Revisions of krb5
Stephan Kulow (coolo)
accepted
request 180770
from
Michael Calmer (mcalmer)
(revision 94)
- install and enable systemd service files also in -mini package - remove fstack-protector-all from CFLAGS, just use the lighter/fast version already present in %optflags - Use LFS_CFLAGS to build in 32 bit archs. - install and enable systemd service files also in -mini package - remove fstack-protector-all from CFLAGS, just use the lighter/fast version already present in %optflags - Use LFS_CFLAGS to build in 32 bit archs.
Stephan Kulow (coolo)
accepted
request 178349
from
Michael Calmer (mcalmer)
(revision 93)
- update to version 1.11.3 - Fix a UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443] - Improve interoperability with some Windows native PKINIT clients. - install translation files - remove outdated configure options - update to version 1.11.3 - Fix a UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443] - Improve interoperability with some Windows native PKINIT clients. - install translation files - remove outdated configure options
Stephan Kulow (coolo)
accepted
request 176881
from
Michael Calmer (mcalmer)
(revision 92)
- cleanup systemd files (remove syslog.target) - cleanup systemd files (remove syslog.target)
Stephan Kulow (coolo)
accepted
request 174393
from
Michael Calmer (mcalmer)
(revision 91)
- let krb5-mini conflict with all main packages - add conflicts between krb5-mini and krb5-server - update to version 1.11.2 * Incremental propagation could erroneously act as if a slave's database were current after the slave received a full dump that failed to load. * gss_import_sec_context incorrectly set internal state that identifies whether an imported context is from an interposer mechanism or from the underlying mechanism. - upstream fix obsolete krb5-lookup_etypes-leak.patch - let krb5-mini conflict with all main packages - add conflicts between krb5-mini and krb5-server - update to version 1.11.2 * Incremental propagation could erroneously act as if a slave's database were current after the slave received a full dump that failed to load. * gss_import_sec_context incorrectly set internal state that identifies whether an imported context is from an interposer mechanism or from the underlying mechanism. - upstream fix obsolete krb5-lookup_etypes-leak.patch
Stephan Kulow (coolo)
accepted
request 162619
from
Michael Calmer (mcalmer)
(revision 90)
- add conflicts between krb5-mini-devel and krb5-devel - add conflicts between krb5-mini and krb5 and krb5-client - enable selinux and set openssl as crypto implementation - fix path to executables in service files (bnc#810926) - update to version 1.11.1 * Improve ASN.1 support code, making it table-driven for decoding as well as encoding * Refactor parts of KDC * Documentation consolidation * build docs in the main package * bugfixing - changes of patches: * bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif: upstream * bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif: upstream * krb5-1.10-gcc47.patch: upstream * krb5-1.10-selinux-label.patch replaced by krb5-1.11-selinux-label.patch * krb5-1.10-spin-loop.patch: upstream * krb5-1.3.5-perlfix.dif: the tool was removed from upstream * krb5-1.8-pam.patch replaced by krb5-1.11-pam.patch - add conflicts between krb5-mini-devel and krb5-devel
Stephan Kulow (coolo)
accepted
request 157530
from
Michael Calmer (mcalmer)
(revision 89)
- fix PKINIT null pointer deref in pkinit_check_kdc_pkid() CVE-2012-1016 (bnc#807556) bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif - fix PKINIT null pointer deref CVE-2013-1415 (bnc#806715) bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif - package missing file (bnc#794784) - revert the -p usage in %postun to fix SLE build - fix PKINIT null pointer deref in pkinit_check_kdc_pkid() CVE-2012-1016 (bnc#807556) bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif - fix PKINIT null pointer deref CVE-2013-1415 (bnc#806715) bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif
Stephan Kulow (coolo)
accepted
request 149946
from
Michael Calmer (mcalmer)
(revision 88)
- package missing file (bnc#794784)
Adrian Schröter (adrianSuSE)
committed
(revision 87)
Split 12.3 from Factory
Stephan Kulow (coolo)
accepted
request 149586
from
Leonardo Chiquitto (leonardocf)
(revision 86)
Adds fix for bnc#793336: fix spin-loop bug in k5_sendto_kdc. I'm bypassing the devel project because it currently has krb5-0.11 and we don't want to update to that version this late in the release cycle. So I'm submitting only this fix (cherry-picked from 0.11) hoping that it can be accepted for 12.3.
