Commit Graph

254 Commits

Author SHA1 Message Date
Nalin Dahyabhai
471b4b51f3 - add patch to correct unauthorized access via krb5-aware telnet daemon
(#229782, CVE-2007-0956)
- add patch to fix buffer overflow in krb5kdc and kadmind (#231528,
    CVE-2007-0957)
- add patch to fix double-free in kadmind (#231537, CVE-2007-1216)
2007-04-03 18:46:41 +00:00
Nalin Dahyabhai
598e71ffbc - add a couple of ldap-specific data files as documentation, so that admins
have the needed schema for their directory servers
2007-04-03 18:43:05 +00:00
Nalin Dahyabhai
aece600301 whoops, that won't work - can't do core -> extras deps 2007-03-22 20:17:58 +00:00
Nalin Dahyabhai
5c8daeafa2 - add buildrequires: on keyutils-libs-devel to enable use of keyring
ccaches, dragging keyutils-libs in as a dependency for everyone
2007-03-22 19:37:26 +00:00
Nalin Dahyabhai
da1eb7f057 - add patch to build semi-useful static libraries, but don't apply it
unless we need them
2007-02-28 20:35:53 +00:00
Nalin Dahyabhai
4aefd50874 - make profile.d scriptlets mode 644 instead of 755 (#225974) 2007-02-19 21:28:07 +00:00
Nalin Dahyabhai
3299c4b519 mock says "no resolv.conf for you!" 2007-01-30 21:21:21 +00:00
Nalin Dahyabhai
cb68887273 - clean up quoting of command-line arguments passed to the krsh/krlogin
wrapper scripts
2007-01-30 21:01:21 +00:00
Nalin Dahyabhai
6e6adec726 - initial update to 1.6, making the package-split optional
- move workstation daemons to a new subpackage (#81836, #216356, #217301),
    and make the new subpackage require xinetd (#211885)
We don't get static libraries any more. Holding off on build until
    verification that this doesn't kill other things, or until we get them
    building in a semi-useful way.
2007-01-23 22:14:15 +00:00
Nalin Dahyabhai
160a188e65 - merge back changes made between fc6 and rawhide to date
- somewhere in here we fixed the spelling of James's last name
2007-01-22 21:27:49 +00:00
Nalin Dahyabhai
f3820b972d - preserve timestamps on profile.d shell scriptlets
- first cut at making RPM scriptlets failproof for install-info
- pull up pre-generated PDF docs so that we don't have multiarch
    differences due to document IDs, timestamps, and compressed data,
- pull up the script to make sure that the PDF matches its source to guard
    against the package maintainer forgetting to update when we move to a
    new release
2007-01-22 21:23:54 +00:00
Nalin Dahyabhai
a9e6df4ffc - apply fixes from Tom Yu for MITKRB5-SA-2006-002 (CVE-2006-6143) (#218456)
- apply fixes from Tom Yu for MITKRB5-SA-2006-003 (CVE-2006-6144) (#218456)
    Related: #218456
2007-01-09 19:31:40 +00:00
Nalin Dahyabhai
3ffdc43878 - don't bail from the KDC init script if there's no database, it may be in
a different location than the default (fenlason)
- remove the [kdc] section from the default krb5.conf -- doesn't seem to
    have been applicable for a while
2006-10-23 20:23:05 +00:00
Nalin Dahyabhai
54faf41556 add newlines after new errors 2006-10-18 21:36:40 +00:00
Nalin Dahyabhai
74169f4b3c - way-late application of added error info in kadmind.init (#65853) 2006-10-18 16:02:47 +00:00
Nalin Dahyabhai
acad7e7e15 call autoheader when needed 2006-10-13 21:23:35 +00:00
Nalin Dahyabhai
0b70aa4de2 - provide docs in PDF format instead of as tex source (Enrico Scholz,
#209943)
2006-10-09 16:38:39 +00:00
Nalin Dahyabhai
6f6f8aff91 - add missing shebang headers to krsh and krlogin wrapper scripts (#209238) 2006-10-04 14:16:41 +00:00
Nalin Dahyabhai
ee98daaf74 actually bump the release 2006-09-06 20:28:20 +00:00
Nalin Dahyabhai
2ad1703afb set SS_LIB at configure-time so that libss-using apps get working readline
support (#197044)
2006-09-06 20:28:01 +00:00
Nalin Dahyabhai
d859fd0556 - switch to the updated patch for MITKRB-SA-2006-001 2006-08-18 16:50:54 +00:00
Nalin Dahyabhai
2bc5a13d2a - apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084) 2006-08-08 22:43:10 +00:00
Nalin Dahyabhai
8c4df25456 - ensure that the gssapi library's been initialized before walking the
internal mechanism list in gss_release_oid(), needed if called from
    gss_release_name() right after a gss_import_name() (#198092)
