krb5 commit [krb5-1.11]: Update README and patchlevel.h for krb5-1.11.1

Thu Feb 21 18:18:31 EST 2013

https://github.com/krb5/krb5/commit/da9dc1bbc92884e1c7f817928176d9043f0ada34
commit da9dc1bbc92884e1c7f817928176d9043f0ada34
Author: Tom Yu <tlyu at mit.edu>
Date:   Thu Feb 21 16:30:47 2013 -0500

    Update README and patchlevel.h for krb5-1.11.1

 NOTICE           |    2 +-
 README           |   37 +++++++++++++++++++++++++++++++++++--
 doc/notice.rst   |    2 +-
 src/patchlevel.h |    6 +++---
 4 files changed, 40 insertions(+), 7 deletions(-)

diff --git a/NOTICE b/NOTICE
index 7978f51..ac08bba 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,4 +1,4 @@
-Copyright (C) 1985-2012 by the Massachusetts Institute of Technology.
+Copyright (C) 1985-2013 by the Massachusetts Institute of Technology.
 
 All rights reserved.
 
diff --git a/README b/README
index 4685ff2..4c061cc 100644
--- a/README
+++ b/README
@@ -77,8 +77,41 @@ from using single-DES cryptosystems.  Among these is a configuration
 variable that enables "weak" enctypes, which defaults to "false"
 beginning with krb5-1.8.
 
-Major changes in 1.11
----------------------
+Major changes in 1.11.1 (2013-02-21)
+------------------------------------
+
+This is a bugfix release.
+
+* Restore capability for multi-hop SAM-2 preauth exchanges, which
+  krb5-1.11 had inadvertently removed.
+
+* Fix a null pointer dereference in the KDC PKINIT code
+  [CVE-2013-1415].
+
+krb5-1.11.1 changes by ticket ID
+--------------------------------
+
+7458    add more strftime format strings for klist
+7523    Fix gss_str_to_oid for OIDs with zero-valued arcs
+7525    Fix DPRINT in ipropd_svc.c
+7534    Minor pointer management patches
+7539    Fix no_host_referral concatention in KDC
+7548    Fix iprop safety net in kdb5_util load
+7553    sendto_kdc can invoke poll with negative timeout
+7557    Fix h1 end tag in Sphinx header titles
+7558    Fix typos in layout.html
+7559    Fix "search" accesskey in layout.html
+7560    Fix kdb5_util dump.c uninitialized warnings
+7561    kprop doesn't work with RC4 session key
+7567    Fix RFC 5587 const pointer typedefs
+7569    Convert success in krb5_chpw_result_code_string
+7570    PKINIT null pointer deref [CVE-2013-1415]
+7571    Allow multi-hop SAM-2 exchanges
+7573    File descriptor leak in DIR ccaches
+7574    Fix memory leak closing DIR ccaches
+
+Major changes in 1.11 (2012-12-17)
+----------------------------------
 
 Additional background information on these changes may be found at
 
diff --git a/doc/notice.rst b/doc/notice.rst
index e8d0d00..0215841 100644
--- a/doc/notice.rst
+++ b/doc/notice.rst
@@ -1,4 +1,4 @@
-Copyright |copy| 1985-2012 by the Massachusetts Institute of Technology.
+Copyright |copy| 1985-2013 by the Massachusetts Institute of Technology.
 
 All rights reserved.
 
diff --git a/src/patchlevel.h b/src/patchlevel.h
index 2cdb705..a38edfd 100644
--- a/src/patchlevel.h
+++ b/src/patchlevel.h
@@ -51,7 +51,7 @@
  */
 #define KRB5_MAJOR_RELEASE 1
 #define KRB5_MINOR_RELEASE 11
-#define KRB5_PATCHLEVEL 0
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 1
+/* #undef KRB5_RELTAIL */
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1.11"
+#define KRB5_RELTAG "krb5-1.11.1-final"
