krb5-1.6.1-beta1 is available
Tom Yu
tlyu at MIT.EDU
Fri Apr 13 21:10:28 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MIT krb5-1.6.1-beta1 is now available for download from
http://web.mit.edu/kerberos/dist/
The main MIT Kerberos web page is
http://web.mit.edu/kerberos/
Please send comments to the krbdev list in the next week. Major
changes in krb5-1.6.1 include:
[5508] Fix MITKRB5-SA-2007-001: telnetd allows login as arbitrary user
[CVE-2007-0956, VU#220816]
[5507] Fix MITKRB5-SA-2007-002: buffer overflow in krb5_klog_syslog
[CVE-2007-0957, VU#704024]
[5445] Fix MITKRB5-SA-2007-003: double-free in kadmind - the RPC
library could perform a double-free due to a GSS-API library
bug [CVE-2007-1216, VU#419344]
[5293] fix crash creating db2 database in non-existent directory
For a more complete list of changes, please consult
http://krbdev.mit.edu/rt/NoAuth/krb5-1.6/fixed-1.6.1.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (SunOS)
iQCVAwUBRiAqB6bDgE/zdoE9AQKQSwP/bnKv54ZuQATMKXPbw1vtzRWpyJi3wFjx
REgMIGDe827tpXG0iQsE1K6bWoMBZbSXsvDvr1Vjxze2qGuNPmf0O2owwVQiNWzq
G3fa3z6Umj39WZ6BkU4JO6Pu01MZ0jYjWdfDWW3WI4ka8UTnRk+A9WUqw+RV0R7C
X57YoQomBCQ=
=bzYF
-----END PGP SIGNATURE-----
More information about the krbdev
mailing list