Stephan Kulow (coolo)
accepted
request 138455
from
Michael Calmer (mcalmer)
(revision 85)
- buildrequire systemd by pkgconfig provide to get systemd-mini - revert the -p usage in %postun to fix SLE build - buildrequire systemd by pkgconfig provide to get systemd-mini (forwarded request 138418 from coolo)
Stephan Kulow (coolo)
accepted
request 138198
from
Marcus Meissner (msmeissn)
(revision 84)
(forwarded request 138156 from coolo)
Stephan Kulow (coolo)
accepted
request 137261
from
Michael Calmer (mcalmer)
(revision 83)
- add systemd service files for kadmind, krb5kdc and kpropd - add sysconfig templates for kadmind and krb5kdc - add systemd service files for kadmind, krb5kdc and kpropd - add sysconfig templates for kadmind and krb5kdc
Ismail Dönmez (namtrac)
accepted
request 132422
from
Michael Calmer (mcalmer)
(revision 82)
- Build depend on texinfo & texlive-dvips to fix the build (forwarded request 132421 from namtrac)
Adrian Schröter (adrianSuSE)
committed
(revision 81)
branched from openSUSE:Factory
Stephan Kulow (coolo)
accepted
request 124808
from
Michael Calmer (mcalmer)
(revision 80)
- fix %files section for krb5-mini (forwarded request 124805 from coolo)
Stephan Kulow (coolo)
accepted
request 124061
from
Michael Calmer (mcalmer)
(revision 79)
- update to version 1.10.2 - fix gcc47 issues - update to version 1.10.2 obsolte patches: * krb5-1.7-nodeplibs.patch * krb5-1.9.1-ai_addrconfig.patch * krb5-1.9.1-ai_addrconfig2.patch * krb5-1.9.1-sendto_poll.patch * krb5-1.9-canonicalize-fallback.patch * krb5-1.9-paren.patch * krb5-klist_s.patch * krb5-pkinit-cms2.patch * krb5-trunk-chpw-err.patch * krb5-trunk-gss_delete_sec.patch * krb5-trunk-kadmin-oldproto.patch * krb5-1.9-MITKRB5-SA-2011-006.dif * krb5-1.9-gss_display_status-iakerb.patch * krb5-1.9.1-sendto_poll2.patch * krb5-1.9.1-sendto_poll3.patch * krb5-1.9-MITKRB5-SA-2011-007.dif - Fix an interop issue with Windows Server 2008 R2 Read-Only Domain Controllers. - Update a workaround for a glibc bug that would cause DNS PTR queries to occur even when rdns = false. - Fix a kadmind denial of service issue (null pointer dereference), which could only be triggered by an administrator with the "create" privilege. [CVE-2012-1013] - Fix access controls for KDB string attributes [CVE-2012-1012]
Stephan Kulow (coolo)
accepted
request 107333
from
Marcus Meissner (msmeissn)
(revision 78)
(forwarded request 107071 from StefanBruens)
Stephan Kulow (coolo)
accepted
request 104047
from
Factory Maintainer (factory-maintainer)
(revision 77)
Automatic submission by obs-autosubmit
Stephan Kulow (coolo)
accepted
request 98193
from
Stephan Kulow (coolo)
(revision 76)
add autoconf to buildrequires (forwarded request 97386 from coolo)
Stephan Kulow (coolo)
accepted
request 95686
from
Michael Calmer (mcalmer)
(revision 75)
- fix KDC null pointer dereference in TGS handling (MITKRB5-SA-2011-007, bnc#730393) CVE-2011-1530 - fix KDC HA feature introduced with implementing KDC poll (RT#6951) - fix minor error messages for the IAKERB GSSAPI mechanism (see: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7020) - fix KDC null pointer dereference in TGS handling (MITKRB5-SA-2011-007, bnc#730393) CVE-2011-1530 - fix KDC HA feature introduced with implementing KDC poll (RT#6951, bnc#731648) - fix minor error messages for the IAKERB GSSAPI mechanism (see: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7020)
Displaying revisions 81 - 100 of 174