Revisions of krb5
- update to version 1.11.3 - Fix a UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443] - Improve interoperability with some Windows native PKINIT clients. - install translation files - remove outdated configure options - update to version 1.11.3 - Fix a UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443] - Improve interoperability with some Windows native PKINIT clients. - install translation files - remove outdated configure options
- cleanup systemd files (remove syslog.target) - cleanup systemd files (remove syslog.target)
- let krb5-mini conflict with all main packages - add conflicts between krb5-mini and krb5-server - update to version 1.11.2 * Incremental propagation could erroneously act as if a slave's database were current after the slave received a full dump that failed to load. * gss_import_sec_context incorrectly set internal state that identifies whether an imported context is from an interposer mechanism or from the underlying mechanism. - upstream fix obsolete krb5-lookup_etypes-leak.patch - let krb5-mini conflict with all main packages - add conflicts between krb5-mini and krb5-server - update to version 1.11.2 * Incremental propagation could erroneously act as if a slave's database were current after the slave received a full dump that failed to load. * gss_import_sec_context incorrectly set internal state that identifies whether an imported context is from an interposer mechanism or from the underlying mechanism. - upstream fix obsolete krb5-lookup_etypes-leak.patch
- add conflicts between krb5-mini-devel and krb5-devel - add conflicts between krb5-mini and krb5 and krb5-client - enable selinux and set openssl as crypto implementation - fix path to executables in service files (bnc#810926) - update to version 1.11.1 * Improve ASN.1 support code, making it table-driven for decoding as well as encoding * Refactor parts of KDC * Documentation consolidation * build docs in the main package * bugfixing - changes of patches: * bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif: upstream * bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif: upstream * krb5-1.10-gcc47.patch: upstream * krb5-1.10-selinux-label.patch replaced by krb5-1.11-selinux-label.patch * krb5-1.10-spin-loop.patch: upstream * krb5-1.3.5-perlfix.dif: the tool was removed from upstream * krb5-1.8-pam.patch replaced by krb5-1.11-pam.patch - add conflicts between krb5-mini-devel and krb5-devel
- fix PKINIT null pointer deref in pkinit_check_kdc_pkid() CVE-2012-1016 (bnc#807556) bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif - fix PKINIT null pointer deref CVE-2013-1415 (bnc#806715) bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif - package missing file (bnc#794784) - revert the -p usage in %postun to fix SLE build - fix PKINIT null pointer deref in pkinit_check_kdc_pkid() CVE-2012-1016 (bnc#807556) bug-807556-CVE-2012-1016-fix-PKINIT-null-pointer-deref2.dif - fix PKINIT null pointer deref CVE-2013-1415 (bnc#806715) bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif
- package missing file (bnc#794784)
Adds fix for bnc#793336: fix spin-loop bug in k5_sendto_kdc. I'm bypassing the devel project because it currently has krb5-0.11 and we don't want to update to that version this late in the release cycle. So I'm submitting only this fix (cherry-picked from 0.11) hoping that it can be accepted for 12.3.
- buildrequire systemd by pkgconfig provide to get systemd-mini - revert the -p usage in %postun to fix SLE build - buildrequire systemd by pkgconfig provide to get systemd-mini (forwarded request 138418 from coolo)
(forwarded request 138156 from coolo)
- add systemd service files for kadmind, krb5kdc and kpropd - add sysconfig templates for kadmind and krb5kdc - add systemd service files for kadmind, krb5kdc and kpropd - add sysconfig templates for kadmind and krb5kdc
- Build depend on texinfo & texlive-dvips to fix the build (forwarded request 132421 from namtrac)
- fix %files section for krb5-mini (forwarded request 124805 from coolo)
- update to version 1.10.2 - fix gcc47 issues - update to version 1.10.2 obsolte patches: * krb5-1.7-nodeplibs.patch * krb5-1.9.1-ai_addrconfig.patch * krb5-1.9.1-ai_addrconfig2.patch * krb5-1.9.1-sendto_poll.patch * krb5-1.9-canonicalize-fallback.patch * krb5-1.9-paren.patch * krb5-klist_s.patch * krb5-pkinit-cms2.patch * krb5-trunk-chpw-err.patch * krb5-trunk-gss_delete_sec.patch * krb5-trunk-kadmin-oldproto.patch * krb5-1.9-MITKRB5-SA-2011-006.dif * krb5-1.9-gss_display_status-iakerb.patch * krb5-1.9.1-sendto_poll2.patch * krb5-1.9.1-sendto_poll3.patch * krb5-1.9-MITKRB5-SA-2011-007.dif - Fix an interop issue with Windows Server 2008 R2 Read-Only Domain Controllers. - Update a workaround for a glibc bug that would cause DNS PTR queries to occur even when rdns = false. - Fix a kadmind denial of service issue (null pointer dereference), which could only be triggered by an administrator with the "create" privilege. [CVE-2012-1013] - Fix access controls for KDB string attributes [CVE-2012-1012]
(forwarded request 107071 from StefanBruens)
Automatic submission by obs-autosubmit
add autoconf to buildrequires (forwarded request 97386 from coolo)
- fix KDC null pointer dereference in TGS handling (MITKRB5-SA-2011-007, bnc#730393) CVE-2011-1530 - fix KDC HA feature introduced with implementing KDC poll (RT#6951) - fix minor error messages for the IAKERB GSSAPI mechanism (see: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7020) - fix KDC null pointer dereference in TGS handling (MITKRB5-SA-2011-007, bnc#730393) CVE-2011-1530 - fix KDC HA feature introduced with implementing KDC poll (RT#6951, bnc#731648) - fix minor error messages for the IAKERB GSSAPI mechanism (see: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7020)
Displaying revisions 81 - 100 of 173