svn rev #25415: branches/krb5-1-8/ src/

Tue Oct 25 15:58:30 EDT 2011

http://src.mit.edu/fisheye/changelog/krb5/?cs=25415
Commit By: tlyu
Log Message:
README and patchlevel.h for krb5-1.8.5-beta1.


Changed Files:
U   branches/krb5-1-8/README
U   branches/krb5-1-8/src/patchlevel.h
Modified: branches/krb5-1-8/README
===================================================================

--- branches/krb5-1-8/README	2011-10-25 18:30:14 UTC (rev 25414)
+++ branches/krb5-1-8/README	2011-10-25 19:58:29 UTC (rev 25415)
@@ -87,6 +87,24 @@
 
 This is primarily a bugfix release.
 
+* Fix MITKRB5-SA-2011-006 KDC denial of service vulnerabilities
+  [CVE-2011-1528 CVE-2011-1529 CVE-2011-4151].
+
+krb5-1.8.4 changes by ticket ID
+-------------------------------
+
+6925    Memory leak in save_error_string_nocopy()
+6926    work around Dejagnu failure on modern Tcl
+6983    SA-2011-006 KDC denial of service [CVE-2011-1527 CVE-2011-1528
+        CVE-2011-1529]
+6984    modernize doc/Makefile somewhat
+6991    fix tar invocation in mkrel
+
+Major changes in 1.8.4
+----------------------
+
+This is primarily a bugfix release.
+
 * Fix vulnerabilities:
   ** KDC uninitialized pointer crash [MITKRB5-SA-2010-006 CVE-2010-1322]
   ** kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022]
@@ -397,6 +415,7 @@
     Columbia University
     Cornell University
     The Department of Defense of the United States of America (DoD)
+    Fidelity Investments
     Google
     Iowa State University
     MIT
@@ -431,6 +450,7 @@
     Mark Colan
     Don Davis
     Alexandra Ellwood
+    Carlos Garay
     Dan Geer
     Nancy Gilman
     Matt Hancher
@@ -445,6 +465,7 @@
     Kevin Koch
     John Kohl
     HaoQi Li
+    Jonathan Lin
     Peter Litwack
     Scott McGuire
     Steve Miller
@@ -530,6 +551,7 @@
     Jan iankko Lieskovsky
     Kevin Longfellow
     Ryan Lynch
+    Nathaniel McCallum
     Cameron Meadors
     Franklyn Mendez
     Markus Moeller

Modified: branches/krb5-1-8/src/patchlevel.h
===================================================================
--- branches/krb5-1-8/src/patchlevel.h	2011-10-25 18:30:14 UTC (rev 25414)
+++ branches/krb5-1-8/src/patchlevel.h	2011-10-25 19:58:29 UTC (rev 25415)
@@ -52,7 +52,7 @@
  */
 #define KRB5_MAJOR_RELEASE 1
 #define KRB5_MINOR_RELEASE 8
-#define KRB5_PATCHLEVEL 4
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 5
+#define KRB5_RELTAIL "beta1"
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "branches/krb5-1-8"
+#define KRB5_RELTAG "tags/krb5-1-8-5-beta1"


