From Greg Hudson@21:1/5 to All on Mon Jul 26 15:01:04 2021
-----BEGIN PGP SIGNED MESSAGE-----
The MIT Kerberos Team announces the availability of MIT Kerberos 5
Releases 1.19.2 and 1.18.4. Please see below for a list of some major
changes included, or consult the README file in the source tree for a
more detailed list of significant changes.
Retrieving krb5-1.19.2 and krb5-1.18.4
You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the
Beginning with the krb5-1.19 release, a warning will be issued if
initial credentials are acquired using the des3-cbc-sha1 encryption
type. In future releases, this encryption type will be disabled by
default and eventually removed.
Beginning with the krb5-1.18 release, single-DES encryption types have
Major changes in 1.19.2 and 1.18.4 (2021-07-22) ===============================================
These are bug fix releases.
* Fix a denial of service attack against the KDC encrypted challenge
* Fix a memory leak when gss_inquire_cred() is called without a
-----BEGIN PGP SIGNATURE-----