2006-08-07 17:52:52 +00:00
Nalin Dahyabhai
92a65fb1b1 rebuild 2006-07-25 17:55:38 +00:00
Nalin Dahyabhai
30f6a9b1cb - pull up latest revision of patch to reduce lockups in rsh/rshd 2006-07-25 15:52:36 +00:00
Nalin Dahyabhai
ece8aeb4c7 rebuild 2006-07-17 14:36:02 +00:00
Jesse Keating
12232351f7 bumped for rebuild 2006-07-12 06:43:08 +00:00
Nalin Dahyabhai
574f4b1c31 finally think all the ducks are lined up 2006-07-06 21:25:26 +00:00
Nalin Dahyabhai
28c66f7806 - update to 1.5 2006-07-06 15:56:38 +00:00
Nalin Dahyabhai
2802804a49 actually bump the release number 2006-06-23 15:51:41 +00:00
Nalin Dahyabhai
b6fc39f13d - mark profile.d config files noreplace (Laurent Rineau, #196447) 2006-06-23 15:49:20 +00:00
Nalin Dahyabhai
a230e5aaed - add buildprereq for autoconf 2006-06-08 21:42:52 +00:00
Nalin Dahyabhai
a7215484dc - further munge krb5-config so that 'libdir=/usr/lib' is given even on
64-bit architectures, to avoid multilib conflicts; other changes will
    conspire to strip out the -L flag which uses this, so it should be
    harmless (#192692)
2006-05-22 23:04:06 +00:00
Nalin Dahyabhai
b3724c4388 - adjust the patch which removes the use of rpath to also produce a
krb5-config which is okay in multilib environments (#190118)
- make the name-of-the-tempfile comment which compile_et adds to error code
    headers always list the same file to avoid conflicts on multilib
    installations
- strip SIZEOF_LONG out of krb5.h so that it doesn't conflict on multilib
    boxes
- strip GSS_SIZEOF_LONG out of gssapi.h so that it doesn't conflict on
    mulitlib boxes
2006-05-08 21:47:26 +00:00
skasal
6944b2e68a Change the release number. 2006-04-14 11:25:22 +00:00
skasal
8216ee6b75 - Fix formatting typo in kinit.1 (krb5-kinit-man-typo.patch) 2006-04-14 11:21:50 +00:00
Jesse Keating
77bf5aa481 bump for bug in double-long on ppc(64) 2006-02-11 03:49:47 +00:00
Nalin Dahyabhai
2118c17c6b - give a little bit more information to the user when kinit gets the
catch-all I/O error (#180175)
2006-02-06 20:04:44 +00:00
Nalin Dahyabhai
5bf2d7bd12 - rebuild properly when pthread_mutexattr_setrobust_np() is defined but not
declared, such as with recent glibc when _GNU_SOURCE isn't being used
2006-01-20 00:28:41 +00:00
Matthias Clasen
a6fb2997f1 Use full paths in krb5.sh to avoid path lookups 2006-01-19 18:05:28 +00:00
Jesse Keating
29b9703f11 gcc update bump 2005-12-09 22:41:14 +00:00
Nalin Dahyabhai
f817e39736 - login: don't truncate passwords before passing them into crypt(), in case
they're significant (#149476)
2005-12-02 01:46:50 +00:00
Nalin Dahyabhai
4584045a70 - conditionalize installation of the new autoconf macro 2005-11-17 19:23:05 +00:00
Nalin Dahyabhai
f54e522bb9 - update to 1.4.3
- make ksu setuid again (#137934, others)
2005-11-17 18:43:13 +00:00
Nalin Dahyabhai
c82cff7d10 bump release 2005-09-13 20:27:12 +00:00
Nalin Dahyabhai
1237c021c7 - mark %%{krb5prefix}/man so that files which are packaged within it are
flagged as %%doc (#168163)
2005-09-13 20:26:57 +00:00
Nalin Dahyabhai
552acc8a70 - add an xinetd configuration file for encryption-only telnetd,
parallelling the kshell/ekshell pair (#167535)
2005-09-06 14:05:59 +00:00
Nalin Dahyabhai
fd0f8c753b bump release 2005-08-31 19:38:08 +00:00
Nalin Dahyabhai
1fcd49e050 - change the default configured encryption type for KDC databases to the
compiled-in default of des3-hmac-sha1 (#57847)
2005-08-31 19:37:54 +00:00
Nalin Dahyabhai
f5b93c728e update to 1.4.2 2005-08-11 22:06:35 +00:00
Nalin Dahyabhai
80238a2fd8 merge fixes for MITKRB5-SA-2005-002 and MITKRB5-SA-2005-003 2005-07-12 18:09:21 +00:00
Nalin Dahyabhai
73316152b6 - fix double-close in keytab handling
- add port of fixes for CAN-2004-0175 to krb5-aware rcp
2005-06-24 20:28:25 +00:00
Nalin Dahyabhai
77a40621a2 - prevent spurious EBADF in krshd when stdin is closed by the client while
the command is running (#151111)
2005-05-13 23:16:55 +00:00
Martin Stransky
ebda005fa9 add deadlock patch, removed old patch 2005-05-13 11:36:41 +00:00
Nalin Dahyabhai
2e8f6b3b97 - update to 1.4.1, incorporating fixes for CAN-2005-0468 and CAN-2005-0469
