non port: security/krb5-118/distinfo |
Number of commits found: 7 |
Sunday, 25 Jun 2023
|
17:53 Cy Schubert (cy)
security/krb5-118: Remove expired MIT KRB5 1.18 port
0adf433 |
Monday, 14 Mar 2022
|
16:59 Cy Schubert (cy)
security/krb5-118: Update to 1.18.5
74f08e6 |
Monday, 26 Jul 2021
|
19:55 Cy Schubert (cy)
security/krb5-118: Update to 1.18.4
The announcement as follows:
The MIT Kerberos Team announces the availability of MIT Kerberos 5
Releases 1.19.2 and 1.18.4. Please see below for a list of some major
changes included, or consult the README file in the source tree for a
more detailed list of significant changes.
Retrieving krb5-1.19.2 and krb5-1.18.4
======================================
You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the
following URL:
https://kerberos.org/dist/
The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are:
https://web.mit.edu/kerberos/krb5-1.19/
https://web.mit.edu/kerberos/krb5-1.18/
Further information about Kerberos 5 may be found at the following
URL:
https://web.mit.edu/kerberos/
Triple-DES transition
=====================
Beginning with the krb5-1.19 release, a warning will be issued if
initial credentials are acquired using the des3-cbc-sha1 encryption
type. In future releases, this encryption type will be disabled by
default and eventually removed.
Beginning with the krb5-1.18 release, single-DES encryption types have
been removed.
Major changes in 1.19.2 and 1.18.4 (2021-07-22)
===============================================
These are bug fix releases.
* Fix a denial of service attack against the KDC encrypted challenge
code [CVE-2021-36222].
* Fix a memory leak when gss_inquire_cred() is called without a
credential handle.
MFH: 2021Q3
Security: CVE-2021-36222
2598c4e |
Wednesday, 18 Nov 2020
|
04:15 cy
Update 1.18.2 --> 1.18.3
|
Friday, 22 May 2020
|
23:59 cy
Update 1.18.1 --> 1.18.2
This is a bug fix release.
* Fix a SPNEGO regression where an acceptor using the default
credential would improperly filter mechanisms, causing a negotiation
failure.
* Fix a bug where the KDC would fail to issue tickets if the local
krbtgt principal's first key has a single-DES enctype.
* Add stub functions to allow old versions of OpenSSL libcrypto to
link against libkrb5.
* Fix a NegoEx bug where the client name and delegated credential
might not be reported.
|
Tuesday, 14 Apr 2020
|
19:42 cy
Update 1.18 --> 1.18.1
|
Wednesday, 19 Feb 2020
|
02:42 cy
Welcome the new KRB5 1.18 (krb5-118)
In addition, deprecate krb5-116 to retire one year after the release
of krb5-118: Feb 12, 2021.
Major changes in 1.18 (2020-02-12)
==================================
Administrator experience:
* Remove support for single-DES encryption types.
* Change the replay cache format to be more efficient and robust.
Replay cache filenames using the new format end with ".rcache2" by
default. (Only the first 15 lines of the commit message are shown above )
|
Number of commits found: 7 |