svn rev #24112: branches/krb5-1-8/ src/

tlyu@MIT.EDU tlyu at MIT.EDU
Fri May 28 18:55:46 EDT 2010 

http://src.mit.edu/fisheye/changelog/krb5/?cs=24112
Commit By: tlyu
Log Message:
README and patchlevel.h for krb5-1.8.2-beta1


Changed Files:
U   branches/krb5-1-8/README
U   branches/krb5-1-8/src/patchlevel.h
Modified: branches/krb5-1-8/README
===================================================================
--- branches/krb5-1-8/README	2010-05-28 18:41:45 UTC (rev 24111)
+++ branches/krb5-1-8/README	2010-05-28 22:55:45 UTC (rev 24112)
@@ -82,6 +82,35 @@
   crypto
 * easier kadmin history key changes
 
+Major changes in 1.8.2
+----------------------
+
+This is primarily a bugfix release.
+
+* Fix vulnerabilities:
+  ** CVE-2010-1320 KDC double free caused by ticket renewal
+     (MITKRB5-SA-2010-004)
+  ** CVE-2010-1321 GSS-API lib null pointer deref (MITKRB5-SA-2010-005)
+
+* Allow numeric IPv6 addresses for configuring KDC locations.
+
+krb5-1.8.2 changes by ticket ID
+-------------------------------
+
+6562    kinit not working if kdc is configured with numerical IPv6 address
+6696    gss_accept_sec_context doesn't produce error tokens
+6697    segfault caused by dlerror returning NULL
+6698    kproplog displays incorrect iprop timestamps on 64-bit platforms
+6702    CVE-2010-1320 KDC double free caused by ticket renewal
+        (MITKRB5-SA-2010-004)
+6711    memory leak in process_tgs_req in r23724
+6718    Make KADM5_FAIL_AUTH_COUNT_INCREMENT more robust with LDAP
+6722    Error handling bug in krb5_init_creds_init()
+6725    CVE-2010-1321 GSS-API lib null pointer deref (MITKRB5-SA-2010-005)
+6726    SPNEGO doesn't interoperate with Windows 2000
+6730    kdc_tcp_ports not documented in kdc.conf.M
+6734    FAST negotiation could erroneously succeed
+
 Major changes in 1.8.1
 ----------------------
 
@@ -362,6 +391,7 @@
 
     Brandon Allbery
     Russell Allbery
+    Brian Almeida
     Michael B Allen
     Derek Atkins
     David Bantz
@@ -405,6 +435,7 @@
     Jeffrey Hutzelman
     Wyllys Ingersoll
     Holger Isenberg
+    Joel Johnson
     Mikkel Kruse
     Volker Lendecke
     Jan iankko Lieskovsky
@@ -420,9 +451,9 @@
     Ezra Peisach
     W. Michael Petullo
     Mark Phalan
-    Xu Qiang
     Robert Relyea
     Martin Rex
+    Jason Rogers
     Guillaume Rousse
     Tom Shaw
     Peter Shoults
@@ -437,6 +468,7 @@
     Simon Wilkinson
     Nicolas Williams
     Ross Wilper
+    Xu Qiang
     Hanz van Zijst
 
 The above is not an exhaustive list; many others have contributed in

Modified: branches/krb5-1-8/src/patchlevel.h
===================================================================
--- branches/krb5-1-8/src/patchlevel.h	2010-05-28 18:41:45 UTC (rev 24111)
+++ branches/krb5-1-8/src/patchlevel.h	2010-05-28 22:55:45 UTC (rev 24112)
@@ -52,7 +52,7 @@
  */
 #define KRB5_MAJOR_RELEASE 1
 #define KRB5_MINOR_RELEASE 8
-#define KRB5_PATCHLEVEL 1
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 2
+#define KRB5_RELTAIL "beta1"
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "branches/krb5-1-8"
+#define KRB5_RELTAG "tags/krb5-1-8-2-beta1"

More information about the cvs-krb5 mailing list