rpms
/
krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Commit Graph

  • a9af3c8817 Nix /usr/share/krb5.conf.d to reduce complexity Robbie Harwood (frozencemetery) 2015-09-23 15:11:53 +0000
  • 65ce267be1 Depend on crypto-policies which provides /etc/krb5.conf.d Robbie Harwood (frozencemetery) 2015-09-23 14:02:05 +0000
  • 5ec8cb89e0 Miscalaneous spec fixes. Robbie Harwood (frozencemetery) 2015-09-10 20:39:27 +0000
  • 2e058adfc5 Bump minor release Robbie Harwood (frozencemetery) 2015-09-10 19:55:53 +0000
  • 6cb6b69409 Support config snippets in /etc/krb5.conf.d/ and /usr/share/krb5.conf.d/ Robbie Harwood (frozencemetery) 2015-09-10 19:37:58 +0000
  • 580aefb618 * Thu Jun 25 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-6 - Use system nss_wrapper and socket_wrapper for testing. Patch by Andreas Schneider <asn@redhat.com> Roland Mainz 2015-06-26 02:47:13 +0200
  • d4aa04d87c * Thu Jun 25 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-5 - Remove Zanata test glue and related workarounds - Bug #1234292 ("IPA server cannot be run in container due to incorrect /usr/sbin/_kadmind") - Bug #1234326 ("krb5-server introduces new rpm dependency on ksh") Roland Mainz 2015-06-25 14:23:31 +0200
  • 168ec0c9e7 * Thu Jun 18 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-4 - Fix dependicy on binfmt.service Roland Mainz 2015-06-19 18:22:15 +0200
  • 57f951a0e2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild Dennis Gilmore 2015-06-17 13:38:13 +0000
  • 7029c6670c * Tue Jun 2 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-2 - Add patch to fix Redhat Bug #1227542 ("[SELinux] AVC denials may appear when kadmind starts"). The issue was caused by an unneeded |htons()| which triggered SELinux AVC denials due to the "random" port usage. Roland Mainz 2015-06-03 02:57:20 +0200
  • 8c2cea93bb * Thu May 21 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-1 - Add fix for RedHat Bug #1164304 ("Upstream unit tests loads the installed shared libraries instead the ones from the build") Roland Mainz 2015-05-22 16:28:26 +0200
  • 9997960299 * Thu May 14 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-0 - Update to krb5-1.13.2 - drop patch for krb5-1.13.2-CVE_2015_2694_requires_preauth_bypass_in_PKINIT_enabled_KDC, fixed in krb5-1.13.2 - drop patch for krb5-1.12.1-CVE_2014_5355_fix_krb5_read_message_handling, fixed in krb5-1.13.2 - Add script processing for upcoming Zanata l10n support - Minor spec cleanup Roland Mainz 2015-05-15 01:03:28 +0200
  • 3ae7a21305 * Thu May 14 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-0 - Update to krb5-1.13.2 - drop patch for krb5-1.13.2-CVE_2015_2694_requires_preauth_bypass_in_PKINIT_enabled_KDC, fixed in krb5-1.13.2 - drop patch for krb5-1.12.1-CVE_2014_5355_fix_krb5_read_message_handling, fixed in krb5-1.13.2 - Add script processing for upcoming Zanata l10n support - Minor spec cleanup Roland Mainz 2015-05-15 01:02:21 +0200
  • 1171aa60d0 * Mon May 4 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-4 - fix for CVE-2015-2694 (#1216133) "requires_preauth bypass in PKINIT-enabled KDC". In MIT krb5 1.12 and later, when the KDC is configured with PKINIT support, an unauthenticated remote attacker can bypass the requires_preauth flag on a client principal and obtain a ciphertext encrypted in the principal's long-term key. This ciphertext could be used to conduct an off-line dictionary attack against the user's password. resolves: #1216134 Roland Mainz 2015-05-06 01:15:00 +0200
