rpms/krb5
5
0
Fork 0
Code Issues Pull Requests Releases Activity
1,213 Commits 10 Branches 54 Tags 5.4 MiB
aebeb94ad7
Commit Graph

114 Commits

Author SHA1 Message Date
Julien Rische
8c423dc9d5 krb5 1.21.3-1 
- New upstream version (1.21.3)
- CVE-2024-37370 CVE-2024-37371
  Fix vulnerabilities in GSS message token handling
  Resolves: RHEL-45387 RHEL-45378
- Fix memory leak in GSSAPI interface
  Resolves: RHEL-47284
- Fix memory leak in PMAP RPC interface
  Resolves: RHEL-47287
- Fix memory leak in failing UTF-8 to UTF-16 re-encoding for PAC
  Resolves: RHEL-47285
- Make TCP waiting time configurable
  Resolves: RHEL-47278
- Do not include files with "~" termination in krb5-tests
  Resolves: RHEL-45995

Signed-off-by: Julien Rische <jrische@redhat.com>
 2024-07-12 13:30:00 +02:00
Julien Rische
f5676fd233 New upstream version (1.21.2) 
- Fix double-free in KDC TGS processing (CVE-2023-39975)
  Resolves: rhbz#2229113
- Make tests compatible with Python 3.12
  Resolves: rhbz#2224013

Signed-off-by: Julien Rische <jrische@redhat.com>
 2023-08-16 11:30:37 +02:00
Julien Rische
0b340d0ef3 New upstream version (1.21) 
Do not disable PKINIT if some of the well-known DH groups are unavailable
  Resolves: rhbz#2214297
Make PKINIT CMS SHA-1 signature verification available in FIPS mode
  Resolves: rhbz#2214300
Allow to set PAC ticket signature as optional
  Resolves: rhbz#2181311
Add support for MS-PAC extended KDC signature (CVE-2022-37967)
  Resolves: rhbz#2166001
Fix syntax error in aclocal.m4
  Resolves: rhbz#2143306

Signed-off-by: Julien Rische <jrische@redhat.com>
 2023-06-12 17:29:15 +02:00
Julien Rische
56cee506e7 New upstream version (1.20.1) 
Also set "supportedCMSTypes" to SHA-512/256 with RSA encryption

Resolves: rhbz#2124463
Resolves: rhbz#2114766
Signed-off-by: Julien Rische <jrische@redhat.com>
 2022-11-24 11:35:10 +01:00
Robbie Harwood
03e8c69837 Add sources 2021-07-26 14:50:12 -04:00
Robbie Harwood
ab3f34f0e7 ... including the sources this time 2021-02-18 16:52:28 -05:00
Robbie Harwood
d5839d0511 New upstream version (1.19) 2021-02-02 15:32:32 +00:00
Robbie Harwood
9fb5239517 New upstream version (1.19-beta2) 2021-01-12 12:45:35 -05:00
Robbie Harwood
0da55d6175 New upstream version (1.19-beta1) 2020-12-16 16:30:40 -05:00
Robbie Harwood
5facc9df4d New upstream version (1.18.3) 2020-11-18 18:16:20 +00:00
Robbie Harwood
102adf5edf New upstream release (1.18.2) 2020-05-22 14:26:04 -04:00
Robbie Harwood
46d8c677ae It usually helps if I commit the sources file 2020-04-14 15:50:03 -04:00
Robbie Harwood
f287f939a9 New upstream version (1.18) 2020-02-12 22:29:13 +00:00
Robbie Harwood
8fb4697062 New upstream beta release - 1.18-beta2 
Adjust naming convention for downstream patches
 2020-01-31 20:31:53 +00:00
Robbie Harwood
7f642b1512 New upstream beta release - 1.18-beta1 2020-01-13 18:19:19 -05:00
Robbie Harwood
9d642021d7 New upstream version - 1.17.1 
Stop building and packaging PDFs
 2019-12-12 18:42:51 +00:00
Robbie Harwood
658f28f754 New upstream version (1.17) 2019-01-08 19:15:01 +00:00
Robbie Harwood
8968aa45c7 Restore pdfs source file 
Resolves: #1659716
 2018-12-17 20:39:53 +00:00
Robbie Harwood
59f64bf750 New upstream release (1.17-beta2) 
Drop pdfs source file
 2018-12-06 18:31:06 +00:00
Robbie Harwood
f745542b78 New upstream beta release (1.17-beta1) 2018-11-01 20:07:33 +00:00
Robbie Harwood
88ba66fe53 New upstream release - 1.16.1 2018-05-04 14:59:45 +00:00
Robbie Harwood
9869daa1e8 New upstream release (1.16) 
- No changes from beta2
- Add spec file support for COPR
 2017-12-06 18:07:52 +00:00
Robbie Harwood
6f4f842e5f New upstream prerelease (1.16-beta2) 2017-11-27 22:15:31 +00:00
Robbie Harwood
533a73fdd1 New upstream prerelease (1.16-beta1) 2017-10-05 20:29:13 +00:00
Robbie Harwood
f1e535bb81 New upstream release - krb5-1.15.2 
Adjust patches as appropriate
 2017-09-25 19:24:33 +00:00
Robbie Harwood
2a20da0e2a New upstream release - 1.15.1 2017-03-04 00:34:47 +00:00
Robbie Harwood
be80cb9861 New upstream release 2016-12-05 20:52:58 +00:00
Robbie Harwood
c3f7090334 New upstream release 2016-11-16 21:22:01 +00:00
Robbie Harwood
821dac42ed Upstream release 1.15-beta1 
Also update selinux with RHEL hygene.