- when starting the KDC or kadmind, if KRB5REALM is set via the
    /etc/sysconfig file for the service, pass it as an argument for the -r
    flag
2005-05-06 20:16:06 +00:00
Nalin Dahyabhai
9142032a6f - add draft fix from Tom Yu for slc_add_reply() buffer overflow
(CAN-2005-0469)
- add draft fix from Tom Yu for env_opt_add() buffer overflow
    (CAN-2005-0468)
will need to re-roll if the draft fix isn't the same as the final one *
2005-03-28 18:25:19 +00:00
Nalin Dahyabhai
fe186e59d9 - don't include <term.h> into the telnet client when we're not using curses 2005-03-16 22:59:54 +00:00
Nalin Dahyabhai
d46e1d65be - use libncurses instead of libtermcap for the telnet client, because it
provides setupterm(), which we can use instead of the internal version
2005-03-16 00:21:35 +00:00
Nalin Dahyabhai
3759eb0ddd note to self: krb5_init_ets disappeared 2005-03-01 00:05:15 +00:00
Nalin Dahyabhai
6cf61960fa - add a doc file 2005-02-24 23:31:35 +00:00
Nalin Dahyabhai
708fedd9ea - update to 1.4
- v1.4 kadmin client requires a v1.4 kadmind on the server, or use the "-O"
    flag to specify that it should communicate with the server using the
    older protocol
- new libkrb5support library
- v5passwdd and kadmind4 are gone
- versioned symbols
- pick up $KRB5KDC_ARGS from /etc/sysconfig/krb5kdc, if it exists, and pass
    it on to krb5kdc
- pick up $KADMIND_ARGS from /etc/sysconfig/kadmin, if it exists, and pass
    it on to kadmind
- pick up $KRB524D_ARGS from /etc/sysconfig/krb524, if it exists, and pass
    it on to krb524d *instead of* "-m"
- set "forwardable" in [libdefaults] in the default krb5.conf to match the
    default setting which we supply for pam_krb5
- set a default of 24h for "ticket_lifetime" in [libdefaults], reflecting
    the compiled-in default
2005-02-24 23:16:08 +00:00
Nalin Dahyabhai
e7236e5850 rebuild 2004-12-20 23:42:32 +00:00
Nalin Dahyabhai
712b0183e7 - 1.3.6 is out, obsoleting the patch. aargh! i mean, yay! 2004-12-20 23:30:28 +00:00
Nalin Dahyabhai
ad18b8355f - unscrew up martin's changelog date
- incorporate fix for MITKRB5-SA-2004-004
2004-12-20 23:24:09 +00:00
Nalin Dahyabhai
6580269909 - fixup comments 2004-12-20 23:17:34 +00:00
Martin Stransky
8f54e95678 - fix deadlock during file transfer via rsync/krsh
- thanks goes to James Antil for hint
2004-12-20 09:31:41 +00:00
Nalin Dahyabhai
d402e6c91a use a release number which is not already taken 2004-11-26 17:31:47 +00:00
Nalin Dahyabhai
cd44405ec2 - bump release to allow tagging of new file 2004-11-26 17:30:12 +00:00
Nalin Dahyabhai
36dc58b327 - fix predictable-tempfile-name bug in krb5-send-pr (CAN-2004-0971,
#140036)
- silence compiler warning in kprop by using an in-memory ccache with a
    fixed name instead of an on-disk ccache with a name generated by
    tmpnam()
2004-11-23 05:09:46 +00:00
Nalin Dahyabhai
bd5b8f0617 fix globbing patch port mode (#139075) 2004-11-17 00:42:19 +00:00
Nalin Dahyabhai
cfebff4939 - correctly check for errors from gethostbyname_r (#129059) 2004-11-02 00:30:48 +00:00
Nalin Dahyabhai
310f94b436 - update to 1.3.5, rolling in the last set of advisories 2004-09-13 19:47:24 +00:00
cvsdist
6576f38483 auto-import changelog data from krb5-1.3.4-7.src.rpm
Tue Aug 31 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-7
- rebuild
Tue Aug 24 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-6
- rebuild
Tue Aug 24 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-5
- incorporate revised fixes from Tom Yu for CAN-2004-0642, CAN-2004-0644,
    CAN-2004-0772
Mon Aug 23 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-4
- rebuild
Mon Aug 23 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-3
- incorporate fixes from Tom Yu for CAN-2004-0642, CAN-2004-0772
    (MITKRB5-SA-2004-002, #130732)
- incorporate fixes from Tom Yu for CAN-2004-0644 (MITKRB5-SA-2004-003,
    #130732)
2004-09-09 07:21:49 +00:00
cvsdist
347d5c0161 auto-import changelog data from krb5-1.3.4-2.src.rpm
Tue Jul 27 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-2
- fix indexing error in server sorting patch (#127336)
2004-09-09 07:21:01 +00:00
cvsdist
b6c4f1f7b6 auto-import changelog data from krb5-1.3.4-1.src.rpm
Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Mon Jun 14 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-0.1
- update to 1.3.4 final
2004-09-09 07:20:54 +00:00
cvsdist
970a8dcb56 auto-import changelog data from krb5-1.3.3-8.src.rpm
Mon Jun 07 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-8
- rebuild
Fri Jun 04 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-7
- rebuild
Fri Jun 04 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-6
- apply updated patch from MITKRB5-SA-2004-001 (revision 2004-06-02)
Tue Jun 01 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-5
- rebuild
Tue Jun 01 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-4
- apply patch from MITKRB5-SA-2004-001 (#125001)
2004-09-09 07:20:43 +00:00
cvsdist
d4f2fb9dc3 auto-import changelog data from krb5-1.3.3-3.src.rpm
Wed May 12 2004 Thomas Woerner <twoerner@redhat.com> 1.3.3-3
- removed rpath
Thu Apr 15 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-2
- re-enable large file support, fell out in 1.3-1
- patch rcp to use long long and %lld format specifiers when reporting file
    sizes on large files
2004-09-09 07:18:32 +00:00
cvsdist
7ebd8dc643 auto-import changelog data from krb5-1.3.3-1.src.rpm
Tue Apr 13 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-1
- update to 1.3.3
2004-09-09 07:17:58 +00:00
cvsdist
68d4ec48b7 auto-import changelog data from krb5-1.3.2-1.src.rpm
Wed Mar 10 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.2-1
- update to 1.3.2
Mon Mar 08 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-12
- rebuild
Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com> 1.3.1-11.1
- rebuilt
Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com> 1.3.1-11
- rebuilt
Mon Feb 09 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-10
- catch krb4 send_to_kdc cases in kdc preference patch
Mon Feb 02 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-9
- remove patch to set TERM in klogind which, combined with the upstream fix
    in
1.3.1, actually produces the bug now (#114762)
Mon Jan 19 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-8
- when iterating over lists of interfaces which are "up" from getifaddrs(),
    skip over those which have no address (#113347)
Mon Jan 12 2004 Nalin Dahyabhai <nalin@redhat.com>
- prefer the kdc which last replied to a request when sending requests to
    kdcs
2004-09-09 07:17:04 +00:00
cvsdist
dc2fe09903 auto-import changelog data from krb5-1.3.1-7.src.rpm
Mon Nov 24 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-7
- fix combination of --with-netlib and --enable-dns
Tue Nov 18 2003 Nalin Dahyabhai <nalin@redhat.com>
- remove libdefault ticket_lifetime option from the default krb5.conf, it
    is ignored by libkrb5
2004-09-09 07:16:33 +00:00
cvsdist
0b77dc9b0b auto-import changelog data from krb5-1.3.1-6.src.rpm
Thu Sep 25 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-6
- fix bug in patch to make rlogind start login with a clean environment a
    la netkit rlogin, spotted and fixed by Scott McClung
Tue Sep 23 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-5
- include profile.d scriptlets in krb5-devel so that krb5-config will be in
    the path, reported by Kir Kolyshkin
Mon Sep 08 2003 Nalin Dahyabhai <nalin@redhat.com>
- add more etypes (arcfour) to the default enctype list in kdc.conf
- don't apply previous patch, refused upstream
Fri Sep 05 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-4
- fix 32/64-bit bug storing and retrieving the issue_date in v4 credentials
Wed Sep 03 2003 Dan Walsh <dwalsh@redhat.com> 1.3.1-3
- Don't check for write access on /etc/krb5.conf if SELinux
Tue Aug 26 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-2
- fixup some int/pointer varargs wackiness
Tue Aug 05 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-1
- rebuild
Mon Aug 04 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3.1-0
- update to 1.3.1
Thu Jul 24 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3-2
- pull fix for non-compliant encoding of salt field in etype-info2 preauth
    data from 1.3.1 beta 1, until 1.3.1 is released.
