[krbdev.mit.edu #9177] Password expiry date shown as 2100
Greg Hudson via RT
rt at kerborg-prod-app-1.mit.edu
Mon Jul 7 13:18:01 EDT 2025
<URL: http://kerborg-prod-app-1.mit.edu/rt/Ticket/Display.html?id=9177 >
This bug was fixed in release 1.21 by
commit 29600cf1db888d91c42cbd6cf72652afe8c1ee66 (ticket 9071, https://
github.com/krb5/krb5/pull/1266 ). The problem was the use of a signed 32-bit
value to hold the interval.
(It would of course be nice if Microsoft's Kerberos implementation didn't use
arbitrary dates in the far future when it means "never". A KDC can simply not
transmit a password expiration time.)
More information about the krb5-bugs
mailing list