krb5-1.4.2 is released

Tom Yu tlyu at MIT.EDU
Wed Aug 10 17:24:07 EDT 2005


-----BEGIN PGP SIGNED MESSAGE-----

The MIT Kerberos Team announces the availability of MIT Kerberos 5
Release 1.4.2.  Please see below for a list of some major changes
included, or consult the README file in the source tree for a more
detailed list of significant changes.

RETRIEVING KERBEROS 5 RELEASE 1.4.2
===================================

You may retrieve the Kerberos 5 Release 1.4.2 source from the
following URL:

        http://web.mit.edu/kerberos/dist/

The homepage for the krb5-1.4.2 release is:

        http://web.mit.edu/kerberos/krb5-1.4/

Further information about Kerberos 5 may be found at the following
URL:

        http://web.mit.edu/kerberos/

MAJOR CHANGES
=============

* Fix [MITKRB5-SA-2005-002] KDC double-free and heap overflow.  Thanks
  to Daniel Wachdorf for reporting these vulnerabilities.

* Fix [MITKRB5-SA-2005-003] krb5_recvauth() double-free.  Thanks to
  Magnus Hagander for reporting this vulnerability.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (SunOS)

iQCVAwUBQvpweabDgE/zdoE9AQEiKAP/aDE8aK7c1gfyeUHE2DJD9ZSYJtEVmxpg
xRM8AUlo9KV04u6dHqvDFG6aFRC3iQnF4TID+Aq4sSIen7vXWTIYPjKwu5sjn2OG
8qgaLERkkgaHOfb16TYMVTmaLxvxGNlo0TiPCwtM96XS8Pu1BwAaJHvpiLBAuwER
lqpyRupZzhY=
=vR7x
-----END PGP SIGNATURE-----


More information about the kerberos-announce mailing list