krb5.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	Miscalaneous spec fixes.	Robbie Harwood (frozencemetery)	2015-09-11	1	-25/+16
\| \| \| \| \|	Remove dependency on systemd-sysv which is no longer needed for fedora > 20. Other fixes as needed to resolve a fail-to-build issue.
*	Bump minor release	Robbie Harwood (frozencemetery)	2015-09-10	1	-1/+1
\|
*	Support config snippets in /etc/krb5.conf.d/ and /usr/share/krb5.conf.d/	Robbie Harwood (frozencemetery)	2015-09-10	2	-0/+13
\| \| \| \|	Resolves: rhbz#1225792, rhbz#1146370, rhbz#1145808
*	* Thu Jun 25 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-6	Roland Mainz	2015-06-26	3	-65/+13
\| \| \| \| \|	- Use system nss_wrapper and socket_wrapper for testing. Patch by Andreas Schneider <asn@redhat.com>
*	* Thu Jun 25 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-5	Roland Mainz	2015-06-25	2	-18/+6
\| \| \| \| \| \|	- Remove Zanata test glue and related workarounds - Bug #1234292 ("IPA server cannot be run in container due to incorrect /usr/sbin/_kadmind") - Bug #1234326 ("krb5-server introduces new rpm dependency on ksh")
*	* Thu Jun 18 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-4	Roland Mainz	2015-06-19	2	-1/+11
\| \| \| \|	- Fix dependicy on binfmt.service
*	- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild	Dennis Gilmore	2015-06-17	1	-1/+4
\|
*	* Tue Jun 2 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-2	Roland Mainz	2015-06-03	2	-2/+41
\| \| \| \| \| \|	- Add patch to fix Redhat Bug #1227542 ("[SELinux] AVC denials may appear when kadmind starts"). The issue was caused by an unneeded \|htons()\| which triggered SELinux AVC denials due to the "random" port usage.
*	* Thu May 21 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-1	Roland Mainz	2015-05-22	2	-1/+103
\| \| \| \| \|	- Add fix for RedHat Bug #1164304 ("Upstream unit tests loads the installed shared libraries instead the ones from the build")
*	* Thu May 14 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-0	Roland Mainz	2015-05-15	3	-210/+3
\| \| \| \| \| \| \| \|	- Update to krb5-1.13.2 - drop patch for krb5-1.13.2-CVE_2015_2694_requires_preauth_bypass_in_PKINIT_enabled_KDC, fixed in krb5-1.13.2 - drop patch for krb5-1.12.1-CVE_2014_5355_fix_krb5_read_message_handling, fixed in krb5-1.13.2 - Add script processing for upcoming Zanata l10n support - Minor spec cleanup
*	* Thu May 14 2015 Roland Mainz <rmainz@redhat.com> - 1.13.2-0	Roland Mainz	2015-05-15	2	-23/+36
\| \| \| \| \| \| \| \|	- Update to krb5-1.13.2 - drop patch for krb5-1.13.2-CVE_2015_2694_requires_preauth_bypass_in_PKINIT_enabled_KDC, fixed in krb5-1.13.2 - drop patch for krb5-1.12.1-CVE_2014_5355_fix_krb5_read_message_handling, fixed in krb5-1.13.2 - Add script processing for upcoming Zanata l10n support - Minor spec cleanup
*	* Mon May 4 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-4	Roland Mainz	2015-05-06	2	-1/+113
\| \| \| \| \| \| \| \| \| \| \| \|	- fix for CVE-2015-2694 (#1216133) "requires_preauth bypass in PKINIT-enabled KDC". In MIT krb5 1.12 and later, when the KDC is configured with PKINIT support, an unauthenticated remote attacker can bypass the requires_preauth flag on a client principal and obtain a ciphertext encrypted in the principal's long-term key. This ciphertext could be used to conduct an off-line dictionary attack against the user's password. resolves: #1216134
*	* Wed Mar 25 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-3	Roland Mainz	2015-03-25	1	-1/+18
\| \| \| \| \| \| \|	- Add temporay workaround for RH bug #1204646 ("krb5-config returns wrong -specs path") which modifies krb5-config post build so that development of krb5 dependicies gets unstuck. This MUST be removed before rawhide becomes F23 ...
