krb5-1.7.1 is released
Stephen Buckley
sbuckley at MIT.EDU
Tue Feb 2 20:43:50 EST 2010
Is this worth spamming the sponsors?
And congrats!
s
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
Stephen C. Buckley
Director, Infrastructure Software Development and Architecture (Interim)
Massachusetts Institute of Technology
On Feb 2, 2010, at 7:40 PM, Tom Yu wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The MIT Kerberos Team announces the availability of MIT Kerberos 5
> Release 1.7.1. Please see below for a list of some major changes
> included, or consult the README file in the source tree for a more
> detailed list of significant changes.
>
> RETRIEVING KERBEROS 5 RELEASE 1.7.1
> ===================================
>
> You may retrieve the Kerberos 5 Release 1.7.1 source from the
> following URL:
>
> http://web.mit.edu/kerberos/dist/
>
> The homepage for the krb5-1.7.1 release is:
>
> http://web.mit.edu/kerberos/krb5-1.7/
>
> Further information about Kerberos 5 may be found at the following
> URL:
>
> http://web.mit.edu/kerberos/
>
> and at the MIT Kerberos Consortium web site:
>
> http://www.kerberos.org/
>
> DES transition
> ==============
>
> The Data Encryption Standard (DES) is widely recognized as weak. The
> krb5-1.7 release will contain measures to encourage sites to migrate
> away from using single-DES cryptosystems. Among these is a
> configuration variable that enables "weak" enctypes, but will default
> to "false" in the future. Additional migration aids are planned for
> future releases.
>
> Major changes in 1.7.1
> ======================
>
> This is primarily a bugfix release.
>
> * Fix vulnerabilities: MITKRB5-SA-2009-003 [CVE-2009-3295],
> MITKRB5-SA-2009-004 [CVE-2009-4212].
>
> * Restore compatibility for talking to older kadminds and kadmin
> clients for the "addprinc -randkey" operation.
>
> * Fix some build problems and memory leaks.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (SunOS)
>
> iEYEARECAAYFAktoxg8ACgkQSO8fWy4vZo5S8gCfZ5tjEMud1U+/JUL7wELbInZj
> e6EAn3Z4YhDwJQfikxB4qd5GW/RgnZT+
> =I6bi
> -----END PGP SIGNATURE-----
> _______________________________________________
> kerberos-announce mailing list
> kerberos-announce at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos-announce
> _______________________________________________
> krbdev mailing list krbdev at mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
More information about the Kerberos
mailing list