Commit Graph

67 Commits

Author SHA1 Message Date
Nalin Dahyabhai
ca47c3ce74 Finish updating to 1.12.1 2014-01-17 11:08:51 -05:00
Nalin Dahyabhai
3a1e355f38 Update to 1.12 final 2013-12-11 10:52:40 -05:00
Nalin Dahyabhai
f002059e62 Update to 1.12 beta2
- drop obsolete backports for storing KDC time offsets and expiration times
  in keyring credential caches
2013-12-02 11:47:40 -05:00
Nalin Dahyabhai
88c0c528bd Update to 1.12 beta 2013-11-19 18:08:43 -05:00
Nalin Dahyabhai
596d52ef7e Whoops, include the new sources, too 2013-11-12 16:45:41 -05:00
Nalin Dahyabhai
e6591a5194 ship an nss_wrappers snapshot, not a git repo
- switch to just the snapshot of nss_wrapper we were using, since we
  no longer need to carry anything that isn't in the cwrap.org repository
  (ssorce)
2013-08-23 14:21:20 -04:00
Nalin Dahyabhai
36dbacb706 Use LD_PRELOAD to be able to run more self-tests
Use nss_wrapper (from cwrap.org) to be able to run more of the
self-tests during %%check.  Help it along a little bit by being
more emphatic about cutting off access to DNS.
2013-07-19 15:52:31 -04:00
Nalin Dahyabhai
7b66f600ef update to 1.11.3
- update to 1.11.3
  - drop patch for RT#7605, fixed in this release
  - drop patch for CVE-2002-2443, fixed in this release
  - drop patch for RT#7369, fixed in this release
- pull upstream fix for breaking t_skew.py by adding the patch for #961221
2013-06-04 11:13:25 -04:00
Nalin Dahyabhai
61043181c7 update to 1.11.2
- update to 1.11.2
  - drop pulled in patch for RT#7586, included in this release
  - drop pulled in patch for RT#7592, included in this release
2013-04-15 11:06:15 -04:00
Nalin Dahyabhai
460c5ab8b7 prebuild PDF docs to reduce multilib differences
prebuild PDF docs to reduce multilib differences (internal tooling, #884065)
2013-02-27 14:59:35 -05:00
Nalin Dahyabhai
0c2dcfe3ef update to 1.11.1
update to 1.11.1
- drop patch for noticing negative timeouts being passed to the poll()
  wrapper in the client transmit functions
2013-02-25 12:44:43 -05:00
Nalin Dahyabhai
0597014fa8 update to 1.11 release
- update to the 1.11 final release
- drop the rawbuild tag from a couple of patches which we don't actually
  need to apply to get things to compile the way the package expects
2012-12-18 10:37:36 -05:00
Nalin Dahyabhai
9e98fec59e update to 1.11 beta 2 2012-12-13 10:57:00 -05:00
Nalin Dahyabhai
78b3a524da update to 1.11 beta 1 2012-11-21 15:56:57 -05:00
Nalin Dahyabhai
a08be40755 update sources for 1.11-alpha1 2012-11-16 13:04:39 -05:00
Nalin Dahyabhai
81ca63cffc - update to 1.10.3, rolling in MITKRB5-SA-2012-001 2012-08-09 11:11:24 -04:00
Nalin Dahyabhai
b8b71859bb update to 1.10.2
- when building the new label for a file we're about to create, also mix
  in the current range, in addition to the current user
- also package the PDF format admin, user, and install guides
- drop some PDFs that no longer get built right
2012-06-01 14:05:55 -04:00
Nalin Dahyabhai
7d6fe6def6 update sources 2012-03-09 18:48:50 -05:00
Nalin Dahyabhai
70240d81c8 - update to 1.10.1
- drop the KDC crash fix
  - drop the KDC lookaside cache fix
  - drop the fix for kadmind RPC ACLs (CVE-2012-1012)
2012-03-09 18:37:47 -05:00
Nalin Dahyabhai
fbe4130509 - update to 1.10 final 2012-01-30 10:28:53 -05:00
Nalin Dahyabhai
0ce26f54ef - update to beta 1 2012-01-12 18:47:26 -05:00
Nalin Dahyabhai
fd2308c2b8 - update to beta 1 2012-01-12 18:43:25 -05:00
Nalin Dahyabhai
2496d7a5c9 - update to alpha 2
- drop a couple of patches which were integrated for alpha 2
2011-12-20 13:18:27 -05:00
Nalin Dahyabhai
1110ccd873 - bump to 1.10 alpha 1 2011-11-15 12:45:44 -05:00
Nalin Dahyabhai
94ead682ba - prune 1.9 sources 2011-07-22 15:38:33 -04:00
Nalin Dahyabhai
ac127d5263 - update to 1.9.1:
- drop no-longer-needed patches for CVE-2010-4022, CVE-2011-0281,
    CVE-2011-0282, CVE-2011-0283, CVE-2011-0284, CVE-2011-0285
2011-05-05 19:03:10 -04:00
Nalin Dahyabhai
8c3bae0303 update to 1.9 final 2010-12-22 17:22:08 -05:00
Nalin Dahyabhai
ce5e3836b2 - update to 1.9 beta 3 2010-12-16 14:43:53 -05:00
Nalin Dahyabhai
78ee0957ae - update to 1.9 beta 3 2010-12-16 14:43:36 -05:00
Nalin Dahyabhai
695c21dd42 - update to beta 2 2010-12-06 16:55:35 -05:00
Nalin Dahyabhai
678164812e - add 1.9-beta1 sources 2010-12-06 16:55:34 -05:00
Nalin Dahyabhai
3c41ea7400 - drop 1.8.3 sources 2010-12-06 16:55:34 -05:00
Nalin Dahyabhai
0c20d8744b - update to 1.8.3
- drop backports of fixes for gss context expiration and error table
    registration/deregistration mismatch
  - drop patch for upstream #6750
2010-08-04 18:22:20 -04:00
