summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* - apply upstream patch to fix a null pointer dereference with the LDAP kdb ↵krb5-1.9.1-18.fc17Nalin Dahyabhai2011-10-182-1/+84
| | | | backend (CVE-2011-1527, #744125), an assertion failure with multiple kdb backends (CVE-2011-1528), and a null pointer dereference with multiple kdb backends (CVE-2011-1529) (#737711)
* - pull in patch from trunk to rename krb5int_pac_sign() to krb5_pac_sign() andkrb5-1.9.1-17.fc17Nalin Dahyabhai2011-10-132-1/+157
| | | | make it public (#745533)
* - handle a harder-to-trigger assertion failure that starts cropping up when wekrb5-1.9.1-16.fc17Nalin Dahyabhai2011-10-072-1/+23
| | | | exit the transmit loop on time (#739853)
* - kadmin.service: fix #723723 againNalin Dahyabhai2011-10-076-13/+19
| | | | | | | | - kadmin.service,krb5kdc.service: remove optional use of $KRB5REALM in command lines, because systemd parsing doesn't handle alternate value shell variable syntax - kprop.service: add missing Type=forking so that systemd doesn't assume simple - kprop.service: expect the ACL configuration to be there, not absent
* hardcode pid file path as option to krb5kdc.serviceTom "spot" Callaway2011-10-022-2/+5
|
* fix typoTom "spot" Callaway2011-09-302-2/+5
|
* convert to systemdTom "spot" Callaway2011-09-194-29/+93
|
* - pull in upstream patch for RT#6952, confusion following referrals for ↵krb5-1.9.1-12.fc17krb5-1.9.1-12.fc16Nalin Dahyabhai2011-09-062-2/+27
| | | | cross-realm auth (#734341)
* - switch to the upstream patch for #727829krb5-1.9.1-11.fc17Nalin Dahyabhai2011-09-012-11/+25
|
* - bump the release numberkrb5-1.9.1-10.fc17krb5-1.9.1-10.fc16Nalin Dahyabhai2011-08-311-1/+1
|
* - handle an assertion failure that starts cropping up when the patch for ↵Nalin Dahyabhai2011-08-312-0/+18
| | | | using poll (#701446) meets servers that aren't running KDCs or against which the connection fails for other reasons (#727829, #734172)
* - override the default build rules to not delete temporary y.tab.c files,krb5-1.9.1-9.fc17Nalin Dahyabhai2011-08-082-1/+34
| | | | | so that they can be packaged, allowing debuginfo files which point to them do so usefully (#729044)
* - pull in a patch to fix losing track of the replay cache FD, from SVN by ↵krb5-1.9.1-8.fc16Nalin Dahyabhai2011-07-222-0/+31
| | | | way of Kevin Coffman
* - build shared libraries with partial RELRO support (#723995)Nalin Dahyabhai2011-07-222-11/+26
| | | | | - filter out potentially multiple instances of -Wl,-z,relro from krb5-config output, now that it's in the buildroot's default LDFLAGS
* - prune 1.9 sourcesNalin Dahyabhai2011-07-221-3/+0
|
* - kadmind.init: drop the attempt to detect no-database-present errors (#723723)Nalin Dahyabhai2011-07-202-9/+4
|
* - backport RT#6905: use poll() so that we can use higher descriptor numbers ↵Nalin Dahyabhai2011-07-192-1/+633
| | | | when the client is talking to a KDC
* - have a bug number for this nowNalin Dahyabhai2011-06-281-1/+1
|
* - pull a fix from SVN to use AI_ADDRCONFIG more often (RT#6923)krb5-1.9.1-5.fc16Nalin Dahyabhai2011-06-232-1/+124
|
* - pull a fix from SVN to try to avoid triggering a PTR lookup in getaddrinfo()Nalin Dahyabhai2011-06-232-0/+38
| | | | | | during krb5_sname_to_principal(), and to let getaddrinfo() decide whether or not to ask for an IPv6 address based on the set of configured interfaces (RT#6922)
* - fix that bug IDNalin Dahyabhai2011-06-211-1/+1
|
* - apply upstream patch by way of Burt Holzman to fall back to a non-referralkrb5-1.9.1-4.fc16Nalin Dahyabhai2011-06-202-1/+67
| | | | | method in cases where we might be derailed by a KDC that rejects the canonicalize option (for example, those from the RHEL 2.1 or 3 era) (#713518)
* - don't burn a release numberkrb5-1.9.1-3.fc16Nalin Dahyabhai2011-06-141-2/+2
|
* - pull a fix from SVN to get libgssrpc clients (e.g. kadmin) authenticatingNalin Dahyabhai2011-06-142-0/+45
| | | | using the old protocol over IPv4 again (RT#6920)