Mon Jul 21 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3-1
- update to 1.3
Mon Jul 07 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.8-4
- correctly use stdargs
Wed Jun 18 2003 Nalin Dahyabhai <nalin@redhat.com> 1.3-0.beta.4
- test update to 1.3 beta 4
- ditch statglue build option
- krb5-devel requires e2fsprogs-devel, which now provides libss and
    libcom_err
Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
Wed May 21 2003 Jeremy Katz <katzj@redhat.com> 1.2.8-2
- gcc 3.3 doesn't implement varargs.h, include stdarg.h instead
Wed Apr 09 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.8-1
- update to 1.2.8
2004-09-09 07:16:22 +00:00
cvsdist
f241d93ce5 auto-import changelog data from krb5-1.2.7-14.src.rpm
Mon Mar 31 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.7-14
- fix double-free of enc_part2 in krb524d
2004-09-09 07:14:47 +00:00
cvsdist
296235f0b6 auto-import krb5-1.2.7-13 from krb5-1.2.7-13.src.rpm 2004-09-09 07:14:41 +00:00
cvsdist
1812066274 auto-import krb5-1.2.7-12 from krb5-1.2.7-12.src.rpm 2004-09-09 07:14:02 +00:00
cvsdist
933db59774 auto-import krb5-1.2.7-10 from krb5-1.2.7-10.src.rpm 2004-09-09 07:13:54 +00:00
cvsdist
5a9c9af87e auto-import krb5-1.2.7-8 from krb5-1.2.7-8.src.rpm 2004-09-09 07:13:00 +00:00
cvsdist
6c39abc07b auto-import krb5-1.2.5-15 from krb5-1.2.5-15.src.rpm 2004-09-09 07:12:53 +00:00
cvsdist
60ad4b4c27 auto-import krb5-1.2.5-7 from krb5-1.2.5-7.src.rpm 2004-09-09 07:12:37 +00:00
cvsdist
ac15fdb729 auto-import krb5-1.2.5-6 from krb5-1.2.5-6.src.rpm 2004-09-09 07:12:11 +00:00
cvsdist
07595710c6 auto-import krb5-1.2.5-5 from krb5-1.2.5-5.src.rpm 2004-09-09 07:12:05 +00:00
cvsdist
e438a6ddbd auto-import krb5-1.2.4-11 from krb5-1.2.4-11.src.rpm 2004-09-09 07:11:54 +00:00
cvsdist
d017cb2b5d auto-import krb5-1.2.4-4 from krb5-1.2.4-4.src.rpm 2004-09-09 07:11:50 +00:00
cvsdist
280a055a99 auto-import krb5-1.2.4-3 from krb5-1.2.4-3.src.rpm 2004-09-09 07:11:36 +00:00
cvsdist
9a77231fd9 auto-import krb5-1.2.4-2 from krb5-1.2.4-2.src.rpm 2004-09-09 07:11:31 +00:00
cvsdist
a422b0be58 auto-import krb5-1.2.4-1 from krb5-1.2.4-1.src.rpm 2004-09-09 07:11:28 +00:00
cvsdist
f58b9ed595 auto-import krb5-1.2.3-5 from krb5-1.2.3-5.src.rpm 2004-09-09 07:11:12 +00:00
cvsdist
ff204a4ecb auto-import changelog data from krb5-1.2.2-24.src.rpm
Fri Mar 21 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-24
- fix double-free of enc_part2 in krb524d
- update to latest patch kit for MITKRB5-SA-2003-004
Thu Mar 20 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-23
- make the default kdc.conf list the same enctypes we use for 1.2.7
Wed Mar 19 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-22
- add patch included in MITKRB5-SA-2003-003 (CAN-2003-0028)
Mon Mar 17 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-21
- add patches from patchkit from MITKRB5-SA-2003-004 (CAN-2003-0138 and
    CAN-2003-0139)
Thu Mar 06 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-20
- fix buffer underrun in unparsing certain principals (CAN-2003-0082)
Wed Feb 26 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-19
- add patch to fix server-side crashes when principals have no components
    (CAN-2003-0072)
Mon Feb 24 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-18
- add patch from Matt Crawford for encoding transited realms properly
Wed Feb 05 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-17
- sync compiler flags for configure and make with other versions
Tue Feb 04 2003 Nalin Dahyabhai <nalin@redhat.com>
- add patch to document the reject-bad-transited option in kdc.conf
- add backported symbol namespacing fix from 1.2.3 to clear up clashes with
    glib
- add backported fix for hangs in kadmin client when principal contains an
    escaped @ symbol
Thu Jan 30 2003 Nalin Dahyabhai <nalin@redhat.com>
- add candidate backports for CAN-2002-0036, CAN-2002-058, CAN-2002-059
    (CAN-2002-060 was fixed in 1.1.1-7 or so)
Thu Jan 23 2003 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-16
- add patch from Mark Cox for exploitable bugs in ftp client
- add patch to avoid buffer read overruns when configuring via DNS
- add patch to properly include <errno.h>
