krb5-1.19.2 and krb5-1.18.4 are released
Greg Hudson
ghudson at mit.edu
Mon Jul 26 15:01:04 EDT 2021
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
The MIT Kerberos Team announces the availability of MIT Kerberos 5
Releases 1.19.2 and 1.18.4. Please see below for a list of some major
changes included, or consult the README file in the source tree for a
more detailed list of significant changes.
Retrieving krb5-1.19.2 and krb5-1.18.4
======================================
You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the
following URL:
https://kerberos.org/dist/
The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are:
https://web.mit.edu/kerberos/krb5-1.19/
https://web.mit.edu/kerberos/krb5-1.18/
Further information about Kerberos 5 may be found at the following
URL:
https://web.mit.edu/kerberos/
Triple-DES transition
=====================
Beginning with the krb5-1.19 release, a warning will be issued if
initial credentials are acquired using the des3-cbc-sha1 encryption
type. In future releases, this encryption type will be disabled by
default and eventually removed.
Beginning with the krb5-1.18 release, single-DES encryption types have
been removed.
Major changes in 1.19.2 and 1.18.4 (2021-07-22)
===============================================
These are bug fix releases.
* Fix a denial of service attack against the KDC encrypted challenge
code [CVE-2021-36222].
* Fix a memory leak when gss_inquire_cred() is called without a
credential handle.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmD/BgkACgkQDLoIV1+D
ct97ZQ/+LC3g5O11HvP268D0UXG/rKX308J8+AfbSmfQoUkJ/g7FT/ruoV5b9H38
vMZoEeDS0irAl6w4a4Y8HlHJs1McL+5SFo9DG/0dmLt8MVFW5qmDuaiHqkxz1Pzz
n8/54YXDu5/mpVAW5WVyfiMVW5yGx8ty4RnupF9Ko9mv/SbplAL2NwZzweDQUyaH
5F1krQ08fd8AutN+Rl42IwInNOLoiV0+PotQZGPqhJL6OGYyURVUfOb7XexrNFMQ
JwKUOsCyD4SpJ01a7QPl5IKlUzZlomLh+gvZlCIK3Ke9mVpM5DeaGVOmI3F4tHWd
ZFO4g7t6lfnLIqyZO8o2gfCP11G9P7I1OeOPoLBIP0HU2gdMFU/tfq7xqDFPYHAR
Dh3BxBYAKb02LWOY9zZWVEe0GOQ1cano6QYeyYtuVBqJVqqGG0omXdqJsPyFj4BO
HtzRk1PqWRFshAL7ABdmwUYbAg7FXH0tQBte34CzdVQZhOQxBcaSO950K1crn73X
VQh0OUlL9EFG8CJ3Lxck/VUtv4onp+X9mkGFkDd8tTkPhEbhTr7Jx5RZZ/oOvdVn
mAbXBBeLIjqWQfs2MngH9jVytfoG8o5mKA7iQnt68BUL0u0jKPupUTGV4rV0BebB
CwWUyWbIEisuv5rF6aa4CoU2vXcdtnZ12vl89TkwQw3zA+V1vaQ=
=68WE
-----END PGP SIGNATURE-----
More information about the kerberos-announce
mailing list