* - incorporate a fix to teach the file labeling bits about when replay caches ↵Nalin Dahyabhai2011-06-142-7/+59
| | | | are expunged (#576093)
* switch to the upstream patch for #707145Nalin Dahyabhai2011-05-262-8/+26
|
* klist: don't trip over referral entries when invoked with -s (#707145, RT#6915)krb5-1.9.1-2.fc16Nalin Dahyabhai2011-05-252-1/+21
|
* - fixup URL in a commentNalin Dahyabhai2011-05-061-2/+6
| | | | - when built with NSS, require 3.12.10 rather than 3.12.9
* - update to 1.9.1:krb5-1.9.1-1.fc16Nalin Dahyabhai2011-05-057-208/+14
| | | | | - drop no-longer-needed patches for CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, CVE-2011-0283, CVE-2011-0284, CVE-2011-0285
* add the bug ID for that last fixNalin Dahyabhai2011-04-131-2/+2
|
* - kadmind: add upstream patch to fix free() on an invalid pointer ↵krb5-1.9-9.fc16Nalin Dahyabhai2011-04-132-1/+46
| | | | (MITKRB5-SA-2011-004, CVE-2011-0285)
* - don't discard the error code from an error message received in responseNalin Dahyabhai2011-04-042-0/+30
| | | | to a change-password request (#658871, RT#6893)
* - override INSTALL_SETUID at build-time so that ksu is installed intoNalin Dahyabhai2011-04-012-0/+16
| | | | the buildroot with the right permissions (part of #225974)
* - backport change from SVN to fix a computed-value-not-used warning inNalin Dahyabhai2011-03-182-1/+20
| | | | kpropd (#684065)
* - turn off NSS as the backend for libk5crypto for now to work around itskrb5-1.9-7.fc16Nalin Dahyabhai2011-03-152-2/+23
| | | | | | DES string2key not working (#679012) - add revised upstream patch to fix double-free in KDC while returning typed-data with errors (CVE-2011-0284, #674325)
* - throw in a not-applied-by-default patch to try to make pkinit debugging ↵Nalin Dahyabhai2011-02-172-0/+105
| | | | into a run-time boolean option named "pkinit_debug"
* turn on NSS as the backend for libk5crypto, adding nss-devel as a build ↵krb5-1.9-6.fc16Nalin Dahyabhai2011-02-161-2/+9
| | | | dependency when that switch is flipped
* - krb5kdc init script: prototype some changes to do a quick spot-checkkrb5-1.9-5.fc15Nalin Dahyabhai2011-02-093-1/+210
| | | | | of the TGS and kadmind keys and warn if there aren't any non-weak keys on file for them (to flush out parts of #651466)
* reference the raw hide bug ID for CVE-2011-0283 in the changelogNalin Dahyabhai2011-02-081-1/+1
|
* - add upstream patches to fix standalone kpropd exiting if the per-clientkrb5-1.9-4.fc15Nalin Dahyabhai2011-02-083-1/+157
| | | | | | | child process exits with an error (MITKRB5-SA-2011-001), a hang or crash in the KDC when using the LDAP kdb backend, and an uninitialized pointer use in the KDC (MITKRB5-SA-2011-002) (CVE-2010-4022, #664009, CVE-2011-0281, #668719, CVE-2011-0282, #668726, CVE-2011-0283, #670567)
* - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_RebuildDennis Gilmore2011-02-071-1/+4
|
* fix a compile error in the SELinux labeling patch when -DDEBUG is used ↵Nalin Dahyabhai2011-02-072-3/+7
| | | | (Sumit Bose)
* - properly advertise that the kpropd init script now supports force-reload ↵Nalin Dahyabhai2011-02-012-1/+5
| | | | (Zbysek Mraz #630587)
* - pkinit: when verifying signed data, use the CMS APIs for better ↵Nalin Dahyabhai2011-01-262-1/+297
| | | | interoperability (#636985, RT#6851)
* update to 1.9 finalkrb5-1.9-1.fc15Nalin Dahyabhai2010-12-223-9/+15
|
* - fix link flags and permissions on shared libraries (ausil)Nalin Dahyabhai2010-12-202-11/+15
|
* - fix link flags and permissions on shared libraries (ausil)Nalin Dahyabhai2010-12-201-0/+0
|
* - update to 1.9 beta 3Nalin Dahyabhai2010-12-162-7/+9
|
* - update to 1.9 beta 3Nalin Dahyabhai2010-12-162-2/+6
|
* Merge branch 'master-f15-1.9' of ssh://pkgs.fedoraproject.org/krb5 into ↵Nalin Dahyabhai2010-12-060-0/+0
|\ | | | | | | | | | | | | | | master-f15-1.9 Conflicts: krb5.spec sources
generated by cgit (git 2.34.1) at 2024-11-16 08:59:52 +0000