Information for build krb5-1.18.2-31.fc33
ID | 196224 | |||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Package Name | krb5 | |||||||||||||||||||||||||||||||||||
Version | 1.18.2 | |||||||||||||||||||||||||||||||||||
Release | 31.fc33 | |||||||||||||||||||||||||||||||||||
Epoch | ||||||||||||||||||||||||||||||||||||
Source | git+https://src.fedoraproject.org/rpms/krb5.git#cf0e41d50a9c44069de13deb42e7a9138fe3b607 | |||||||||||||||||||||||||||||||||||
Summary | The Kerberos network authentication system | |||||||||||||||||||||||||||||||||||
Description | Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. | |||||||||||||||||||||||||||||||||||
Built by | davidlt | |||||||||||||||||||||||||||||||||||
State | complete | |||||||||||||||||||||||||||||||||||
Volume | DEFAULT | |||||||||||||||||||||||||||||||||||
Started | Tue, 07 Jun 2022 18:13:35 UTC | |||||||||||||||||||||||||||||||||||
Completed | Tue, 07 Jun 2022 19:58:35 UTC | |||||||||||||||||||||||||||||||||||
Task | build (f33, /rpms/krb5.git:cf0e41d50a9c44069de13deb42e7a9138fe3b607) | |||||||||||||||||||||||||||||||||||
Extra | {'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/krb5.git#cf0e41d50a9c44069de13deb42e7a9138fe3b607'}} | |||||||||||||||||||||||||||||||||||
Tags |
|
|||||||||||||||||||||||||||||||||||
RPMs |
|
|||||||||||||||||||||||||||||||||||
Logs |
|
|||||||||||||||||||||||||||||||||||
Changelog | * Thu Aug 19 2021 Robbie Harwood <rharwood@redhat.com> - 1.18.2-31 - Fix KDC null deref on TGS inner body null server (CVE-2021-37750) * Mon Jul 12 2021 Robbie Harwood <rharwood@redhat.com> - 1.18.2-30 - Fix KDC null deref on bad encrypted challenge (CVE-2021-36222) * Thu Nov 05 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-29 - Add recursion limit for ASN.1 indefinite lengths (CVE-2020-28196) * Fri Oct 23 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-28 - Fix minor static analysis defects * Wed Oct 21 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-27 - Fix build of previous * Wed Oct 21 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-26 - Cross-realm s4u fixes for samba (#1836630) * Thu Oct 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-25 - Unify kvno option documentation * Fri Oct 02 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-24 - Add md5 override to krad * Thu Sep 10 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-23 - Use `systemctl reload` to HUP the KDC during logrotate - Resolves: #1877692 * Wed Sep 09 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-22 - Fix input length checking in SPNEGO DER decoding * Fri Aug 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-21 - Mark crypto-polices snippet as missingok - Resolves: #1868379 * Thu Aug 13 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-20 - Temporarily dns_canonicalize_hostname=fallback changes - Hopefully unbreak IPA while we debug further * Fri Aug 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-19 - Expand dns_canonicalize_hostname=fallback support * Tue Aug 04 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-18 - Fix leak in KERB_AP_OPTIONS_CBT server support * Mon Aug 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-17 - Revert qualify_shortname removal * Mon Aug 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-16 - Disable tests on s390x - Resolves: #1863952 * Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.18.2-15 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Fri Jul 31 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-14 - Revert qualify_shortname changes * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.18.2-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-12 - Ignore bad enctypes in krb5_string_to_keysalts() - Allow gss_unwrap_iov() of unpadded RC4 tokens * Wed Jul 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-11 - Ignore bad enctypes in krb5_string_to_keysalts() * Wed Jul 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-10 - Set qualify_shortname empty in default configuration - Resolves: #1852041 * Mon Jun 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-9 - Use two queues for concurrent t_otp.py daemons * Mon Jun 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-8 - Match Heimdal behavior for channel bindings * Mon Jun 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-7 - Fix test suite by removing wrapper workarounds * Mon Jun 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-6 - Omit PA_FOR_USER if we can't compute its checksum * Sat May 30 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-5 - Replace gssrpc tests with a Python script * Sat May 30 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-4 - Default dns_canonicalize_hostname to "fallback" * Tue May 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-3 - dns_canonicalize_hostname = fallback * Tue May 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-2 - Pass channel bindings through SPNEGO * Fri May 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-1 - New upstream release (1.18.2) * Fri May 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-6 - Fix SPNEGO acceptor mech filtering * Mon May 18 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-5 - Fix typo ("in in") in the ksu man page * Fri May 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-4 - Omit KDC indicator check for S4U2Self requests * Tue Apr 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-3 - Pass gss_localname() through SPNEGO * Tue Apr 14 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-1.1 - Drop yasm requirement since we don't use builtin crypto * Tue Apr 14 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-1 - New upstream version (1.18.1) * Tue Apr 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-12 - Make ksu honor KRB5CCNAME again * Thu Apr 02 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-11 - Do expiration warnings for all init_creds APIs * Wed Apr 01 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-10 - Correctly import "service@" GSS host-based name * Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-9 - Eliminate redundant PKINIT responder invocation * Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-8 - Add finalization safety check to com_err * Fri Mar 20 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-7 - Add maximum openssl version in preparation for openssl 3 * Tue Mar 17 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-6 - Document client keytab usage * Tue Mar 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-5 - Refresh manually acquired creds from client keytab * Fri Feb 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-4 - Allow deletion of require_auth with LDAP KDB * Thu Feb 27 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-3 - Allow certauth modules to set hw-authent flag * Fri Feb 21 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-2 - Fix AS-REQ checking of KDB-modified indicators * Wed Feb 12 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-1 - New upstream version (1.18) * Fri Feb 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.3 - Don't assume OpenSSL failures are memory errors * Thu Feb 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.2 - Put KDB authdata first * Fri Jan 31 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.1 - New upstream beta release - 1.18-beta2 - Adjust naming convention for downstream patches * Fri Jan 10 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta1.1 - New upstream beta release - 1.18-beta1 * Wed Jan 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-5 - Fix LDAP policy enforcement of pw_expiration - Fix handling of invalid CAMMAC service verifier * Mon Jan 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-4 - Fix xdr_bytes() strict-aliasing violations * Fri Jan 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-3 - Don't warn in kadmin when no policy is specified - Do not always canonicalize enterprise principals * Fri Dec 13 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-2 - Enable the LMDB backend for the KDB * Thu Dec 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-1 - New upstream version - 1.17.1 - Stop building and packaging PDFs * Fri Dec 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-54 - Qualify short hostnames when not using DNS * Wed Nov 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-53 - Various gssalloc fixes * Thu Nov 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-52 - Turns out openssl has an epoch * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-51 - Fix runtime openssl version to actually propogate * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-50 - Add runtime openssl version requirement too * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-49 - Fix kadmin addprinc -randkey -kvno * Tue Nov 19 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-48 - Use OpenSSL's backported KDFs - Restore MD4 in FIPS mode (for samba) * Fri Nov 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-47 - Add default_principal_flags to example kdc.conf * Wed Oct 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-46 - Log unknown enctypes as unsupported in KDC * Wed Sep 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-45 - Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) * Thu Sep 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-44 - Static analyzer appeasement * Tue Aug 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-43 - Simplify krb5_dbe_def_search_enctype() * Thu Aug 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-42 - Update FIPS patches to remove SPAKE |