diff options
author | Tom Yu <tlyu@mit.edu> | 2013-11-06 15:19:47 -0500 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2013-11-06 15:19:47 -0500 |
commit | 9ffcd7c7e0394afa6045c982585387b2cd4cae7b (patch) | |
tree | 14ebfe962c799fc9bfaf807733254bcbeb1421c6 | |
parent | f62f5bb7347c1be9282756b8d4122a28ba10527f (diff) | |
download | krb5-krb5-1.10.7-final.zip krb5-krb5-1.10.7-final.tar.gz krb5-krb5-1.10.7-final.tar.bz2 |
Updates for krb5-1.10.7krb5-1.10.7-final
-rw-r--r-- | README | 27 | ||||
-rw-r--r-- | src/patchlevel.h | 6 |
2 files changed, 30 insertions, 3 deletions
@@ -70,6 +70,33 @@ from using single-DES cryptosystems. Among these is a configuration variable that enables "weak" enctypes, which defaults to "false" beginning with krb5-1.8. +Major changes in krb5-1.10.7 (2013-11-06) +----------------------------------------- + +This is a bugfix release. The krb5-1.10 release series is in +maintenance, and for new deployments, installers should prefer the +krb5-1.11 release series or later. + +* Fix a KDC locking issue that could lead to the KDC process holding a + persistent lock, preventing administrative actions such as password + changes. + +* Fix a number of bugs related to KDC master key rollover. + +* Fix a KDC null pointer dereference [CVE-2013-1418] that could affect + KDCs that serve multiple realms. + +krb5-1.10.7 changes by ticket ID +-------------------------------- + +7675 Fix lock inconsistency in ctx_unlock() +7725 Change KRB5KDC_ERR_NO_ACCEPTABLE_KDF to 100 +7744 Fix typos in kdb5_util master key command outputs +7745 Correctly activate master keys in pre-1.7 KDBs +7749 Fix decoding of mkey kvno in mkey_aux tl-data +7750 Improve LDAP KDB initialization error messages +7757 Multi-realm KDC null deref [CVE-2013-1418] + Major changes in krb5-1.10.6 (2013-06-05) ----------------------------------------- diff --git a/src/patchlevel.h b/src/patchlevel.h index f5d44de..02cb1f1 100644 --- a/src/patchlevel.h +++ b/src/patchlevel.h @@ -51,7 +51,7 @@ */ #define KRB5_MAJOR_RELEASE 1 #define KRB5_MINOR_RELEASE 10 -#define KRB5_PATCHLEVEL 6 -#define KRB5_RELTAIL "postrelease" +#define KRB5_PATCHLEVEL 7 +/* #undef KRB5_RELTAIL */ /* #undef KRB5_RELDATE */ -#define KRB5_RELTAG "krb5-1.10" +#define KRB5_RELTAG "krb5-1.10.7-final" |