1. Forum
  2. Usenet
  3. COMP.PROTOCOLS.KERBEROS

  • krb5-1.19.2 and krb5-1.18.4 are released

    From Greg Hudson@21:1/5 to All on Mon Jul 26 15:01:04 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    The MIT Kerberos Team announces the availability of MIT Kerberos 5
    Releases 1.19.2 and 1.18.4. Please see below for a list of some major
    changes included, or consult the README file in the source tree for a
    more detailed list of significant changes.

    Retrieving krb5-1.19.2 and krb5-1.18.4
    ======================================

    You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the
    following URL:

    https://kerberos.org/dist/

    The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are:

    https://web.mit.edu/kerberos/krb5-1.19/
    https://web.mit.edu/kerberos/krb5-1.18/

    Further information about Kerberos 5 may be found at the following
    URL:

    https://web.mit.edu/kerberos/


    Triple-DES transition
    =====================

    Beginning with the krb5-1.19 release, a warning will be issued if
    initial credentials are acquired using the des3-cbc-sha1 encryption
    type. In future releases, this encryption type will be disabled by
    default and eventually removed.

    Beginning with the krb5-1.18 release, single-DES encryption types have
    been removed.


    Major changes in 1.19.2 and 1.18.4 (2021-07-22) ===============================================

    These are bug fix releases.

    * Fix a denial of service attack against the KDC encrypted challenge
    code [CVE-2021-36222].

    * Fix a memory leak when gss_inquire_cred() is called without a
    credential handle.
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmD/BgkACgkQDLoIV1+D ct97ZQ/+LC3g5O11HvP268D0UXG/rKX308J8+AfbSmfQoUkJ/g7FT/ruoV5b9H38 vMZoEeDS0irAl6w4a4Y8HlHJs1McL+5SFo9DG/0dmLt8MVFW5qmDuaiHqkxz1Pzz n8/54YXDu5/mpVAW5WVyfiMVW5yGx8ty4RnupF9Ko9mv/SbplAL2NwZzweDQUyaH 5F1krQ08fd8AutN+Rl42IwInNOLoiV0+PotQZGPqhJL6OGYyURVUfOb7XexrNFMQ JwKUOsCyD4SpJ01a7QPl5IKlUzZlomLh+gvZlCIK3Ke9mVpM5DeaGVOmI3F4tHWd ZFO4g7t6lfnLIqyZO8o2gfCP11G9P7I1OeOPoLBIP0HU2gdMFU/tfq7xqDFPYHAR Dh3BxBYAKb02LWOY9zZWVEe0GOQ1cano6QYeyYtuVBqJVqqGG0omXdqJsPyFj4BO HtzRk1PqWRFshAL7ABdmwUYbAg7FXH0tQBte34CzdVQZhOQxBcaSO950K1crn73X VQh0OUlL9EFG8CJ3Lxck/VUtv4onp+X9mkGFkDd8tTkPhEbhTr7Jx5RZZ/oOvdVn mAbXBBeLIjqWQfs2MngH9jVytfoG8o5mKA7iQnt68BUL0u0jKPupUTGV4rV0BebB CwWUyWbIEisuv5rF6aa4CoU2vXcdtnZ12vl89TkwQw3zA+V1vaQ=
    =68WE
    -----END PGP SIGNATURE-----
    _______________________________________________
    kerberos-announce mailing list
    kerberos-announce@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos-announce

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)