Resolves: #1314096
 2016-10-20 23:34:55 +00:00
Robbie Harwood
14f028579d New upstream release and integrate with external git 2016-09-19 23:49:31 +00:00
Robbie Harwood
482c8e1687 New upstream version 1.14.3 2016-08-01 20:44:35 +00:00
Robbie Harwood
f1cb770b53 New rawhide, new upstream version 
- Drop CVE patches
- Rename fix_interposer.patch to acquire_cred_interposer.patch
- Update acquire_cred_interposer.patch to apply to new source
 2016-02-29 23:45:38 +00:00
Robbie Harwood (frozencemetery)
89ae1a3c67 Upstream release. No actual change from beta, just version bump 
Also clean up unused parts of spec file.
 2015-11-23 22:56:02 +00:00
Robbie Harwood (frozencemetery)
806928902d Release 1.14-beta2 2015-11-16 18:11:20 +00:00
Robbie Harwood (frozencemetery)
98128c4038 New upstream beta version 2015-10-15 20:51:57 +00:00
Robbie Harwood (frozencemetery)
a89bdde4da Revert "New upstream version: krb5-1.14-alpha1" 
This reverts commit 1138991893.
 2015-10-01 18:33:34 +00:00
Robbie Harwood (frozencemetery)
1138991893 New upstream version: krb5-1.14-alpha1 
Drop patches that have since been applied.  Create new patches as
needed.
 2015-09-24 17:57:53 +00:00
Robbie Harwood (frozencemetery)
a328acab1b Drop dependency on pax&ksh and remove support for fedora < 20 2015-09-23 18:42:40 +00:00
Roland Mainz
580aefb618 * Thu Jun 25 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-6 
- Use system nss_wrapper and socket_wrapper for testing.
  Patch by Andreas Schneider <asn@redhat.com>
 2015-06-26 02:47:13 +02:00
Roland Mainz
3ae7a21305 * Thu May 14 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-0 
- Update to krb5-1.13.2
  - drop patch for krb5-1.13.2-CVE_2015_2694_requires_preauth_bypass_in_PKINIT_enabled_KDC, fixed in krb5-1.13.2
  - drop patch for krb5-1.12.1-CVE_2014_5355_fix_krb5_read_message_handling, fixed in krb5-1.13.2
- Add script processing for upcoming Zanata l10n support
- Minor spec cleanup
 2015-05-15 01:02:21 +02:00
Roland Mainz
2a8abfedf0 * Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1 
- Update to krb5-1.13.1
  - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1
  - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1
  - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1
- Minor spec cleanup
 2015-02-13 18:07:12 +01:00
Roland Mainz
e1dbd4ed12 * Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1 
- Update to krb5-1.13.1
  - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1
  - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1
  - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1
- Minor spec cleanup
 2015-02-13 17:58:34 +01:00
Roland Mainz
6a0c01a783 * Wed Oct 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0 
- Update from krb5-1.13-alpha1 to final krb5-1.13
- Removed patch for CVE-2014-5351 (#1145425) "krb5: current
  keys returned when randomizing the keys for a service principal" -
  now part of upstream sources
- Use patch for glibc |eventfd()| prototype mismatch (#1147887) only
  for Fedora > 20
 2014-10-29 21:48:06 +01:00
Nalin Dahyabhai
8563ebea46 Updating to 1.13 alpha1 2014-08-22 16:14:20 -04:00
Nalin Dahyabhai
f3d3f13006 Upload 1.12.2 sources 2014-08-15 15:20:08 -04:00
Nalin Dahyabhai
419c14d6ac Pull from the right wrapper branches 
... and add our local patch to fix the bind-then-connect case.
 2014-02-04 15:31:21 -05:00
Nalin Dahyabhai
956ccfdfb4 refresh nss_wrapper, add socket_wrapper 2014-01-31 16:56:05 -05:00
Nalin Dahyabhai
ca47c3ce74 Finish updating to 1.12.1 2014-01-17 11:08:51 -05:00
Nalin Dahyabhai
3a1e355f38 Update to 1.12 final 2013-12-11 10:52:40 -05:00
Nalin Dahyabhai
f002059e62 Update to 1.12 beta2 
- drop obsolete backports for storing KDC time offsets and expiration times
  in keyring credential caches
 2013-12-02 11:47:40 -05:00