  • 14a63ce373 * Wed Mar 25 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-3 - Add temporay workaround for RH bug #1204646 ("krb5-config returns wrong -specs path") which modifies krb5-config post build so that development of krb5 dependicies gets unstuck. This MUST be removed before rawhide becomes F23 ... Roland Mainz 2015-03-25 16:06:10 +0100
  • 1984e0ee1d * Thu Mar 19 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-2 - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" Roland Mainz 2015-03-20 13:24:47 +0100
  • 54e60b1162 * Thu Mar 19 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-2 - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" Roland Mainz 2015-03-20 13:23:20 +0100
  • 2a8abfedf0 * Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1 - Update to krb5-1.13.1 - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1 - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1 - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1 - Minor spec cleanup Roland Mainz 2015-02-13 18:07:12 +0100
  • e1dbd4ed12 * Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1 - Update to krb5-1.13.1 - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1 - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1 - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1 - Minor spec cleanup Roland Mainz 2015-02-13 17:58:34 +0100
  • 570cb5eeb3 * Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1 - Update to krb5-1.13.1 - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1 - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1 - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1 - Minor spec cleanup Roland Mainz 2015-02-13 17:40:35 +0100
  • 03981c354e * Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1 - Update to krb5-1.13.1 - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1 - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1 - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1 - Minor spec cleanup Roland Mainz 2015-02-13 17:35:10 +0100
  • c74e97faa9 * Wed Feb 4 2015 Roland Mainz <rmainz@redhat.com> - 1.13-8 - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)" Roland Mainz 2015-02-04 12:02:36 +0100
  • aad351ad29 * Wed Feb 4 2015 Roland Mainz <rmainz@redhat.com> - 1.13-7 - Remove "python-sphinx-latex" and "tar" from the build requirements to fix build failures on F22 machines. - Minor spec cleanup Roland Mainz 2015-02-04 11:47:44 +0100
  • 7188a346bd Support KDC_ERR_MORE_PREAUTH_DATA_REQUIRED (RT#8063) Nathaniel McCallum 2015-02-03 17:48:30 +0100
  • fb520967f9 * Mon Jan 26 2015 Roland Mainz <rmainz@redhat.com> - 1.13-5 - fix for kinit -C loops (#1184629, MIT/krb5 issue 243, "Do not loop on principal unknown errors"). - Added "python-sphinx-latex" to the build requirements to fix build failures on F22 machines. Roland Mainz 2015-01-26 18:38:55 +0100
  • 6baee3e656 * Thu Dec 19 2014 Roland Mainz <rmainz@redhat.com> - 1.13-4 - fix for CVE-2014-5354 (#1174546) "krb5: NULL pointer dereference when using keyless entries" Roland Mainz 2014-12-18 17:57:19 +0100
  • 8545575f69 * Wed Dec 17 2014 Roland Mainz <rmainz@redhat.com> - 1.13-3 - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" Roland Mainz 2014-12-17 12:06:33 +0100
  • a54d1f9ac9 * Wed Oct 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0 - Bump 1%%{?dist} to 2%%{?dist} to workaround RPM sort issue which would lead yum updates to treat the last alpha as newer than the final version. Roland Mainz 2014-10-29 22:25:13 +0100
  • eca7fd3d15 * Wed Oct 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0 - Update from krb5-1.13-alpha1 to final krb5-1.13 - Removed patch for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - now part of upstream sources - Use patch for glibc |eventfd()| prototype mismatch (#1147887) only for Fedora > 20 Roland Mainz 2014-10-29 21:48:06 +0100
