Julien Rische
f5676fd233
New upstream version (1.21.2)
...
- Fix double-free in KDC TGS processing (CVE-2023-39975)
Resolves: rhbz#2229113
- Make tests compatible with Python 3.12
Resolves: rhbz#2224013
Signed-off-by: Julien Rische <jrische@redhat.com>
2023-08-16 11:30:37 +02:00
Julien Rische
0b340d0ef3
New upstream version (1.21)
...
Do not disable PKINIT if some of the well-known DH groups are unavailable
Resolves: rhbz#2214297
Make PKINIT CMS SHA-1 signature verification available in FIPS mode
Resolves: rhbz#2214300
Allow to set PAC ticket signature as optional
Resolves: rhbz#2181311
Add support for MS-PAC extended KDC signature (CVE-2022-37967)
Resolves: rhbz#2166001
Fix syntax error in aclocal.m4
Resolves: rhbz#2143306
Signed-off-by: Julien Rische <jrische@redhat.com>
2023-06-12 17:29:15 +02:00
Julien Rische
56cee506e7
New upstream version (1.20.1)
...
Also set "supportedCMSTypes" to SHA-512/256 with RSA encryption
Resolves: rhbz#2124463
Resolves: rhbz#2114766
Signed-off-by: Julien Rische <jrische@redhat.com>
2022-11-24 11:35:10 +01:00
Robbie Harwood
03e8c69837
Add sources
2021-07-26 14:50:12 -04:00
Robbie Harwood
ab3f34f0e7
... including the sources this time
2021-02-18 16:52:28 -05:00
Robbie Harwood
d5839d0511
New upstream version (1.19)
2021-02-02 15:32:32 +00:00
Robbie Harwood
9fb5239517
New upstream version (1.19-beta2)
2021-01-12 12:45:35 -05:00
Robbie Harwood
0da55d6175
New upstream version (1.19-beta1)
2020-12-16 16:30:40 -05:00
Robbie Harwood
5facc9df4d
New upstream version (1.18.3)
2020-11-18 18:16:20 +00:00
Robbie Harwood
102adf5edf
New upstream release (1.18.2)
2020-05-22 14:26:04 -04:00
Robbie Harwood
46d8c677ae
It usually helps if I commit the sources file
2020-04-14 15:50:03 -04:00
Robbie Harwood
f287f939a9
New upstream version (1.18)
2020-02-12 22:29:13 +00:00
Robbie Harwood
8fb4697062
New upstream beta release - 1.18-beta2
...
Adjust naming convention for downstream patches
2020-01-31 20:31:53 +00:00
Robbie Harwood
7f642b1512
New upstream beta release - 1.18-beta1
2020-01-13 18:19:19 -05:00
Robbie Harwood
9d642021d7
New upstream version - 1.17.1
...
Stop building and packaging PDFs
2019-12-12 18:42:51 +00:00
Robbie Harwood
658f28f754
New upstream version (1.17)
2019-01-08 19:15:01 +00:00
Robbie Harwood
8968aa45c7
Restore pdfs source file
...
Resolves : #1659716
2018-12-17 20:39:53 +00:00
Robbie Harwood
59f64bf750
New upstream release (1.17-beta2)
...
Drop pdfs source file
2018-12-06 18:31:06 +00:00
Robbie Harwood
f745542b78
New upstream beta release (1.17-beta1)
2018-11-01 20:07:33 +00:00
Robbie Harwood
88ba66fe53
New upstream release - 1.16.1
2018-05-04 14:59:45 +00:00
Robbie Harwood
9869daa1e8
New upstream release (1.16)
...
- No changes from beta2
- Add spec file support for COPR
2017-12-06 18:07:52 +00:00
Robbie Harwood
6f4f842e5f
New upstream prerelease (1.16-beta2)
2017-11-27 22:15:31 +00:00
Robbie Harwood
533a73fdd1
New upstream prerelease (1.16-beta1)
2017-10-05 20:29:13 +00:00
Robbie Harwood
f1e535bb81
New upstream release - krb5-1.15.2
...
Adjust patches as appropriate
2017-09-25 19:24:33 +00:00
Robbie Harwood
2a20da0e2a
New upstream release - 1.15.1
2017-03-04 00:34:47 +00:00
Robbie Harwood
be80cb9861
New upstream release
2016-12-05 20:52:58 +00:00
Robbie Harwood
c3f7090334
New upstream release
2016-11-16 21:22:01 +00:00
Robbie Harwood
821dac42ed
Upstream release 1.15-beta1
...
Also update selinux with RHEL hygene.
