Nalin Dahyabhai
3a1e355f38
Update to 1.12 final
2013-12-11 10:52:40 -05:00
Nalin Dahyabhai
93ae18a6c5
Whoops, grab the beta 2 PDFs
2013-12-02 11:58:32 -05:00
Nalin Dahyabhai
f002059e62
Update to 1.12 beta2
...
- drop obsolete backports for storing KDC time offsets and expiration times
in keyring credential caches
2013-12-02 11:47:40 -05:00
Nalin Dahyabhai
88c0c528bd
Update to 1.12 beta
2013-11-19 18:08:43 -05:00
Nalin Dahyabhai
3c08a1616e
BuildRequire: pkgconfig and package pkgconfig data
2013-11-19 17:40:02 -05:00
Nalin Dahyabhai
f8f559ef32
Drop backports for RT#7656 and RT#7657
2013-11-19 17:39:59 -05:00
Nalin Dahyabhai
447ee6c9e6
Update for 1.12's removal of krb5_xfree()
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
f619caa9c9
Drop OTP backport
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
7448cea67e
Untweak for 1.11.3
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
00cf6df3e6
Drop backport for RT#7590 and partial for RT#7680
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
19bc209a19
Drop backport for RT#7709
2013-11-19 17:38:54 -05:00
Nalin Dahyabhai
13b2f96a29
Drop backports for RT#7682
2013-11-19 17:38:46 -05:00
Nalin Dahyabhai
0b296b8b04
Drop obsolete patches to skip GSSRPC-over-UDP test
...
- drop patches from master to not test GSSRPC-over-UDP and to not
depend on the portmapper, which are areas where our build systems
often give us trouble, too; obsolete
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
25fe69d885
Drop backport for RT#7643
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
a2e5f1f872
Drop backport for RT#7642
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
9e1d45535e
Drop backport for RT#7172
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
bd8c46afd2
Drop backport for RT#7598
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
286168174b
Drop patch to teach config.* about aarch64-linux
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
11656c4fe0
Drop obsolete patch fixing a test use-before-init
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
9c8c2d53ba
Update for 1.12
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
d2ea586766
Update for 1.12
2013-11-19 17:32:19 -05:00
Nalin Dahyabhai
f618776e18
Update for 1.12
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
d175d043f1
Update for 1.12
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
daca172770
Update patch for 1.12
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
15dceb5da6
Drop backport for RT#7689
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
b1f558a0f5
Drop backported patch
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
8a39d5ff72
Start rebasing to 1.12 alpha1
2013-11-19 17:32:18 -05:00
Nalin Dahyabhai
a77ee55771
Pull in keyring expiration from RT#7769
...
- pull in fix to set expiration times on keyrings used for storing keyring
credential caches (RT#7769, #1031724 )
2013-11-18 18:02:20 -05:00
Nalin Dahyabhai
81715b1776
Pull in keyring offset storage from RT#7768
...
- pull in fix to store KDC time offsets in keyring credential caches
(RT#7768, #1030607 )
2013-11-18 17:14:07 -05:00
Nalin Dahyabhai
dee7ae00a4
Note where CVE-2013-6800 was fixed
...
CVE-2013-6800 appears to be fixed by the same patch that fixes
CVE-2013-1418, so mention the first in changelog entries that refer to
the second.
2013-11-18 16:24:33 -05:00
Nalin Dahyabhai
596d52ef7e
Whoops, include the new sources, too
2013-11-12 16:45:41 -05:00
Nalin Dahyabhai
cac86c9df2
Bump the release to 1
2013-11-12 16:32:02 -05:00
Nalin Dahyabhai
8f876bbbeb
Drop patch for CVE-2013-1418, included in 1.11.4
2013-11-12 16:25:26 -05:00
Nalin Dahyabhai
1f02b0bc49
Drop patch for RT#7706, obsoleted as RT#7723
2013-11-12 16:23:38 -05:00
Nalin Dahyabhai
0c6ad14521
Drop patch for RT#7650, included in 1.11.4
2013-11-12 16:20:49 -05:00
Nalin Dahyabhai
2b359c527a
Start updating to 1.11.4
2013-11-12 16:20:31 -05:00
Nalin Dahyabhai
b3399eb8fb
Switch to the upstream patch for #1029110
...
Switch to the simplified version of the patch for #1029110 that ended up
being committed upstream (RT#7764).
2013-11-12 13:20:50 -05:00
Nalin Dahyabhai
11d14a1e7c
Fix a typo in a changelog entry
2013-11-11 14:34:29 -05:00
Nalin Dahyabhai
49c8edfa6b
Catch more strtol() failures when using KEYRINGs
...
- check more thorougly for errors when resolving KEYRING ccache names of type
"persistent", which should only have a numeric UID as the next part of the
name (#1029110 )
2013-11-11 14:11:29 -05:00
Nalin Dahyabhai
bfdc4351bf
Point to the RT for the patch for the right branch
2013-11-05 13:43:32 -05:00
Nalin Dahyabhai
ed5a4a1ffb
Switch to 1.11 backport of the CVE-2013-1418 patch
2013-11-04 16:11:59 -05:00
Nalin Dahyabhai
a244d8f93c
Incorporate patch for RT#7755 (CVE-2013-1418)
...
- incorporate upstream patch for remote crash of KDCs which serve multiple
realms simultaneously (RT#7755, CVE-2013-1418)
2013-11-04 16:11:59 -05:00
Nalin Dahyabhai
a00c810e4e
Drop call-access()-more patch for ksu
...
- drop patch to add additional access() checks to ksu - they add to breakage
when non-FILE: caches are in use (#1026099 ), shouldn't be resulting in any
benefit, and clash with proposed changes to fix its cache handling
2013-11-04 10:26:41 -05:00
Nalin Dahyabhai
433fcb1772
Expand on comments in the daemon wrapper scripts
...
- add some minimal description to the top of the wrapper scripts we use
when starting krb5kdc and kadmind to describe why they exist (tooling)
2013-10-22 17:48:49 -04:00
Nalin Dahyabhai
31e8e33c43
Create and own /etc/gss ( #1019937 )
2013-10-16 18:12:24 -04:00
Nalin Dahyabhai
16e749771f
Pull up fix for reimporting ccaches in gssapi
...
- pull up fix for importing previously-exported credential caches in the
gssapi library (RT# 7706, #1019420 )
2013-10-15 14:40:24 -04:00
Nalin Dahyabhai
84fe7d69da
Finish fixing the don't-call-NULL-prompters bug
...
- extract the rest of the fix #965721/#1016690 from the changes for RT#7680
2013-10-14 14:07:56 -04:00
Nalin Dahyabhai
822059250e
Use the prompter callback for PEM files
...
- backport the callback to use the libkrb5 prompter when we can't load
PEM files for PKINIT (RT#7590, includes part of #965721/#1016690)
2013-10-14 14:07:19 -04:00
Nalin Dahyabhai
37f8b28f7d
fix trigger's invocation of sed ( #1016945 )
...
- fix trigger scriptlet's invocation of sed (#1016945 )
2013-10-14 12:42:56 -04:00
Nalin Dahyabhai
52b6b401df
- rebuild with keyutils 1.5.8 (part of #1012043 )
...
Rebuild against a keyutils which tags the new symbols we're using with a
newer symbol version, so that RPM can tell the difference between
versions of the package which contain a shared library that doesn't
include them and versions of the package which contain a shared library
which does.
2013-10-04 09:47:38 -04:00