krb5-1.19.3 and krb5-1.18.5 are released
Greg Hudson
ghudson at mit.edu
Mon Mar 14 17:46:15 EDT 2022
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
The MIT Kerberos Team announces the availability of MIT Kerberos 5
Releases 1.19.3 and 1.18.5. Please see below for a list of some major
changes included, or consult the README file in the source tree for a
more detailed list of significant changes.
Retrieving krb5-1.19.3 and krb5-1.18.5
======================================
You may retrieve the krb5-1.19.3 and krb5-1.18.5 sources from the
following URL:
https://kerberos.org/dist/
The homepages for the krb5-1.19.3 and krb5-1.18.5 releases are:
https://web.mit.edu/kerberos/krb5-1.19/
https://web.mit.edu/kerberos/krb5-1.18/
Further information about Kerberos 5 may be found at the following
URL:
https://web.mit.edu/kerberos/
Triple-DES transition
=====================
Beginning with the krb5-1.19 release, a warning will be issued if
initial credentials are acquired using the des3-cbc-sha1 encryption
type. In future releases, this encryption type will be disabled by
default and eventually removed.
Beginning with the krb5-1.18 release, single-DES encryption types have
been removed.
Major changes in 1.19.3 and 1.18.5 (2022-03-14)
===============================================
These are bug fix releases.
* Fix a denial of service attack against the KDC [CVE-2021-37750].
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmIvtaAACgkQDLoIV1+D
ct8GUg/+L7k2DFp/2zS6yBggE8lQAjidO8tUoPXLRZ0Y+95pSCkQd+6DmMW1JX2Q
kBs/ka6BD9NKEaLELETQ1B2GDVIrJXR5H7K9dtzqej4hrOnX7BCWsBsTwyT5hv/0
CtyMo1oTIYSC41jgoav4hFJhcAM6001a9whvygRh2zYxylWc2mHJ9f9+J0xVw1qg
wY7s3wFXf+iPu1E89cgDw7ln3zJNPu22iBoRLoOHs/2NxyVRL+NBPftUg7GfDeNz
hSQ+nrgaJE6x/RkTR8F3OA/GjqdkYVwR1Rvp0qJcaRit9747cIpeNzd7Lr5H0GZW
0qIAv6qjJ26uhXNpLHogAO1Fsyiz8Ir31NGHO3ah0cwAbciZOFsZNE2V7NNVsGEx
jl+0uUVp3ydPf6EMB1F3puzv4Wv0YtBMyA0lojSzeKR1pPQ5ZAkWCbOX+eR2x7YO
/Z1eGlzSZSi48ohKSRm7ULNRCdONlITtB7cupAF0Y6azUhabETwEQImoKQMus0PF
aSX+SyaksNv0RZKmNaVGBaZe70HFx7XX01fTgvYTBSq0J7+d03jYpTfceoaeykmo
gaGmrGI2swPgH/6Y3VeBpD9/Zq/iM+orZr0IChcw94uHMxGUvzCcW8DN7qR05JT/
fUqkq4xsdWr6ZVuxyrN62Fv4fBgQA2NLar1Bn9i3/UY3L6Ol5eM=
=y/2g
-----END PGP SIGNATURE-----
More information about the kerberos-announce
mailing list