2004-09-09 07:09:20 +00:00
cvsdist
b38aa43e89 auto-import changelog data from krb5-1.2.2-15.src.rpm
Wed Oct 23 2002 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-15
- add patch from Tom Yu for exploitable bugs in kadmind4
- remove raw keys from the default kdc.conf
2004-09-09 07:08:32 +00:00
cvsdist
14193d79b3 auto-import changelog data from krb5-1.2.2-14.src.rpm
Fri Aug 02 2002 Nalin Dahyabhai <nalin@redhat.com> 1.2.2-14
- add patch from Tom Yu for exploitable bugs in rpc code used in kadmind
2004-09-09 07:08:13 +00:00
cvsdist
f06da5baa4 auto-import changelog data from krb5-1.2.2-13.src.rpm
Fri Aug 03 2001 Nalin Dahyabhai <nalin@redhat.com>
- bump release number and rebuild
Wed Aug 01 2001 Nalin Dahyabhai <nalin@redhat.com>
- add patch to fix telnetd vulnerability
2004-09-09 07:07:28 +00:00
cvsdist
21f3145cb4 auto-import changelog data from krb5-1.2.2-11.src.rpm
Fri Jul 20 2001 Nalin Dahyabhai <nalin@redhat.com>
- tweak statglue.c to fix stat/stat64 aliasing problems
- be cleaner in use of gcc to build shlibs
Wed Jul 11 2001 Nalin Dahyabhai <nalin@redhat.com>
- use gcc to build shared libraries
Wed Jun 27 2001 Nalin Dahyabhai <nalin@redhat.com>
- add patch to support "ANY" keytab type (i.e., "default_keytab_name =
    ANY:FILE:/etc/krb5.keytab,SRVTAB:/etc/srvtab" patch from Gerald
    Britton, #42551)
- build with -D_FILE_OFFSET_BITS=64 to get large file I/O in ftpd (#30697)
- patch ftpd to use long long and %lld format specifiers to support the
    SIZE command on large files (also #30697)
- don't use LOG_AUTH as an option value when calling openlog() in ksu
    (#45965)
- implement reload in krb5kdc and kadmind init scripts (#41911)
- lose the krb5server init script (not using it any more)
Sun Jun 24 2001 Elliot Lee <sopwith@redhat.com>
- Bump release + rebuild.
2004-09-09 07:06:49 +00:00
cvsdist
7287770309 auto-import changelog data from krb5-1.2.2-7.src.rpm
Tue May 29 2001 Nalin Dahyabhai <nalin@redhat.com>
- pass some structures by address instead of on the stack in krb5kdc
Tue May 22 2001 Nalin Dahyabhai <nalin@redhat.com>
- rebuild in new environment
Thu Apr 26 2001 Nalin Dahyabhai <nalin@redhat.com>
- add patch from Tom Yu to fix ftpd overflows
Wed Apr 18 2001 Than Ngo <than@redhat.com>
- disable optimizations on the alpha again
2004-09-09 07:06:40 +00:00
cvsdist
0bb98ee2c1 auto-import changelog data from krb5-1.2.2-4.src.rpm
Fri Mar 30 2001 Nalin Dahyabhai <nalin@redhat.com>
- add in glue code to make sure that libkrb5 continues to provide a weak
    copy of stat()
Thu Mar 15 2001 Nalin Dahyabhai <nalin@redhat.com>
- build alpha with -O0 for now
Thu Mar 08 2001 Nalin Dahyabhai <nalin@redhat.com>
- fix the kpropd init script
Mon Mar 05 2001 Nalin Dahyabhai <nalin@redhat.com>
- update to 1.2.2, which fixes some bugs relating to empty ETYPE-INFO
- re-enable optimization on Alpha
Thu Feb 08 2001 Nalin Dahyabhai <nalin@redhat.com>
- build alpha with -O0 for now
- own /var/kerberos
Tue Feb 06 2001 Nalin Dahyabhai <nalin@redhat.com>
- own the directories which are created for each package (#26342)
Tue Jan 23 2001 Nalin Dahyabhai <nalin@redhat.com>
- gettextize init scripts
Fri Jan 19 2001 Nalin Dahyabhai <nalin@redhat.com>
- add some comments to the ksu patches for the curious
- re-enable optimization on alphas
Mon Jan 15 2001 Nalin Dahyabhai <nalin@redhat.com>
- fix krb5-send-pr (#18932) and move it from -server to -workstation
- buildprereq libtermcap-devel
- temporariliy disable optimization on alphas
- gettextize init scripts
Tue Dec 05 2000 Nalin Dahyabhai <nalin@redhat.com>
- force -fPIC
Fri Dec 01 2000 Nalin Dahyabhai <nalin@redhat.com>
- rebuild in new environment
Tue Oct 31 2000 Nalin Dahyabhai <nalin@redhat.com>
- add bison as a BuildPrereq (#20091)
Mon Oct 30 2000 Nalin Dahyabhai <nalin@redhat.com>
- change /usr/dict/words to /usr/share/dict/words in default kdc.conf
    (#20000)
Thu Oct 05 2000 Nalin Dahyabhai <nalin@redhat.com>
- apply kpasswd bug fixes from David Wragg
Wed Oct 04 2000 Nalin Dahyabhai <nalin@redhat.com>
- make krb5-libs obsolete the old krb5-configs package (#18351)
- don't quit from the kpropd init script if there's no principal database
    so that you can propagate the first time without running kpropd
