diff options
author | Tom Yu <tlyu@mit.edu> | 2012-06-20 14:27:54 -0400 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2012-06-20 14:27:54 -0400 |
commit | 4480b5ec7aa6c838706724a071a22f98b066990b (patch) | |
tree | 9b8b1e508fce434d4eafc4630fb2d20b65ce270a | |
parent | 3775e8eebf123030f7b331343ed1f243fe1ebb35 (diff) | |
download | krb5-4480b5ec7aa6c838706724a071a22f98b066990b.zip krb5-4480b5ec7aa6c838706724a071a22f98b066990b.tar.gz krb5-4480b5ec7aa6c838706724a071a22f98b066990b.tar.bz2 |
Update README and patchlevel.h for krb5-1.9.4krb5-1.9.4-final
-rw-r--r-- | README | 31 | ||||
-rw-r--r-- | src/patchlevel.h | 6 |
2 files changed, 34 insertions, 3 deletions
@@ -70,6 +70,37 @@ from using single-DES cryptosystems. Among these is a configuration variable that enables "weak" enctypes, which defaults to "false" beginning with krb5-1.8. + +Major changes in 1.9.4 +---------------------- + +This is a bugfix release. + +* Fix interop issues with Windows Server 2008 R2 Read-Only Domain + Controllers. + +* Work around a glibc bug that causes spurious DNS PTR queries to + occur even when rdns = false. + +* Fix a kadmind denial of service issue (null pointer dereference), + which could only be triggered by an administrator with the "create" + privilege. [CVE-2012-1013] + +krb5-1.9.4 changes by ticket ID +------------------------------- + +7101 workaround for Solaris 8 lacking isblank +7102 kvno ASN.1 encoding interop with Windows RODCs +7103 Fix KDB iteration when callback does write calls +7104 Fix spurious password expiry warning +7142 Use correct name-type in TGS-REQs for 2008R2 RODCs +7156 Try all history keys to decrypt password history +7164 Work around glibc getaddrinfo PTR lookups +7165 Make password change work without default realm +7168 Null pointer deref in kadmind [CVE-2012-1013] +7169 Export krb5_set_trace_callback/filename +7170 Export gss_mech_krb5_wrong from libgssapi_krb5 + Major changes in 1.9.3 ---------------------- diff --git a/src/patchlevel.h b/src/patchlevel.h index 4b4e6e4..abd146b 100644 --- a/src/patchlevel.h +++ b/src/patchlevel.h @@ -52,7 +52,7 @@ */ #define KRB5_MAJOR_RELEASE 1 #define KRB5_MINOR_RELEASE 9 -#define KRB5_PATCHLEVEL 3 -#define KRB5_RELTAIL "postrelease" +#define KRB5_PATCHLEVEL 4 +/* #undef KRB5_RELTAIL */ /* #undef KRB5_RELDATE */ -#define KRB5_RELTAG "krb5-1.9" +#define KRB5_RELTAG "krb5-1.9.4-final" |