rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity
418 Commits 9 Branches 52 Tags 8.1 MiB
a048f0f12e
Commit Graph

418 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nalin Dahyabhai
a048f0f12e - fix included in 1.9 2010-11-05 15:09:04 -04:00
Nalin Dahyabhai
c4fcdebf25 - fix included in 1.9 2010-11-05 15:07:40 -04:00
Nalin Dahyabhai
01711b78ff - fix included in 1.9 2010-11-05 15:06:39 -04:00
Nalin Dahyabhai
7bf6313a47 - fix included in 1.9 2010-11-05 15:06:01 -04:00
Nalin Dahyabhai
e2734a2f40 - update to apply to 1.9 2010-11-05 15:03:55 -04:00
Nalin Dahyabhai
99e4741184 - update to match current context in krb5.conf(5) 2010-11-05 15:00:13 -04:00
Nalin Dahyabhai
cd6903bceb - fix context for applying to krb5.conf(5) 2010-11-05 14:59:48 -04:00
Nalin Dahyabhai
60f5ea8eaf - incorporate upstream patch to fix uninitialized pointer crash in the KDC's authorization data handling (CVE-2010-1322, #636335) 2010-10-05 15:29:32 -04:00
Nalin Dahyabhai
e84327e216 - pull down patches from trunk to implement k5login_authoritative and k5login_directory settings for krb5.conf (#539423) 2010-10-04 19:01:38 -04:00
Nalin Dahyabhai
0d4651fac9 - pull down patches from trunk to implement k5login_authoritative and 
k5login_directory settings for krb5.conf (#539423)
 2010-10-04 15:34:24 -04:00
Jesse Keating
82f4c7f41e - Rebuilt for gcc bug 634757 2010-09-29 14:34:57 -07:00
Nalin Dahyabhai
f44b554d1b - fix reading of keyUsage extensions when attempting to select pkinit client certs (part of #629022, RT#6775) 
- fix selection of pkinit client certs when one or more don't include a subjectAltName extension (part of #629022, RT#6774)
 2010-09-16 19:32:06 -04:00
Nalin Dahyabhai
3fe7ccdb92 - fix reading of keyUsage extensions when attempting to select pkinit client certs (part of #629022, RT#6775) 2010-09-16 19:31:54 -04:00
Nalin Dahyabhai
188111911c - fix selection of pkinit client certs when one or more don't include a subjectAltName extension (part of #629022, RT#6774) 2010-09-16 19:31:40 -04:00
Nalin Dahyabhai
3f5343a0b9 - build with -fstack-protector-all instead of the default -fstack-protector, 
so that we add checking to more functions (i.e., all of them) (#629950)
 2010-09-03 13:50:17 -04:00
Nalin Dahyabhai
a7376e1a41 - also link binaries with -Wl,-z,relro,-z,now (part of #629950) 2010-09-03 13:08:45 -04:00
Nalin Dahyabhai
6130f43a46 - fix a logic bug in computing key expiration times (RT#6762, #627022) 2010-08-24 18:29:42 -04:00
Nalin Dahyabhai
23a8d6f82d - update patch note 2010-08-12 13:47:08 -04:00
Nalin Dahyabhai
0c20d8744b - update to 1.8.3 
- drop backports of fixes for gss context expiration and error table
    registration/deregistration mismatch
  - drop patch for upstream #6750
 2010-08-04 18:22:20 -04:00
Fedora Release Engineering
36e054d155 dist-git conversion 2010-07-28 20:22:08 +00:00
Nalin Dahyabhai
eed65b02ae - fix a typo in the changelog 2010-07-15 15:47:39 +00:00
Nalin Dahyabhai
45b591b3eb - fix parsing of the pidfile option in the KDC (upstream #6750) 2010-07-07 20:56:07 +00:00
Nalin Dahyabhai
8b8653b9be - add logrotate configuration files for krb5kdc and kadmind (#462658) 2010-07-07 18:09:05 +00:00
Nalin Dahyabhai
a0ca6e4d98 - tell krb5kdc and kadmind to create pid files, since they can 2010-07-07 17:41:39 +00:00
Nalin Dahyabhai
cb407c5fa1 - libgssapi: pull in patch from svn to stop returning context-expired 
errors when the ticket which was used to set up the context expires
    (#605366, upstream #6739)
 2010-06-21 18:26:35 +00:00
Nalin Dahyabhai
da92cbb7b4 - pull up fix for upstream #6745, in which the gssapi library would add the 
