krb5 commit [krb5-1.10]: Update README and patchlevel.h for krb5-1.10.3
Tom Yu
tlyu at MIT.EDU
Wed Aug 8 18:25:30 EDT 2012
https://github.com/krb5/krb5/commit/3e6139176d8f3dfc92a19a938b87adc1d49e216b
commit 3e6139176d8f3dfc92a19a938b87adc1d49e216b
Author: Tom Yu <tlyu at mit.edu>
Date: Wed Aug 8 16:50:50 2012 -0400
Update README and patchlevel.h for krb5-1.10.3
README | 41 +++++++++++++++++++++++++++++++++++++++++
src/patchlevel.h | 6 +++---
2 files changed, 44 insertions(+), 3 deletions(-)
diff --git a/README b/README
index 814fd33..eac5304 100644
--- a/README
+++ b/README
@@ -70,6 +70,46 @@ from using single-DES cryptosystems. Among these is a configuration
variable that enables "weak" enctypes, which defaults to "false"
beginning with krb5-1.8.
+Major changes in 1.10.3
+-----------------------
+
+This is a bugfix release.
+
+* Fix KDC uninitialized pointer vulnerabilities that could lead to a
+ denial of service [CVE-2012-1014] or remote code execution
+ [CVE-2012-1015].
+
+* Correctly use default_tgs_enctypes instead of default_tkt_enctypes
+ for TGS requests.
+
+krb5-1.10.3 changes by ticket ID
+--------------------------------
+
+7150 Does not build when CPPFLAGS=-DDEBUG is set.
+7155 default_tgs_enctypes not used for client TGS enctypes
+7185 Fix crash on invalid DIR ccache primary file
+7197 Translate WinSock errors to Posix counterparts
+7198 Implement switch_to for ccapiv3
+7199 Add krb5int_cc_user_set_default_name
+7200 Always recreate acl files during dejagnu tests
+7201 Handle huge /bin directories in libdb2 test
+7203 kfw add preauth_sam2 to OBJS for windows build
+7204 KFW win-mac.h fixes
+7206 Use %i, not %s to Tprintf GetLastError()
+7207 Don't use syslog / LOG_DEBUG when they don't exist
+7208 __func__ -> __FUNCTION__ in disp_status.c
+7209 Define USE_CCAPI_V3 in krb5/ccache on windows
+7210 Remove the UNICODE defines from wshelper
+7212 MSLSA Don't use lstrcpy on ANSI strings
+7213 Implement cccol iterators for mslsa
+7214 krb5_stdccv3_get_principal error handling fixup
+7215 Remove DISABLE_TRACING from windows build
+7226 Fix KDC uninit ptrs [CVE-2012-1014 CVE-2012-1015]
+7227 Fix oid set construction in gss_inquire_cred()
+7228 Further fixes for WSA/Posix error translation
+7230 Add missing quote to install-windows
+7231 Regression tests for CVE-2012-1014, CVE-2012-1015
+
Major changes in 1.10.2
-----------------------
@@ -490,6 +530,7 @@ reports, suggestions, and valuable resources:
Mikkel Kruse
Volker Lendecke
Jan iankko Lieskovsky
+ Oliver Loch
Kevin Longfellow
Ryan Lynch
Nathaniel McCallum
diff --git a/src/patchlevel.h b/src/patchlevel.h
index c06a1db..09312f7 100644
--- a/src/patchlevel.h
+++ b/src/patchlevel.h
@@ -51,7 +51,7 @@
*/
#define KRB5_MAJOR_RELEASE 1
#define KRB5_MINOR_RELEASE 10
-#define KRB5_PATCHLEVEL 2
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 3
+/* #undef KRB5_RELTAIL */
/* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1.10"
+#define KRB5_RELTAG "krb5-1.10.3-final"
More information about the cvs-krb5
mailing list