krb5-1.9.1-beta1 is available
michelle zhao
michelle.zhao at gmail.com
Wed May 4 17:45:24 EDT 2011
When will be this out of beta?
It had a bug fix that we need.
thanks,
Michelle
On Mon, Apr 25, 2011 at 1:38 PM, Tom Yu <tlyu at mit.edu> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> MIT krb5-1.9.1-beta1 is now available for download from
>
> http://web.mit.edu/kerberos/dist/testing.html
>
> The main MIT Kerberos web page is
>
> http://web.mit.edu/kerberos/
>
> Please send comments to the krbdev list. The final release will
> probably occur in early May. The README file contains a more
> extensive list of changes.
>
> Major changes in 1.9.1
> - ----------------------
>
> This is primarily a bugfix release.
>
> * Fix vulnerabilities:
> ** kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022]
> ** KDC denial of service attacks [MITKRB5-SA-2011-002
> CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]
> ** KDC double-free when PKINIT enabled [MITKRB5-SA-2011-003
> CVE-2011-0284]
> ** kadmind frees invalid pointer [MITKRB5-SA-2011-004 CVE-2011-0285]
>
> * Interoperability:
>
> ** Don't reject AP-REQ messages if their PAC doesn't validate;
> suppress the PAC instead.
>
> ** Correctly validate HMAC-MD5 checksums that use DES keys
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (SunOS)
>
> iEYEARECAAYFAk21260ACgkQSO8fWy4vZo5QCQCfbkfkNa5E+lIxAa9zrY0JJiIu
> 5owAoM1syBte2aeCIzKTkPCEsNFZu6U2
> =V7Ha
> -----END PGP SIGNATURE-----
> _______________________________________________
> krbdev mailing list krbdev at mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
>
More information about the krbdev
mailing list