*	* Thu Mar 19 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-2	Roland Mainz	2015-03-20	1	-1/+1
\| \| \| \| \|	- fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others"
*	* Thu Mar 19 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-2	Roland Mainz	2015-03-20	2	-1/+117
\| \| \| \| \|	- fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others"
*	* Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1	Roland Mainz	2015-02-13	1	-3/+2
\| \| \| \| \| \| \| \|	- Update to krb5-1.13.1 - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1 - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1 - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1 - Minor spec cleanup
*	* Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1	Roland Mainz	2015-02-13	2	-0/+2
\| \| \| \| \| \| \| \|	- Update to krb5-1.13.1 - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1 - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1 - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1 - Minor spec cleanup
*	* Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1	Roland Mainz	2015-02-13	4	-618/+0
\| \| \| \| \| \| \| \|	- Update to krb5-1.13.1 - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1 - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1 - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1 - Minor spec cleanup
*	* Fri Feb 13 2015 Roland Mainz <rmainz@redhat.com> - 1.13.1-1	Roland Mainz	2015-02-13	1	-32/+31
\| \| \| \| \| \| \| \|	- Update to krb5-1.13.1 - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1 - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1 - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1 - Minor spec cleanup
*	* Wed Feb 4 2015 Roland Mainz <rmainz@redhat.com> - 1.13-8	Roland Mainz	2015-02-04	2	-1/+337
\| \| \| \| \| \| \| \| \| \| \|	- fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" - fix for CVE-2014-9423 (#1179863) "libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)"
*	* Wed Feb 4 2015 Roland Mainz <rmainz@redhat.com> - 1.13-7	Roland Mainz	2015-02-04	1	-5/+10
\| \| \| \| \| \|	- Remove "python-sphinx-latex" and "tar" from the build requirements to fix build failures on F22 machines. - Minor spec cleanup
*	Support KDC_ERR_MORE_PREAUTH_DATA_REQUIRED (RT#8063)	Nathaniel McCallum	2015-02-03	2	-1/+148
\|
*	* Mon Jan 26 2015 Roland Mainz <rmainz@redhat.com> - 1.13-5	Roland Mainz	2015-01-26	2	-3/+130
\| \| \| \| \| \| \|	- fix for kinit -C loops (#1184629, MIT/krb5 issue 243, "Do not loop on principal unknown errors"). - Added "python-sphinx-latex" to the build requirements to fix build failures on F22 machines.
*	* Thu Dec 19 2014 Roland Mainz <rmainz@redhat.com> - 1.13-4	Roland Mainz	2014-12-18	2	-1/+120
\| \| \| \| \|	- fix for CVE-2014-5354 (#1174546) "krb5: NULL pointer dereference when using keyless entries"
*	* Wed Dec 17 2014 Roland Mainz <rmainz@redhat.com> - 1.13-3	Roland Mainz	2014-12-17	2	-3/+73
\| \| \| \| \|	- fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash"
*	* Wed Oct 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0	Roland Mainz	2014-10-29	1	-1/+6
\| \| \| \| \| \|	- Bump 1%%{?dist} to 2%%{?dist} to workaround RPM sort issue which would lead yum updates to treat the last alpha as newer than the final version.