    manually
- don't complain if /etc/ld.so.conf doesn't exist in the -libs %post
Tue Sep 12 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix credential forwarding problem in klogind (goof in KRB5CCNAME
    handling) (#11588)
- fix heap corruption bug in FTP client (#14301)
2004-09-09 07:06:10 +00:00
cvsdist
af3b5464f0 auto-import changelog data from krb5-1.2.1-8.src.rpm
Wed Aug 16 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix summaries and descriptions
- switched the default transfer protocol from PORT to PASV as proposed on
    bugzilla (#16134), and to match the regular ftp package's behavior
Wed Jul 19 2000 Jeff Johnson <jbj@redhat.com>
- rebuild to compress man pages.
Sat Jul 15 2000 Bill Nottingham <notting@redhat.com>
- move initscript back
Fri Jul 14 2000 Nalin Dahyabhai <nalin@redhat.com>
- disable servers by default to keep linuxconf from thinking they need to
    be started when they don't
Thu Jul 13 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild
Mon Jul 10 2000 Nalin Dahyabhai <nalin@redhat.com>
- change cleanup code in post to not tickle chkconfig
- add grep as a Prereq: for -libs
Thu Jul 06 2000 Nalin Dahyabhai <nalin@redhat.com>
- move condrestarts to postun
- make xinetd configs noreplace
- add descriptions to xinetd configs
- add /etc/init.d as a prereq for the -server package
- patch to properly truncate $TERM in krlogind
Fri Jun 30 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 1.2.1
- back out Tom Yu's patch, which is a big chunk of the 1.2 -> 1.2.1 update
- start using the official source tarball instead of its contents
Thu Jun 29 2000 Nalin Dahyabhai <nalin@redhat.com>
- Tom Yu's patch to fix compatibility between 1.2 kadmin and 1.1.1 kadmind
- pull out 6.2 options in the spec file (sonames changing in 1.2 means it's
    not compatible with other stuff in 6.2, so no need)
Wed Jun 28 2000 Nalin Dahyabhai <nalin@redhat.com>
- tweak graceful start/stop logic in post and preun
Mon Jun 26 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to the 1.2 release
- ditch a lot of our patches which went upstream
- enable use of DNS to look up things at build-time
- disable use of DNS to look up things at run-time in default krb5.conf
- change ownership of the convert-config-files script to root.root
- compress PS docs
- fix some typos in the kinit man page
- run condrestart in server post, and shut down in preun
Mon Jun 19 2000 Nalin Dahyabhai <nalin@redhat.com>
- only remove old krb5server init script links if the init script is there
Sat Jun 17 2000 Nalin Dahyabhai <nalin@redhat.com>
- disable kshell and eklogin by default
Thu Jun 15 2000 Nalin Dahyabhai <nalin@redhat.com>
- patch mkdir/rmdir problem in ftpcmd.y
- add condrestart option to init script
- split the server init script into three pieces and add one for kpropd
Wed Jun 14 2000 Nalin Dahyabhai <nalin@redhat.com>
- make sure workstation servers are all disabled by default
- clean up krb5server init script
Fri Jun 09 2000 Nalin Dahyabhai <nalin@redhat.com>
- apply second set of buffer overflow fixes from Tom Yu
- fix from Dirk Husung for a bug in buffer cleanups in the test suite
- work around possibly broken rev binary in running test suite
- move default realm configs from /var/kerberos to /var/kerberos
Tue Jun 06 2000 Nalin Dahyabhai <nalin@redhat.com>
- make ksu and v4rcp owned by root
Sat Jun 03 2000 Nalin Dahyabhai <nalin@redhat.com>
- use %{_infodir} to better comply with FHS
- move .so files to -devel subpackage
- tweak xinetd config files (bugs #11833, #11835, #11836, #11840)
- fix package descriptions again
Wed May 24 2000 Nalin Dahyabhai <nalin@redhat.com>
- change a LINE_MAX to 1024, fix from Ken Raeburn
- add fix for login vulnerability in case anyone rebuilds without krb4
    compat
- add tweaks for byte-swapping macros in krb.h, also from Ken
- add xinetd config files
- make rsh and rlogin quieter
- build with debug to fix credential forwarding
- add rsh as a build-time req because the configure scripts look for it to
    determine paths
Wed May 17 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix config_subpackage logic
Tue May 16 2000 Nalin Dahyabhai <nalin@redhat.com>