  • 6a0c01a783 * Wed Oct 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0 - Update from krb5-1.13-alpha1 to final krb5-1.13 - Removed patch for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - now part of upstream sources - Use patch for glibc |eventfd()| prototype mismatch (#1147887) only for Fedora > 20 Roland Mainz 2014-10-29 21:48:06 +0100
  • 210ae0a2c1 * Tue Sep 30 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0.alpha1.3 - fix build failure caused by change of prototype for glibc |eventfd()| (#1147887) Roland Mainz 2014-09-30 12:09:28 +0200
  • c5c716d7e4 - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" (fix rpm spec file) Roland Mainz 2014-09-29 23:04:48 +0200
  • db753ab79b * Mon Sep 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0.alpha1.3 - fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" Roland Mainz 2014-09-29 20:49:37 +0200
  • 67988a74d0 Keep the license from being a dangling symlink Nalin Dahyabhai 2014-09-08 18:43:06 -0400
  • 56cd96f9bd Remove the -S flag from kprop.service Nalin Dahyabhai 2014-08-26 11:23:52 -0400
  • 8563ebea46 Updating to 1.13 alpha1 Nalin Dahyabhai 2014-08-22 13:39:24 -0400
  • c48fd0f0bc Pull in upstream fix for an mischecked strdup() Nalin Dahyabhai 2014-08-20 17:16:30 -0400
  • 9c7c7781c4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild Peter Robinson 2014-08-17 00:48:14 +0000
  • f3d3f13006 Upload 1.12.2 sources Nalin Dahyabhai 2014-08-15 15:20:08 -0400
  • 4f7f51121b drop patch for CVE-2014-4345, included in 1.12.2 Nalin Dahyabhai 2014-08-15 15:04:26 -0400
  • 7880fca0ad drop patch for CVE-2014-4344, included in 1.12.2 Nalin Dahyabhai 2014-08-15 15:02:04 -0400
  • b234a3d334 drop patch for CVE-2014-4343, included in 1.12.2 Nalin Dahyabhai 2014-08-15 15:01:01 -0400
  • 56235f0463 drop patches for CVE-2014-4341/CVE-2014-4342, included in 1.12.2 Nalin Dahyabhai 2014-08-15 14:59:36 -0400
  • 2184fad363 drop patch for RT#7926, fixed in 1.12.2 Nalin Dahyabhai 2014-08-15 14:56:39 -0400
  • 7041f914bd drop patch for RT#7924, fixed in 1.12.2 Nalin Dahyabhai 2014-08-15 14:52:23 -0400
  • 0bd95b4771 drop patch for RT#7858, fixed in 1.12.2 Nalin Dahyabhai 2014-08-15 14:50:08 -0400
  • b3f78cf0dc Update for 1.12.2 Nalin Dahyabhai 2014-08-15 14:43:47 -0400
  • d41320b7c1 drop patch for RT#7836, fixed in 1.12.2 Nalin Dahyabhai 2014-08-15 14:37:18 -0400
  • 1d44a8f927 drop patch for RT#7818, fixed in 1.12.2 Nalin Dahyabhai 2014-08-15 14:35:45 -0400
  • f543a683b0 Drop patch for #231147, fixed in 1.12.2 Nalin Dahyabhai 2014-08-15 14:13:21 -0400
  • e5a4698cf5 drop patch for RT#7820, merged in 1.12.2 Nalin Dahyabhai 2014-08-15 14:02:13 -0400
  • c042f71c80 Update collection cache patch set for ksu Nalin Dahyabhai 2014-08-15 13:55:48 -0400
  • b324000e34 fix MITKRB5-SA-2014-001 (CVE-2014-4345) Nalin Dahyabhai 2014-08-07 19:25:49 -0400
  • 38595f5338 Add patch for CVE-2014-4344 Nalin Dahyabhai 2014-07-21 17:51:10 -0400
  • 24f7f1a446 Update to upstream patch Nalin Dahyabhai 2014-07-21 17:18:33 -0400
  • 9594be4f3a Add proposed fix for a double-free in gss clients Nalin Dahyabhai 2014-07-16 15:14:38 -0400
  • 79897b3c5d fix license handling Tom Callaway 2014-07-12 18:45:11 -0400
  • e2bc024559 Pull in fix for CVE-2014-4341/CVE-2014-4342 Nalin Dahyabhai 2014-07-07 17:56:12 -0400
  • 40e2189ede Backport support for scanning /etc/gss/mech.d/*.conf Nalin Dahyabhai 2014-06-24 16:47:17 -0400
  • 47d56d9162 Fix FTBFS #1107061 using a patch from upstream Nalin Dahyabhai 2014-06-12 16:23:15 -0400
  • 790a56ba59 Add a buildrequires: on texlive-pdftex Nalin Dahyabhai 2014-03-24 16:57:05 -0400
  • dd2e1e4398 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild Dennis Gilmore 2014-06-07 22:22:03 -0500