wrong error table but subsequently attempt to unload the right one
 2010-06-21 18:11:40 +00:00
Nalin Dahyabhai
a1c8e26f59 - this shouldn't be here -> krb5-appl 2010-06-10 22:24:08 +00:00
Nalin Dahyabhai
e067cf87fe - update to 1.8.2 
- drop patches for CVE-2010-1320, CVE-2010-1321
 2010-06-10 22:21:43 +00:00
Nalin Dahyabhai
1313c14673 - reference the right bug -- this wasn't a problem until the revision 2010-05-27 21:10:28 +00:00
Nalin Dahyabhai
17238354c3 don't skip the PAM account check for root or the same user (more of 
#477033)
 2010-05-27 20:53:30 +00:00
Nalin Dahyabhai
ccdc4a4228 - ksu: move session management calls to before we drop privileges, like su 
does (#596887)
 2010-05-27 20:01:43 +00:00
Nalin Dahyabhai
b60e63ef2b - that -fno-strict-aliasing change merits a rebuild 2010-05-24 22:15:15 +00:00
Nalin Dahyabhai
ab9e2985db - go back to building without strict aliasing (compiler warnings in gssrpc) 2010-05-24 21:31:38 +00:00
Nalin Dahyabhai
5d72216a22 - drop explicit linking with libtinfo for applications that use libss, now 
that readline itself links with libtinfo (as of readline-5.2-3, since
    fedora 7 or so)
 2010-05-24 20:42:04 +00:00
Nalin Dahyabhai
c430745262 - make krb5-server-ldap also depend on the same version-release of 
krb5-libs, as the other subpackages do, if only to make it clearer than
    it is when we just do it through krb5-server
 2010-05-24 20:07:09 +00:00
Nalin Dahyabhai
b3e836cce9 - add patch to correct GSSAPI library null pointer dereference which could 
be triggered by malformed client requests (CVE-2010-1321, #582466)
 2010-05-18 18:14:30 +00:00
Nalin Dahyabhai
59f0148016 - fix output of kprop's init script's "status" and "reload" commands 
(#588222)
 2010-05-04 19:32:52 +00:00
Nalin Dahyabhai
98bc7d7d76 - incorporate patch to fix double-free in the KDC (CVE-2010-1320, #581922) 2010-04-20 18:26:39 +00:00
Nalin Dahyabhai
044f184f7a - fix a typo in kerberos.ldif 2010-04-14 14:28:32 +00:00
Nalin Dahyabhai
b48f2bcb58 - update to 1.8.1 
- no longer need patches for #555875, #561174, #563431, RT#6661,
    CVE-2010-0628
- replace buildrequires on tetex-latex with one on texlive-latex, which is
    the package that provides it now
 2010-04-09 13:44:05 +00:00
Nalin Dahyabhai
6b3df78771 - kdc.conf: no more need to suggest a v4 mode, or listening on the v4 port 2010-04-08 21:27:15 +00:00
Nalin Dahyabhai
8d606a93f5 - drop patch to suppress key expiration warnings sent from the KDC in the 
last-req field, as the KDC is expected to just be configured to either
    send them or not as a particular key approaches expiration (#556495)
 2010-04-08 19:14:31 +00:00
Nalin Dahyabhai
dc32b53c2d - note why we're going to drop this patch 2010-04-08 18:53:15 +00:00
Nalin Dahyabhai
665fa22b0f - add bug numbers for the fix for CVE-2010-0628 2010-03-23 22:56:35 +00:00
Nalin Dahyabhai
cac63d2dfa - kdc.conf: no more need to suggest keeping keys with v4-compatible salting 2010-03-23 18:18:32 +00:00
Nalin Dahyabhai
4a2bf7dc5d - add upstream fix for denial-of-service in SPNEGO (CVE-2010-0628) 2010-03-23 18:07:13 +00:00
Nalin Dahyabhai
1f83fab4c7 - remove the krb5-appl bits (the -workstation-clients and 
-workstation-servers subpackages) now that krb5-appl is its own package
 2010-03-19 21:15:33 +00:00
Nalin Dahyabhai
5d2ca1d225 - replace our patch for #563431 (kpasswd doesn't fall back to guessing your 
principal name using your user name if you don't have a ccache) with
    the on upstream uses
 2010-03-19 21:15:10 +00:00
Nalin Dahyabhai
39cf8a4b2d - whoops, -p level off by one 2010-03-12 22:26:03 +00:00
Nalin Dahyabhai
fafc4a2352 - add the RT entry number 2010-03-12 22:13:15 +00:00