krb5 commit [krb5-1.10]: Updates for krb5-1.10.5 release

Tom Yu tlyu at MIT.EDU
Wed Apr 17 20:37:46 EDT 2013


https://github.com/krb5/krb5/commit/a253d85c22e0fd5e2d7cf1685dc795a536588c99
commit a253d85c22e0fd5e2d7cf1685dc795a536588c99
Author: Tom Yu <tlyu at mit.edu>
Date:   Wed Apr 17 15:43:42 2013 -0400

    Updates for krb5-1.10.5 release

 NOTICE                |    2 +-
 README                |   20 ++++++++++++++++++++
 doc/copyright.texinfo |    2 +-
 src/patchlevel.h      |    6 +++---
 4 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/NOTICE b/NOTICE
index 910b762..dc5220c 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,4 +1,4 @@
-Copyright (C) 1985-2012 by the Massachusetts Institute of Technology.
+Copyright (C) 1985-2013 by the Massachusetts Institute of Technology.
 
 All rights reserved.
 
diff --git a/README b/README
index 61a7f0f..0e03bc9 100644
--- a/README
+++ b/README
@@ -70,6 +70,26 @@ from using single-DES cryptosystems.  Among these is a configuration
 variable that enables "weak" enctypes, which defaults to "false"
 beginning with krb5-1.8.
 
+Major changes in krb5-1.10.5 (2013-04-17)
+-----------------------------------------
+
+This is a bugfix release.  The krb5-1.10 release series is in
+maintenance, and for new deployments, installers should prefer the
+krb5-1.11 release series or later.
+
+* Fix KDC null pointer dereference in TGS-REQ handling [CVE-2013-1416]
+
+* Incremental propagation could erroneously act as if a slave's
+  database were current after the slave received a full dump that
+  failed to load.
+
+krb5-1.10.5 changes by ticket ID
+--------------------------------
+
+7600    KDC TGS-REQ null deref [CVE-2013-1416]
+7606    Fix condition with empty body
+7607    Reset ulog if database load failed
+
 Major changes in krb5-1.10.4 (2013-03-01)
 -----------------------------------------
 
diff --git a/doc/copyright.texinfo b/doc/copyright.texinfo
index b1b01b0..f32ce21 100644
--- a/doc/copyright.texinfo
+++ b/doc/copyright.texinfo
@@ -2,7 +2,7 @@
 @begingroup
 @smallfonts @rm
 @end iftex
-Copyright @copyright{} 1985-2012 by the Massachusetts Institute of Technology.
+Copyright @copyright{} 1985-2013 by the Massachusetts Institute of Technology.
 
 All rights reserved.
 
diff --git a/src/patchlevel.h b/src/patchlevel.h
index 5fc4c85..db468d3 100644
--- a/src/patchlevel.h
+++ b/src/patchlevel.h
@@ -51,7 +51,7 @@
  */
 #define KRB5_MAJOR_RELEASE 1
 #define KRB5_MINOR_RELEASE 10
-#define KRB5_PATCHLEVEL 4
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 5
+/* #undef KRB5_RELTAIL */
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1.10"
+#define KRB5_RELTAG "krb5-1.10.5-final"


More information about the cvs-krb5 mailing list