  • 44d0e80df0 Backport fix for change password requests when using FAST (RT#7868) Nathaniel McCallum 2014-03-04 11:22:42 -0500
  • 2550f0f56b Backport fix for RT#7858 Nalin Dahyabhai 2014-02-17 21:06:07 -0500
  • c0d64aa79f Note that "runstatedir" changes are also #1040056 Nalin Dahyabhai 2014-02-10 14:17:15 -0500
  • bdb8c58c53 Move the default directory for OTP sockets to /var/run/krb5kdc Nalin Dahyabhai 2014-02-07 16:13:29 -0500
  • 99444865b1 Add those proposed patches Nalin Dahyabhai 2014-02-05 14:53:25 -0500
  • 419c14d6ac Pull from the right wrapper branches Nalin Dahyabhai 2014-02-04 15:31:21 -0500
  • 956ccfdfb4 refresh nss_wrapper, add socket_wrapper Nalin Dahyabhai 2014-01-31 16:54:08 -0500
  • 5c7bab5883 Take x bit off of an html doc file, fix whitespace Nalin Dahyabhai 2014-01-31 16:50:21 -0500
  • 9b18d26ce3 Add proposed ksu KEYRING+default_ccache_name patch Nalin Dahyabhai 2014-01-31 16:48:40 -0500
  • 2eb0567065 Backport changes to allow "rcache" credstores Nalin Dahyabhai 2014-01-21 18:52:57 -0500
  • 79cf8c599f Pull this patch from master, instead Nalin Dahyabhai 2014-01-17 11:47:53 -0500
  • ca47c3ce74 Finish updating to 1.12.1 Nalin Dahyabhai 2014-01-17 11:08:51 -0500
  • 792d78fa47 Backport fixes for timesync with keyring caches Nalin Dahyabhai 2014-01-17 10:58:19 -0500
  • 4dec248a05 Drop obsolete patches Nalin Dahyabhai 2014-01-17 10:55:16 -0500
  • 8ae5258eb3 Drop obsolete patch Nalin Dahyabhai 2014-01-17 10:48:08 -0500
  • 29afef6c24 Drop obsolete patch Nalin Dahyabhai 2014-01-17 10:47:01 -0500
  • 007e77a2b3 Drop obsolete patch Nalin Dahyabhai 2014-01-17 10:17:19 -0500
  • 6a8573e3af Drop obsolete patch Nalin Dahyabhai 2014-01-17 10:08:58 -0500
  • 0b6ebaab00 Drop obsolete patch Nalin Dahyabhai 2014-01-17 09:59:39 -0500
  • 6265fcabf5 Drop obsolete patch Nalin Dahyabhai 2014-01-17 09:58:40 -0500
  • aef7c262b1 Update the textrel patch for x86 Nalin Dahyabhai 2014-01-13 11:40:31 -0500
  • 8fe7e82068 Note why we started saving ebx Nalin Dahyabhai 2014-01-09 13:20:22 -0500
  • 6e03c5ada1 Link shared libs using -Wl,--warn-shared-textrel Nalin Dahyabhai 2014-01-09 13:13:30 -0500
  • 5de1fa728f bump release for a new build Nalin Dahyabhai 2014-01-09 11:03:45 -0500
  • 8a1df153c6 Save/restore ebx in functions where we modify it Nalin Dahyabhai 2014-01-09 11:02:26 -0500
  • 75edc7c7ca Try to remove execmod from 32-bit AES-NI k5crypto Nalin Dahyabhai 2014-01-06 18:53:03 -0500
  • 05c4140d32 Switch to as-committed version Nalin Dahyabhai 2014-01-06 15:58:20 -0500
  • 480b9efaa3 Add Dhiru Kholia's patch to restore noexecstack Nalin Dahyabhai 2014-01-02 23:43:55 -0500
  • 13df2d5386 Remove the BuildRequires: on yasm for now Nalin Dahyabhai 2014-01-02 17:08:52 -0500
  • 911b9e932d Add the buildrequires: for AES-NI support Nalin Dahyabhai 2013-12-19 13:07:54 -0500
  • e1cb527238 Pull in fix to improve SPNEGO error messages Nalin Dahyabhai 2013-12-19 11:52:30 -0500
  • 45d93c6d1c Enable pyrad-based tests Nalin Dahyabhai 2013-12-19 11:16:19 -0500
  • 9f2cb9776b For completeness, also initialize an unused field Nalin Dahyabhai 2013-12-18 18:00:28 -0500
  • 82c5b9f9b2 Backport fixes for krb5_copy_context Nalin Dahyabhai 2013-12-18 17:38:54 -0500
  • 2550a37b4f Pull in a fix for a mem leak from master (RT#7805) Nalin Dahyabhai 2013-12-18 14:33:23 -0500
  • 460d74d224 Pull in a fix for a mem leak from master (RT#7803) Nalin Dahyabhai 2013-12-18 14:23:21 -0500
  • 39888b7c42 Pick up another interop fix from master (RT#7797) Nalin Dahyabhai 2013-12-18 14:22:24 -0500
  • 735b73ebbb Pick up an interop fix from master (RT#7794) Nalin Dahyabhai 2013-12-18 14:20:57 -0500