Opened 3 years ago

Closed 3 years ago

#10738 closed enhancement (fixed)

krb5-1.16.1

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: normal Milestone: 8.3
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by Bruce Dubbs, 3 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 3 years ago

This is a bug fix release.

  • Fix flaws in LDAP DN checking, including a null dereference KDC crash which could be triggered by kadmin clients with administrative privileges [CVE-2018-5729, CVE-2018-5730].
  • Fix a KDC PKINIT memory leak.
  • Fix a small KDC memory leak on transited or authdata errors when processing TGS requests.
  • Fix a regression in pkinit_cert_match matching of client certificates containing Microsoft UPN SANs.
  • Fix a null dereference when the KDC sends a large TGS reply.
  • Fix "kdestroy -A" with the KCM credential cache type.
  • Allow validation of Microsoft PACs containing enterprise names.
  • Fix the handling of capaths "." values.
  • Fix handling of repeated subsection specifications in profile files (such as when multiple included files specify relations in the same subsection).

comment:3 by Bruce Dubbs, 3 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 20183.

Note: See TracTickets for help on using tickets.