krb5 commit [krb5-1.18]: Update for krb5-1.18-beta2

Greg Hudson ghudson at mit.edu
Mon Jan 27 14:32:06 EST 2020 

https://github.com/krb5/krb5/commit/74cefb7f560d010fa40aeb3ae539cbff39ca0f47
commit 74cefb7f560d010fa40aeb3ae539cbff39ca0f47
Author: Greg Hudson <ghudson at mit.edu>
Date:   Mon Jan 27 13:35:30 2020 -0500

    Update for krb5-1.18-beta2

 README              |   14 ++++++++++++++
 src/patchlevel.h    |    4 ++--
 src/po/mit-krb5.pot |    4 ++--
 3 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/README b/README
index 983feec..f6e6306 100644
--- a/README
+++ b/README
@@ -92,6 +92,9 @@ Administrator experience:
   credential forwarding during GSSAPI authentication unless the KDC
   sets the ok-as-delegate bit in the service ticket.
 
+* Use the permitted_enctypes krb5.conf setting as the default value
+  for default_tkt_enctypes and default_tgs_enctypes.
+
 Developer experience:
 
 * Implement krb5_cc_remove_cred() for all credential cache types.
@@ -110,6 +113,10 @@ Protocol evolution:
 * Add support for Microsoft NegoEx.  (Requires one or more third-party
   GSS modules implementing NegoEx mechanisms.)
 
+* Honor the transited-policy-checked ticket flag on application
+  servers, eliminating the requirement to configure capaths on
+  servers in some scenarios.
+
 User experience:
 
 * Add support for "dns_canonicalize_hostname=fallback""`, causing
@@ -195,6 +202,13 @@ krb5-1.18 changes by ticket ID
 8859    Remove KRB5_KDB_FLAG_ALIAS_OK
 8860    Allow kprop over NATs
 8861    Fix LDAP policy enforcement of pw_expiration
+8864    Fix error handling in gssint_mechglue_init()
+8865    Check cross-realm TGT name for RBCD requests
+8866    Fix S4U client authdata handling
+8867    Fix KDC crash in handle_signticket
+8868    Allow cross-realm RBCD with PAC and other authdata
+8869    Apply permitted_enctypes to KDC request enctypes
+8870    Honor transited-policy-checked flag in servers
 
 Acknowledgements
 ----------------
diff --git a/src/patchlevel.h b/src/patchlevel.h
index 47ccbba..e4ee28f 100644
--- a/src/patchlevel.h
+++ b/src/patchlevel.h
@@ -52,6 +52,6 @@
 #define KRB5_MAJOR_RELEASE 1
 #define KRB5_MINOR_RELEASE 18
 #define KRB5_PATCHLEVEL 0
-#define KRB5_RELTAIL "beta1-postrelease"
+#define KRB5_RELTAIL "beta2"
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1.18"
+#define KRB5_RELTAG "krb5-1.18-beta2"
diff --git a/src/po/mit-krb5.pot b/src/po/mit-krb5.pot
index 4105bef..0c45977 100644
--- a/src/po/mit-krb5.pot
+++ b/src/po/mit-krb5.pot
@@ -6,9 +6,9 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: mit-krb5 1.18-beta1-postrelease\n"
+"Project-Id-Version: mit-krb5 1.18-beta2\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-01-27 11:38-0500\n"
+"POT-Creation-Date: 2020-01-27 13:36-0500\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL at ADDRESS>\n"
 "Language-Team: LANGUAGE <LL at li.org>\n"

More information about the cvs-krb5 mailing list