svn rev #25755: branches/krb5-1-10/ src/

tlyu@MIT.EDU tlyu at MIT.EDU
Thu Mar 8 14:58:45 EST 2012 

http://src.mit.edu/fisheye/changelog/krb5/?cs=25755
Commit By: tlyu
Log Message:
README and patchlevel.h for krb5-1.10.1


Changed Files:
U   branches/krb5-1-10/README
U   branches/krb5-1-10/src/patchlevel.h
Modified: branches/krb5-1-10/README
===================================================================
--- branches/krb5-1-10/README	2012-03-08 17:34:15 UTC (rev 25754)
+++ branches/krb5-1-10/README	2012-03-08 19:58:44 UTC (rev 25755)
@@ -70,6 +70,34 @@
 variable that enables "weak" enctypes, which defaults to "false"
 beginning with krb5-1.8.
 
+Major changes in 1.10.1
+-----------------------
+
+This is a bugfix release.
+
+* Fix access controls for KDB string attributes [CVE-2012-1012]
+
+* Make the ASN.1 encoding of key version numbers interoperate with
+  Windows Read-Only Domain Controllers
+
+* Avoid generating spurious password expiry warnings in cases where
+  the KDC sends an account expiry time without a password expiry time.
+
+krb5-1.10.1 changes by ticket ID
+--------------------------------
+
+7074    workaround for Solaris 8 lacking isblank
+7081    Don't use stack variable address in as_req state
+7082    Various lookaside cache fixes
+7084    Don't check mech in krb5_gss_inquire_cred_by_mech
+7087    krb5_gss_get_name_attribute fails to set display_value
+7088    Fix uninitialized variable warning in trval.c
+7089    Initialize gss_get_name_attribute output buffers
+7092    kvno ASN.1 encoding interop with Windows RODCs
+7093    Access controls for string RPCs [CVE-2012-1012]
+7096    Fix KDB iteration when callback does write calls
+7098    Fix spurious password expiry warning
+
 Major changes in 1.10
 ---------------------
 

Modified: branches/krb5-1-10/src/patchlevel.h
===================================================================
--- branches/krb5-1-10/src/patchlevel.h	2012-03-08 17:34:15 UTC (rev 25754)
+++ branches/krb5-1-10/src/patchlevel.h	2012-03-08 19:58:44 UTC (rev 25755)
@@ -51,7 +51,7 @@
  */
 #define KRB5_MAJOR_RELEASE 1
 #define KRB5_MINOR_RELEASE 10
-#define KRB5_PATCHLEVEL 0
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 1
+/* #undef KRB5_RELTAIL */
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "branches/krb5-1-10"
+#define KRB5_RELTAG "tags/krb5-1-10-1-final"

More information about the cvs-krb5 mailing list