diff options
author | Greg Hudson <ghudson@mit.edu> | 2019-01-07 12:15:49 -0500 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2019-01-07 12:15:49 -0500 |
commit | d5e774784fa1b1452ccc4b23b286c409e7e1a385 (patch) | |
tree | b5b2267b49b33d117dccc4f869cc592daef9e9c7 /README | |
parent | 339c8a45dc6cc3df39c887b3ce561000122c93a9 (diff) | |
download | krb5-d5e774784fa1b1452ccc4b23b286c409e7e1a385.zip krb5-d5e774784fa1b1452ccc4b23b286c409e7e1a385.tar.gz krb5-d5e774784fa1b1452ccc4b23b286c409e7e1a385.tar.bz2 |
Update for krb5-1.16.3krb5-1.16.3-final
Diffstat (limited to 'README')
-rw-r--r-- | README | 25 |
1 files changed, 25 insertions, 0 deletions
@@ -73,6 +73,30 @@ from using single-DES cryptosystems. Among these is a configuration variable that enables "weak" enctypes, which defaults to "false" beginning with krb5-1.8. +Major changes in 1.16.3 (2019-01-07) +------------------------------------ + +This is a bug fix release. + +* Fix a regression in the MEMORY credential cache type which could + cause client programs to crash. + +* MEMORY credential caches will not be listed in the global + collection, with the exception of the default credential cache if it + is of type MEMORY. + +* Remove an incorrect assertion in the KDC which could be used to + cause a crash [CVE-2018-20217]. + +krb5-1.16.3 changes by ticket ID +-------------------------------- + +8720 Don't include all MEMORY ccaches in collection +8767 Remove incorrect KDC assertion +8768 Fix double-close in ksu get_authorized_princ_names +8771 Memory ccache regression in 1.15.4, 1.16.2 + + Major changes in 1.16.2 (2018-11-01) ------------------------------------ @@ -529,6 +553,7 @@ reports, suggestions, and valuable resources: Sorin Manolache Andrei Maslennikov Michael Mattioli + Andreas Maus Nathaniel McCallum Greg McClement Cameron Meadors |