diff options
Diffstat (limited to 'README')
-rw-r--r-- | README | 30 |
1 files changed, 30 insertions, 0 deletions
@@ -70,6 +70,36 @@ from using single-DES cryptosystems. Among these is a configuration variable that enables "weak" enctypes, which defaults to "false" beginning with krb5-1.8. +Major changes in 1.10.2 +----------------------- + +This is a bugfix release. + +* Fix an interop issue with Windows Server 2008 R2 Read-Only Domain + Controllers. + +* Update a workaround for a glibc bug that would cause DNS PTR queries + to occur even when rdns = false. + +* Fix a kadmind denial of service issue (null pointer dereference), + which could only be triggered by an administrator with the "create" + privilege. [CVE-2012-1013] + +krb5-1.10.2 changes by ticket ID +-------------------------------- + +7095 Build system uses @localedir@ without requiring autoconf 2.60 +7099 Decrypting history key entries can fail after 1.8 upgrade +7119 Preauth fails for second AS request in a krb5 context +7120 Use correct name-type in TGS-REQs for 2008R2 RODCs +7124 krb5_sname_to_principal canonicalization should work with + IPv6-only hosts +7127 Can't change password without default_realm +7136 S4U2Self using kvno broken in 1.10.1, but not in 1-9.3 +7143 krb5_set_trace_filename not exported +7148 Export gss_mech_krb5_wrong from libgssapi_krb5 +7152 Null pointer deref in kadmind [CVE-2012-1013] + Major changes in 1.10.1 ----------------------- |