krb5-1.14 (MIT Kerberos V5-1.14)

[Fernando de Oliveira]

Security Update

[CVE-2015-2695], [CVE-2015-2696], [CVE-2015-2698], and [CVE-2015-2697]

Apparently, they decided to separate the source code and signature, although the release page is messed up, giving

Kerberos V5 Release 1.14 - current release (2015-11-20)

For more information, please see the krb5-1.14 release page

  • krb5-1.14.tar.gz, source code, 11968k.
  • krb5-1.14.tar.gz.asc, PGP signature, 1k.
  • krb5-appl-1.0.3-signed.tar, source code, 620K

Notice the signed.tar version... Even with this minor problem, I prefer this kind of distribution.

​http://web.mit.edu/kerberos/dist/krb5/1.14/krb5-1.14.tar.gz

​http://web.mit.edu/kerberos/dist/krb5/1.14/krb5-1.14.tar.gz.asc

​http://web.mit.edu/kerberos/krb5-1.14/krb5-1.14.html#announcement

or

​http://web.mit.edu/kerberos/krb5-1.14/README-1.14.txt

Major changes in 1.14 (2015-11-20)
----------------------------------

Administrator experience:

• Add a new kdb5_util tabdump command to provide reporting-friendly
  tabular dump formats (tab-separated or CSV) for the KDC database.
  Unlike the normal dump format, each output table has a fixed number
  of fields.  Some tables include human-readable forms of data that
  are opaque in ordinary dump files.  This format is also suitable for
  importing into relational databases for complex queries.

• Add support to kadmin and kadmin.local for specifying a single
  command line following any global options, where the command
  arguments are split by the shell--for example, "kadmin getprinc
  principalname".  Commands issued this way do not prompt for
  confirmation or display warning messages, and exit with non-zero
  status if the operation fails.

• Accept the same principal flag names in kadmin as we do for the
  default_principal_flags kdc.conf variable, and vice versa.  Also
  accept flag specifiers in the form that kadmin prints, as well as
  hexadecimal numbers.

• Remove the triple-DES and RC4 encryption types from the default
  value of supported_enctypes, which determines the default key and
  salt types for new password-derived keys.  By default, keys will
  only created only for AES128 and AES256.  This mitigates some types
  of password guessing attacks.

• Add support for directory names in the KRB5_CONFIG and
  KRB5_KDC_PROFILE environment variables.

• Add support for authentication indicators, which are ticket
  annotations to indicate the strength of the initial authentication.
  Add support for the "require_auth" string attribute, which can be
  set on server principal entries to require an indicator when
  authenticating to the server.

• Add support for key version numbers larger than 255 in keytab files,
  and for version numbers up to 65535 in KDC databases.

• Transmit only one ETYPE-INFO and/or ETYPE-INFO2 entry from the KDC
  during pre-authentication, corresponding to the client's most
  preferred encryption type.

• Add support for server name identification (SNI) when proxying KDC
  requests over HTTPS.

• Add support for the err_fmt profile parameter, which can be used to
  generate custom-formatted error messages.

Code quality:

• Fix memory aliasing issues in SPNEGO and IAKERB mechanisms that
  could cause server crashes. [CVE-2015-2695] [CVE-2015-2696]
  [CVE-2015-2698]

• Fix build_principal memory bug that could cause a KDC
  crash. [CVE-2015-2697]

Developer experience:

• Change gss_acquire_cred_with_password() to acquire credentials into
  a private memory credential cache.  Applications can use
  gss_store_cred() to make the resulting credentials visible to other
  processes.

• Change gss_acquire_cred() and SPNEGO not to acquire credentials for
  IAKERB or for non-standard variants of the krb5 mechanism OID unless
  explicitly requested.  (SPNEGO will still accept the Microsoft
  variant of the krb5 mechanism OID during negotiation.)

• Change gss_accept_sec_context() not to accept tokens for IAKERB or
  for non-standard variants of the krb5 mechanism OID unless an
  acceptor credential is acquired for those mechanisms.

• Change gss_acquire_cred() to immediately resolve credentials if the
  time_rec parameter is not NULL, so that a correct expiration time
  can be returned.  Normally credential resolution is delayed until
  the target name is known.

• Add krb5_prepend_error_message() and krb5_wrap_error_message() APIs,
  which can be used by plugin modules or applications to add prefixes
  to existing detailed error messages.

• Add krb5_c_prfplus() and krb5_c_derive_prfplus() APIs, which
  implement the RFC 6113 PRF+ operation and key derivation using PRF+.

• Add support for pre-authentication mechanisms which use multiple
  round trips, using the the KDC_ERR_MORE_PREAUTH_DATA_REQUIRED error
  code.  Add get_cookie() and set_cookie() callbacks to the kdcpreauth
  interface; these callbacks can be used to save marshalled state
  information in an encrypted cookie for the next request.

• Add a client_key() callback to the kdcpreauth interface to retrieve
  the chosen client key, corresponding to the ETYPE-INFO2 entry sent
  by the KDC.