- remove setuid bit on v4rcp and ksu
- apply patches from Jeffrey Schiller to fix overruns Chris Evans found
- reintroduce configs subpackage for use in the errata
- add PreReq: sh-utils
Mon May 15 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix double-free in the kdc (patch merged into MIT tree)
- include convert-config-files script as a documentation file
Wed May 03 2000 Nalin Dahyabhai <nalin@redhat.com>
- patch ksu man page because the -C option never works
- add access() checks and disable debug mode in ksu
- modify default ksu build arguments to specify more directories in
    CMD_PATH and to use getusershell()
Wed May 03 2000 Bill Nottingham <notting@redhat.com>
- fix configure stuff for ia64
Mon Apr 10 2000 Nalin Dahyabhai <nalin@redhat.com>
- add LDCOMBINE=-lc to configure invocation to use libc versioning (bug
    #10653)
- change Requires: for/in subpackages to include 1.2.1
Wed Apr 05 2000 Nalin Dahyabhai <nalin@redhat.com>
- add man pages for kerberos(1), kvno(1), .k5login(5)
- add kvno to -workstation
Mon Apr 03 2000 Nalin Dahyabhai <nalin@redhat.com>
- Merge krb5-configs back into krb5-libs. The krb5.conf file is marked as a
    %config file anyway.
- Make krb5.conf a noreplace config file.
Thu Mar 30 2000 Nalin Dahyabhai <nalin@redhat.com>
- Make klogind pass a clean environment to children, like NetKit's rlogind
    does.
Wed Mar 08 2000 Nalin Dahyabhai <nalin@redhat.com>
- Don't enable the server by default.
- Compress info pages.
- Add defaults for the PAM module to krb5.conf
Mon Mar 06 2000 Nalin Dahyabhai <nalin@redhat.com>
- Correct copyright: it's exportable now, provided the proper paperwork is
    filed with the government.
Fri Mar 03 2000 Nalin Dahyabhai <nalin@redhat.com>
- apply Mike Friedman's patch to fix format string problems
- don't strip off argv[0] when invoking regular rsh/rlogin
Thu Mar 02 2000 Nalin Dahyabhai <nalin@redhat.com>
- run kadmin.local correctly at startup
Mon Feb 28 2000 Nalin Dahyabhai <nalin@redhat.com>
- pass absolute path to kadm5.keytab if/when extracting keys at startup
Sat Feb 19 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix info page insertions
Wed Feb 09 2000 Nalin Dahyabhai <nalin@redhat.com>
- tweak server init script to automatically extract kadm5 keys if
    /var/kerberos/krb5kdc/kadm5.keytab doesn't exist yet
- adjust package descriptions
Thu Feb 03 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix for potentially gzipped man pages
Fri Jan 21 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix comments in krb5-configs
Fri Jan 07 2000 Nalin Dahyabhai <nalin@redhat.com>
- move /usr/kerberos/bin to end of PATH
Tue Dec 28 1999 Nalin Dahyabhai <nalin@redhat.com>
- install kadmin header files
Tue Dec 21 1999 Nalin Dahyabhai <nalin@redhat.com>
- patch around TIOCGTLC defined on alpha and remove warnings from libpty.h
- add installation of info docs
- remove krb4 compat patch because it doesn't fix workstation-side servers
Mon Dec 20 1999 Nalin Dahyabhai <nalin@redhat.com>
- remove hesiod dependency at build-time
Sun Dec 19 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
- rebuild on 1.1.1
Thu Oct 07 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
- clean up init script for server, verify that it works [jlkatz]
- clean up rotation script so that rc likes it better
- add clean stanza
Mon Oct 04 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
- backed out ncurses and makeshlib patches
- update for krb5-1.1
- add KDC rotation to rc.boot, based on ideas from Michael's C version
Sun Sep 26 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
- added -lncurses to telnet and telnetd makefiles
Mon Jul 05 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
- added krb5.csh and krb5.sh to /etc/profile.d
Tue Jun 22 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
- broke out configuration files
Mon Jun 14 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
- fixed server package so that it works now
Sat May 15 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
- started changelog
- updated existing 1.0.5 RPM from Eos Linux to krb5 1.0.6
- added --force to makeinfo commands to skip errors during build
2004-09-09 07:05:48 +00:00