Nalin Dahyabhai
e067cf87fe - update to 1.8.2
- drop patches for CVE-2010-1320, CVE-2010-1321
2010-06-10 22:21:43 +00:00
Nalin Dahyabhai
b48f2bcb58 - update to 1.8.1
- no longer need patches for #555875, #561174, #563431, RT#6661,
    CVE-2010-0628
- replace buildrequires on tetex-latex with one on texlive-latex, which is
    the package that provides it now
2010-04-09 13:44:05 +00:00
Nalin Dahyabhai
1f83fab4c7 - remove the krb5-appl bits (the -workstation-clients and
-workstation-servers subpackages) now that krb5-appl is its own package
2010-03-19 21:15:33 +00:00
Nalin Dahyabhai
75b08040ff - update to 1.8
- temporarily bundling the krb5-appl package (split upstream as of 1.8)
    until its package review is complete
- profile.d scriptlets are now only needed by -workstation-clients
- adjust paths in init scripts
- drop upstreamed fix for KDC denial of service (CVE-2010-0283)
- drop patch to check the user's password correctly using crypt(), which
    isn't a code path we hit when we're using PAM
2010-03-05 22:19:38 +00:00
Nalin Dahyabhai
edcbea8d17 - update to 1.7.1
- don't trip AD lockout on wrong password (#542687, #554351)
- incorporates fixes for CVE-2009-4212 and CVE-2009-3295
- fixes gss_krb5_copy_ccache() when SPNEGO is used
- move sim_client/sim_server, gss-client/gss-server, uuclient/uuserver to
    the devel subpackage, better lining up with the expected krb5/krb5-appl
    split in 1.8
- drop kvno,kadmin,k5srvutil,ktutil from -workstation-servers, as it
    already depends on -workstation which also includes them
2010-02-03 17:11:35 +00:00
Nalin Dahyabhai
f72d641eb4 - new source set 2009-06-04 22:15:04 +00:00
Nalin Dahyabhai
276a481e88 - update to 1.6.3, dropping now-integrated patches for CVE-2007-3999 and
CVE-2007-4000 (the new pkinit module is built conditionally and goes
    into the -pkinit-openssl package, at least for now, to make a buildreq
    loop with openssl avoidable)
2007-10-23 19:40:45 +00:00
Nalin Dahyabhai
c0cd730c79 - update to 1.6.2
- add "buildrequires: texinfo-tex" to get texi2pdf
2007-07-19 16:50:28 +00:00
Nalin Dahyabhai
7877c27fc3 - bump to 1.6.1 2007-05-23 21:48:27 +00:00
Nalin Dahyabhai
6e6adec726 - initial update to 1.6, making the package-split optional
- move workstation daemons to a new subpackage (#81836, #216356, #217301),
    and make the new subpackage require xinetd (#211885)
We don't get static libraries any more. Holding off on build until
    verification that this doesn't kill other things, or until we get them
    building in a semi-useful way.
2007-01-23 22:14:15 +00:00
Nalin Dahyabhai
f3820b972d - preserve timestamps on profile.d shell scriptlets
- first cut at making RPM scriptlets failproof for install-info
- pull up pre-generated PDF docs so that we don't have multiarch
    differences due to document IDs, timestamps, and compressed data,
- pull up the script to make sure that the PDF matches its source to guard
    against the package maintainer forgetting to update when we move to a
    new release
2007-01-22 21:23:54 +00:00
Nalin Dahyabhai
28c66f7806 - update to 1.5 2006-07-06 15:56:38 +00:00
Nalin Dahyabhai
f54e522bb9 - update to 1.4.3
- make ksu setuid again (#137934, others)
2005-11-17 18:43:13 +00:00
Nalin Dahyabhai
f5b93c728e update to 1.4.2 2005-08-11 22:06:35 +00:00
Nalin Dahyabhai
2e8f6b3b97 - update to 1.4.1, incorporating fixes for CAN-2005-0468 and CAN-2005-0469
- when starting the KDC or kadmind, if KRB5REALM is set via the
    /etc/sysconfig file for the service, pass it as an argument for the -r
    flag
2005-05-06 20:16:06 +00:00
Nalin Dahyabhai
708fedd9ea - update to 1.4
- v1.4 kadmin client requires a v1.4 kadmind on the server, or use the "-O"
    flag to specify that it should communicate with the server using the
    older protocol
- new libkrb5support library
- v5passwdd and kadmind4 are gone
- versioned symbols
- pick up $KRB5KDC_ARGS from /etc/sysconfig/krb5kdc, if it exists, and pass
    it on to krb5kdc
- pick up $KADMIND_ARGS from /etc/sysconfig/kadmin, if it exists, and pass
    it on to kadmind
- pick up $KRB524D_ARGS from /etc/sysconfig/krb524, if it exists, and pass
    it on to krb524d *instead of* "-m"
- set "forwardable" in [libdefaults] in the default krb5.conf to match the
    default setting which we supply for pam_krb5
- set a default of 24h for "ticket_lifetime" in [libdefaults], reflecting
    the compiled-in default
2005-02-24 23:16:08 +00:00
Nalin Dahyabhai
712b0183e7 - 1.3.6 is out, obsoleting the patch. aargh! i mean, yay! 2004-12-20 23:30:28 +00:00