krb5 commit [krb5-1.10]: README and patchlevel.h for krb5-1.10.2

Tom Yu tlyu at MIT.EDU
Thu May 31 19:48:23 EDT 2012 

https://github.com/krb5/krb5/commit/877bdca7a323b0bc33c3c1b21f99a7655f7a7a2c
commit 877bdca7a323b0bc33c3c1b21f99a7655f7a7a2c
Author: Tom Yu <tlyu at mit.edu>
Date:   Thu May 31 19:47:15 2012 -0400

    README and patchlevel.h for krb5-1.10.2

 README           |   30 ++++++++++++++++++++++++++++++
 src/patchlevel.h |    6 +++---
 2 files changed, 33 insertions(+), 3 deletions(-)

diff --git a/README b/README
index fc9c419..615e532 100644
--- a/README
+++ b/README
@@ -70,6 +70,36 @@ from using single-DES cryptosystems.  Among these is a configuration
 variable that enables "weak" enctypes, which defaults to "false"
 beginning with krb5-1.8.
 
+Major changes in 1.10.2
+-----------------------
+
+This is a bugfix release.
+
+* Fix an interop issue with Windows Server 2008 R2 Read-Only Domain
+  Controllers.
+
+* Update a workaround for a glibc bug that would cause DNS PTR queries
+  to occur even when rdns = false.
+
+* Fix a kadmind denial of service issue (null pointer dereference),
+  which could only be triggered by an administrator with the "create"
+  privilege.  [CVE-2012-1013]
+
+krb5-1.10.2 changes by ticket ID
+--------------------------------
+
+7095    Build system uses @localedir@ without requiring autoconf 2.60
+7099    Decrypting history key entries can fail after 1.8 upgrade
+7119    Preauth fails for second AS request in a krb5 context
+7120    Use correct name-type in TGS-REQs for 2008R2 RODCs
+7124    krb5_sname_to_principal canonicalization should work with
+        IPv6-only hosts
+7127    Can't change password without default_realm
+7136    S4U2Self using kvno broken in 1.10.1, but not in 1-9.3
+7143    krb5_set_trace_filename not exported
+7148    Export gss_mech_krb5_wrong from libgssapi_krb5
+7152    Null pointer deref in kadmind [CVE-2012-1013]
+
 Major changes in 1.10.1
 -----------------------
 
diff --git a/src/patchlevel.h b/src/patchlevel.h
index d2a1e10..d617653 100644
--- a/src/patchlevel.h
+++ b/src/patchlevel.h
@@ -51,7 +51,7 @@
  */
 #define KRB5_MAJOR_RELEASE 1
 #define KRB5_MINOR_RELEASE 10
-#define KRB5_PATCHLEVEL 1
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 2
+/* #undef KRB5_RELTAIL */
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1.10"
+#define KRB5_RELTAG "tags/krb5-1.10.2-final"

More information about the cvs-krb5 mailing list