*	* Wed Oct 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0	Roland Mainz	2014-10-29	1	-7/+22
\| \| \| \| \| \| \| \| \|	- Update from krb5-1.13-alpha1 to final krb5-1.13 - Removed patch for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - now part of upstream sources - Use patch for glibc \|eventfd()\| prototype mismatch (#1147887) only for Fedora > 20
*	* Wed Oct 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0	Roland Mainz	2014-10-29	3	-93/+6
\| \| \| \| \| \| \| \| \|	- Update from krb5-1.13-alpha1 to final krb5-1.13 - Removed patch for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal" - now part of upstream sources - Use patch for glibc \|eventfd()\| prototype mismatch (#1147887) only for Fedora > 20
*	* Tue Sep 30 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0.alpha1.3	Roland Mainz	2014-09-30	2	-1/+45
\| \| \| \| \|	- fix build failure caused by change of prototype for glibc \|eventfd()\| (#1147887)
*	- fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when	Roland Mainz	2014-09-29	1	-0/+7
\| \| \| \|	randomizing the keys for a service principal" (fix rpm spec file)
*	* Mon Sep 29 2014 Roland Mainz <rmainz@redhat.com> - 1.13-0.alpha1.3	Roland Mainz	2014-09-29	1	-0/+90
\| \| \| \| \|	- fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when randomizing the keys for a service principal"
*	Keep the license from being a dangling symlinkkrb5-1.13-0.fc22.alpha1.3	Nalin Dahyabhai	2014-09-08	1	-2/+5
\| \| \| \| \| \|	Processing of %license puts the named file in a directory other than the docs directory, and doesn't rewrite relative symlinks to be correct. So we can't use a symlink to one of them as the license.
*	Remove the -S flag from kprop.servicekrb5-1.13-0.fc22.alpha1.2	Nalin Dahyabhai	2014-08-28	2	-3/+7
\| \| \| \| \| \|	- kpropd hasn't bothered with -S since 1.11; stop trying to use that flag in the systemd unit file and change its type from "forking" to "simple"
*	Updating to 1.13 alpha1	Nalin Dahyabhai	2014-08-22	24	-2858/+53
\|
*	Pull in upstream fix for an mischecked strdup()krb5-1.12.2-3.fc22	Nalin Dahyabhai	2014-08-20	2	-1/+30
\| \| \| \| \|	- pull in upstream fix for an incorrect check on the value returned by a strdup() call (#1132062)
*	- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild	Peter Robinson	2014-08-17	1	-1/+4
\|
*	Upload 1.12.2 sourceskrb5-1.12.2-1.fc22	Nalin Dahyabhai	2014-08-15	2	-3/+6
\|
*	drop patch for CVE-2014-4345, included in 1.12.2	Nalin Dahyabhai	2014-08-15	3	-17/+1
\|
*	drop patch for CVE-2014-4344, included in 1.12.2	Nalin Dahyabhai	2014-08-15	2	-46/+1
\|
*	drop patch for CVE-2014-4343, included in 1.12.2	Nalin Dahyabhai	2014-08-15	2	-63/+1
\|
*	drop patches for CVE-2014-4341/CVE-2014-4342, included in 1.12.2	Nalin Dahyabhai	2014-08-15	3	-714/+1
\|
*	drop patch for RT#7926, fixed in 1.12.2	Nalin Dahyabhai	2014-08-15	2	-38/+1
\|
*	drop patch for RT#7924, fixed in 1.12.2	Nalin Dahyabhai	2014-08-15	2	-151/+1
\|
*	drop patch for RT#7858, fixed in 1.12.2	Nalin Dahyabhai	2014-08-15	2	-168/+1
\|
*	Update for 1.12.2	Nalin Dahyabhai	2014-08-15	1	-5/+6
\|
*	drop patch for RT#7836, fixed in 1.12.2	Nalin Dahyabhai	2014-08-15	2	-45/+1
\|
*	drop patch for RT#7818, fixed in 1.12.2	Nalin Dahyabhai	2014-08-15	2	-29/+2
\|
*	Drop patch for #231147, fixed in 1.12.2	Nalin Dahyabhai	2014-08-15	2	-16/+1
\|
*	drop patch for RT#7820, merged in 1.12.2	Nalin Dahyabhai	2014-08-15	2	-115/+6
\|
*	Update collection cache patch set for ksu	Nalin Dahyabhai	2014-08-15	14	-1090/+1578
\| \| \| \| \|	- replace older proposed changes for ksu with backports of the changes after review and merging upstream (#1015559, #1026099, #1118347)