From ghudson at mit.edu  Wed Jun 26 18:15:22 2024
From: ghudson at mit.edu (Greg Hudson)
Date: Wed, 26 Jun 2024 18:15:22 -0400
Subject: krb5-1.21.3 is released
Message-ID: <x7dtthfqrk5.fsf@mit.edu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

The MIT Kerberos Team announces the availability of MIT Kerberos 5
Release 1.21.3.  Please see below for a list of some major changes
included, or consult the README file in the source tree for a more
detailed list of significant changes.

Retrieving krb5-1.21.3
======================

You may retrieve the krb5-1.21.3 sources from the following URL:

        https://kerberos.org/dist/

The homepage for the krb5-1.21.3 release is:

        https://web.mit.edu/kerberos/krb5-1.21/

Further information about Kerberos 5 may be found at the following
URL:

        https://web.mit.edu/kerberos/


Major changes in 1.21.3 (2024-06-26)
====================================

This is a bug fix release.

* Fix vulnerabilities in GSS message token handling [CVE-2024-37370,
  CVE-2024-37371].

* Fix a potential bad pointer free in krb5_cccol_have_contents().

* Fix a memory leak in the macOS ccache type.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmZ8kr4ACgkQDLoIV1+D
ct8cAxAAxtt3wCoPDRubEb2ZcdIdOoNCWOCu7fvXL6vI2fTdv+BXYVfGjpqHq7+r
XNVlKSqMuBLI+vJZtlcY7S0pJSgAqnoQwPd/W/6fZbJxqcCmgs9Zr14T9ODlSBxI
+Lv79dJWCSgt2+5LYTqzIDbomU3Ab5jDPSyfVSUX3t9g+JD4Ndw0Vw3xL+n9y+Ao
LY4PgZeWNW9mhBp6KpnWiln9jdTaJzN/oFmK2usXrmC332B6XQqjDV0c8lgJMwUN
/Zcmbq5ITbaLlpuf5rztbiTrW5Mx92UVMG1IAQleISKADkO/+u6UgU2BhqblL6L7
ynf7T6KrUshf1ZJYj2Xo+sYfvo6Xp/1OJjxHHV4mBbtf2JR9TpT8BmwEHrgbhU9V
NWDZLDAtcxCQ93hKnJiO3BKqioaxpNEs1wSIK1M3fdWcuNf/T/JG/Rq6VaoPIo0w
NtZUloAaL2HV6gOkBWd6ke9oGIOUyCYZD2AhPacfBxfZ9Rs0r5aDHkFzoyLqxqkJ
4XNBOM9Qkw9hLitY9exqg1Csx6PA0gN6x6XhErlEIE5/oC4jgBAtCbdXpDpA3s8u
lui8VrZw8luzwT6UZadrTwCPP/ulF+2kn93OK5hKPl1WXSHvPUmC/0yzm8iZyLKV
U6V/MFjNGTN0vG05BBHhaTlN8I9DuS5a9bnXdjEK7EUWlu3wyKw=
=Gs39
-----END PGP SIGNATURE-----