• Add an add_auth_indicator() callback to the kdcpreauth interface,
  allowing pre-authentication modules to assert authentication
  indicators.

• Add support for the GSS_KRB5_CRED_NO_CI_FLAGS_X cred option to
  suppress sending the confidentiality and integrity flags in GSS
  initiator tokens unless they are requested by the caller.  These
  flags control the negotiated SASL security layer for the Microsoft
  GSS-SPNEGO SASL mechanism.

• Make the FILE credential cache implementation less prone to
  corruption issues in multi-threaded programs, especially on
  platforms with support for open file description locks.

Performance:

• On slave KDCs, poll the master KDC immediately after processing a
  full resync, and do not require two full resyncs after the master
  KDC's log file is reset.

User experience:

• Make gss_accept_sec_context() accept tickets near their expiration
  but within clock skew tolerances, rather than rejecting them
  immediately after the server's view of the ticket expiration time.


krb5-1.14 changes by ticket ID
------------------------------

• 6938    krb5 and ldap signed traffic
• 7532    Improve support for large kvnos
• 7790    Make cross-realm S4U2Self work
• 7804    Can't write to file ccache with OPENCLOSE unset
• 7903    Remove des3 and arcfour from supported_enctypes
• 7991    kadmin should have a script-friendly mode
• 8002    Fix KCM ccache per-type cursor
• 8021    SPNEGO clients should not try IAKERB by default
• 8022    klist -s only looks for TGTs
• 8023    Use OFD locks where available
• 8025    krb5 gss_inquire_context doesn't work with partially
  established context
• 8026    Use stdio reads, O_APPEND writes in FILE ccache
• 8027    Client RPC timeout during kadmin listprincs command
• 8030    Add support for directories in profile paths
• 8046    Add new error message wrapping APIs
• 8047    Add err_fmt profile parameter
• 8048    Remove ksu -D flag documentation
• 8052    Include file ccache name in error messages
• 8062    Fix const correctness on krb5_c_fx_cf2_simple()
• 8063    Support KDC_ERR_MORE_PREAUTH_DATA_REQUIRED
• 8123    Check timestamp in PKINIT kdcpreauth module
• 8124    Use preauth timestamp in PKINIT clpreauth module
• 8139    SIGNTICKET creation and verification doesn't always use the
  right key
• 8152    gss_acquire_cred_with_password() ignores expired creds
• 8157    Authentication indicator support
• 8161    kpropd -t (runonce) doesn't work for full dumps
• 8163    python test issues
• 8164    Avoid unnecessary iprop full resyncs after resets
• 8171    kadm5_hook does not have rename method
• 8198    Support SNI in MS-KKDCP client
• 8199    Only include one key in etype-info
• 8200    Add client_keyblock kdcpreauth callback
• 8213    Policy extensions in 1.11 break iprop dump compatibility
• 8215    Unify KDB principal flag specifiers
• 8217    Limit use of deprecated krb5 mech OIDs
• 8219    Conditionalize iprop stderr output in kadmind
• 8221    Fail during configure if stdint.h missing
• 8224    Add KDC_ERR_PREAUTH_EXPIRED support
• 8225    Improve krb5_cccol_have_content() error messages
• 8227    Allow missing authenticator checksum with GSSAPI
• 8228    Add krb5_c_prfplus() and krb5_c_derive_prfplus()
• 8233    Add secure cookie support
• 8234    Add etype-info2 to MORE_PREAUTH_DATA_REQUIRED
• 8235    Resolve krb5 GSS creds if time_rec is requested
• 8236    Update SPNEGO hintName value to current spec
• 8242    Improve PKINIT OpenSSL error reporting
• 8243    Add tabular dump capability to kdb5_util
• 8244    SPNEGO and IAKERB context aliasing bugs
  [CVE-2015-2695][CVE-2015-2696]
• 8245    kerberos.ldif file has malformed entries
• 8246    Fix error mappings for IOV MIC mechglue funcs
• 8251    Fix kadmin with e2fsprogs libss
• 8252    Fix build_principal memory bug [CVE-2015-2697]
• 8253    Fix minor utf8-to-ucs2s read overrun bug
• 8254    use appropriate default for krb5_cv_sys_rcdir when
  cross-compiling
• 8255    Define error status GSS_S_BAD_MIC
• 8256    Fix typo in GSS_S_UNAUTHORIZED error message
• 8257    Fix gss_inquire_names_for_mech() on MS krb5 mech
• 8258    Correct GSS major code for non-default QOP values
• 8259    Check output params on GSS OID set functions
• 8260    Fix gss_store_cred() minor code on acceptor cred
• 8262    Set plugin_base_dir for kadmin tests
• 8264    kdb_check test target uses installed message catalog
• 8266    Installed krb5.conf files can affect test suite
• 8267    unsetenv() returns void
• 8268    krb5 gss_accept_sec_context() does not allow clock skew
• 8269    Accept new passwords as const char pointers
• 8271    Zap secure cookie contents when freeing
• 8273    Fix IAKERB context export/import [CVE-2015-2698]

[Fernando de Oliveira]

Fixed at r16679.