remove incorrect KDC assertion * Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.3 - Fix syntax on pkinit_anchors field in default krb5.conf * Mon Dec 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.2 - Restore pdfs source file - Resolves: #1659716 * Thu Dec 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.1 - New upstream release (1.17-beta2) - Drop pdfs source file * Thu Nov 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.3 - Add tests for KCM ccache type * Mon Nov 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.2 - Gain FIPS awareness * Thu Nov 08 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.1 - Fix spurious errors from kcmio_unix_socket_write - Resolves: #1645912 * Thu Nov 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-0.beta1.1 - New upstream beta release * Wed Oct 24 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-25 - Update man pages to reference kerberos(7) - Resolves: #1143767 * Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-24 - Use port-sockets.h macros in cc_kcm, sendto_kdc - Resolves: #1631998 * Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-23 - Correct kpasswd_server description in krb5.conf(5) - Resolves: #1640272 * Mon Oct 15 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-22 - Prefer TCP to UDP for password changes - Resolves: #1637611 * Tue Oct 09 2018 Adam Williamson <awilliam@redhat.com> - 1.16.1-21 - Revert the patch from -20 for now as it seems to make FreeIPA worse * Tue Oct 02 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-20 - Fix bugs with concurrent use of MEMORY ccaches |