Resolves : #1314096
2016-10-20 23:34:55 +00:00
Robbie Harwood
14f028579d
New upstream release and integrate with external git
2016-09-19 23:49:31 +00:00
Robbie Harwood
482c8e1687
New upstream version 1.14.3
2016-08-01 20:44:35 +00:00
Robbie Harwood
f1cb770b53
New rawhide, new upstream version
...
- Drop CVE patches
- Rename fix_interposer.patch to acquire_cred_interposer.patch
- Update acquire_cred_interposer.patch to apply to new source
2016-02-29 23:45:38 +00:00
Robbie Harwood (frozencemetery)
89ae1a3c67
Upstream release. No actual change from beta, just version bump
...
Also clean up unused parts of spec file.
2015-11-23 22:56:02 +00:00
Robbie Harwood (frozencemetery)
806928902d
Release 1.14-beta2
2015-11-16 18:11:20 +00:00
Robbie Harwood (frozencemetery)
98128c4038
New upstream beta version
2015-10-15 20:51:57 +00:00
Robbie Harwood (frozencemetery)
a89bdde4da
Revert "New upstream version: krb5-1.14-alpha1"
...
This reverts commit 1138991893
.
2015-10-01 18:33:34 +00:00
Robbie Harwood (frozencemetery)
1138991893
New upstream version: krb5-1.14-alpha1
...
Drop patches that have since been applied. Create new patches as
needed.
2015-09-24 17:57:53 +00:00
Robbie Harwood (frozencemetery)
a328acab1b
Drop dependency on pax&ksh and remove support for fedora < 20
2015-09-23 18:42:40 +00:00
Roland Mainz
580aefb618
* Thu Jun 25 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-6
...
- Use system nss_wrapper and socket_wrapper for testing.
Patch by Andreas Schneider <asn@redhat.com>
2015-06-26 02:47:13 +02:00
Roland Mainz
3ae7a21305
* Thu May 14 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-0
...
- Update to krb5-1.13.2
- drop patch for krb5-1.13.2-CVE_2015_2694_requires_preauth_bypass_in_PKINIT_enabled_KDC, fixed in krb5-1.13.2
- drop patch for krb5-1.12.1-CVE_2014_5355_fix_krb5_read_message_handling, fixed in krb5-1.13.2
- Add script processing for upcoming Zanata l10n support
- Minor spec cleanup
2015-05-15 01:02:21 +02:00
Roland Mainz
2a8abfedf0
* Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1
...
- Update to krb5-1.13.1
- drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1
- drop patch for kinit -C loops (MIT/krb5 bug #243 ), fixed in krb5-1.13.1
- drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1
- Minor spec cleanup
2015-02-13 18:07:12 +01:00
Roland Mainz
e1dbd4ed12
* Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1
...
- Update to krb5-1.13.1
- drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1
- drop patch for kinit -C loops (MIT/krb5 bug #243 ), fixed in krb5-1.13.1
- drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1
- Minor spec cleanup
2015-02-13 17:58:34 +01:00
Roland Mainz
6a0c01a783
* Wed Oct 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0
...
- Update from krb5-1.13-alpha1 to final krb5-1.13
- Removed patch for CVE-2014-5351 (#1145425 ) "krb5: current
keys returned when randomizing the keys for a service principal" -
now part of upstream sources
- Use patch for glibc |eventfd()| prototype mismatch (#1147887 ) only
for Fedora > 20
2014-10-29 21:48:06 +01:00
Nalin Dahyabhai
8563ebea46
Updating to 1.13 alpha1
2014-08-22 16:14:20 -04:00
Nalin Dahyabhai
f3d3f13006
Upload 1.12.2 sources
2014-08-15 15:20:08 -04:00
Nalin Dahyabhai
419c14d6ac
Pull from the right wrapper branches
...
... and add our local patch to fix the bind-then-connect case.
2014-02-04 15:31:21 -05:00
Nalin Dahyabhai
956ccfdfb4
refresh nss_wrapper, add socket_wrapper
2014-01-31 16:56:05 -05:00
Nalin Dahyabhai
ca47c3ce74
Finish updating to 1.12.1
2014-01-17 11:08:51 -05:00
Nalin Dahyabhai
3a1e355f38
Update to 1.12 final
2013-12-11 10:52:40 -05:00
Nalin Dahyabhai
f002059e62
Update to 1.12 beta2
...
- drop obsolete backports for storing KDC time offsets and expiration times
in keyring credential caches
2013-12-02 11:47:40 -05:00
Nalin Dahyabhai
88c0c528bd
Update to 1.12 beta
2013-11-19 18:08:43 -05:00