| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: krb5-server | Distribution: CentOS |
| Version: 1.21.1 | Vendor: CentOS |
| Release: 1.el9 | Build date: Wed Aug 9 11:03:08 2023 |
| Group: Unspecified | Build host: aarch64-01.stream.rdu2.redhat.com |
| Size: 1256698 | Source RPM: krb5-1.21.1-1.el9.src.rpm |
| Packager: builder@centos.org | |
| Url: https://web.mit.edu/kerberos/www/ | |
| Summary: The KDC and related programs for Kerberos 5 | |
Kerberos is a network authentication system. The krb5-server package contains the programs that must be installed on a Kerberos 5 key distribution center (KDC). If you are installing a Kerberos 5 KDC, you need to install this package (in other words, most people should NOT install this package).
MIT
* Tue Aug 08 2023 Julien Rische <jrische@redhat.com> - 1.21.1-1
- New upstream version (1.21.1)
- Fix double-free in KDC TGS processing (CVE-2023-39975)
- Add support for "pac_privsvr_enctype" KDB string attribute
Resolves: rhbz#2060421
* Thu Jun 08 2023 Julien Rische <jrische@redhat.com> - 1.20.1-9
- Do not disable PKINIT if some of the well-known DH groups are unavailable
Resolves: rhbz#2187722
- Make PKINIT CMS SHA-1 signature verification available in FIPS mode
Resolves: rhbz#2155607
- Allow to set PAC ticket signature as optional
Resolves: rhbz#2178298
* Wed Feb 22 2023 Julien Rische <jrische@redhat.com> - 1.20.1-8
- Fix datetime parsing in kadmin on s390x
Resolves: rhbz#2169985
* Tue Feb 14 2023 Julien Rische <jrische@redhat.com> - 1.20.1-7
- Fix double free on kdb5_util key creation failure
Resolves: rhbz#2166603
* Tue Jan 31 2023 Julien Rische <jrische@redhat.com> - 1.20.1-6
- Add support for MS-PAC extended KDC signature (CVE-2022-37967)
Resolves: rhbz#2165827
* Thu Jan 19 2023 Julien Rische <jrische@redhat.com> - 1.20.1-5
- Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled
- Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode
Resolves: rhbz#2162461
* Thu Jan 12 2023 Julien Rische <jrische@redhat.com> - 1.20.1-4
- Set aes256-cts-hmac-sha384-192 as EXAMLE.COM master key in kdc.conf
- Add AES SHA-2 HMAC family as EXAMPLE.COM supported etypes in kdc.conf
Resolves: rhbz#2068535
* Tue Jan 10 2023 Julien Rische <jrische@redhat.com> - 1.20.1-2
- Strip debugging data from ksu executable file
Resolves: rhbz#2159643
* Wed Dec 07 2022 Julien Rische <jrische@redhat.com> - 1.20.1-1
- Make tests compatible with sssd-client
Resolves: rhbz#2151513
- Remove invalid password expiry warning
Resolves: rhbz#2121099
- Update error checking for OpenSSL CMS_verify
Resolves: rhbz#2063838
- New upstream version (1.20.1)
Resolves: rhbz#2016312
- Fix integer overflows in PAC parsing (CVE-2022-42898)
Resolves: rhbz#2140971
* Tue Oct 18 2022 Julien Rische <jrische@redhat.com> - 1.19.1-23
- Fix kprop for propagating dump files larger than 4GB
Resolves: rhbz#2133014
* Fri Jul 08 2022 Julien Rische <jrische@redhat.com> - 1.19.1-22
- Restore "supportedCMSTypes" attribute in PKINIT preauth requests
- Set SHA-512 or SHA-256 with RSA as preferred CMS signature algorithms
Resolves: rhbz#2068935
* Thu Jun 23 2022 Julien Rische <jrische@redhat.com> - 1.19.1-21
- Fix libkrad client cleanup
- Allow use of larger RADIUS attributes in krad library
Resolves: rhbz#2100351
* Thu May 12 2022 Julien Rische <jrische@redhat.com> - 1.19.1-20
- Fix OpenSSL 3 MD5 encyption in FIPS mode
- Allow libkrad UDP/TCP connection to localhost in FIPS mode
Resolves: rhbz#2068458
* Mon May 02 2022 Julien Rische <jrische@redhat.com> - 1.19.1-19
- Use p11-kit as default PKCS11 module
Resolves: rhbz#2030981
* Tue Apr 26 2022 Julien Rische <jrische@redhat.com> - 1.19.1-18
- Try harder to avoid password change replay errors
Resolves: rhbz#2075186
* Mon Mar 14 2022 Julien Rische <jrische@redhat.com> - 1.19.1-15
- Use SHA-256 instead of SHA-1 for PKINIT CMS digest
* Thu Feb 24 2022 Julien Rische <jrische@redhat.com> - 1.19.1-14
- Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled
- Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode
* Fri Dec 17 2021 Antonio Torres <antorres@redhat.com> - 1.19.1-13
- Remove -specs= from krb5-config output
- Resolves rhbz#1997021
* Wed Oct 20 2021 Antonio Torres <antorres@redhat.com> - 1.19.1-12
- Fix KDC null deref on TGS inner body null server (CVE-2021-37750)
Resolves: rhbz#1997602
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.19.1-11.1
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
/etc/logrotate.d/kadmind /etc/logrotate.d/krb5kdc /etc/sysconfig/kadmin /etc/sysconfig/kprop /etc/sysconfig/krb5kdc /usr/bin/sclient /usr/lib/.build-id /usr/lib/.build-id/01 /usr/lib/.build-id/01/a11e42a61e648e51a381fe99d9dc9e2da3f0b3 /usr/lib/.build-id/1b /usr/lib/.build-id/1b/aa9c7340c1dde0ee89d2b68b54bda6700ae811 /usr/lib/.build-id/33 /usr/lib/.build-id/33/41c6e0e55ee4141c42f1f2b4e255cce6c7c678 /usr/lib/.build-id/4c /usr/lib/.build-id/4c/f29ff08b485363dbe0560d773d602b3f72a7dd /usr/lib/.build-id/5a /usr/lib/.build-id/5a/63b28d061a9871791b5d1e646fa1d8a920af6e /usr/lib/.build-id/62 /usr/lib/.build-id/62/56d20d4589f21b3e5de0790421dbe2c109b726 /usr/lib/.build-id/63 /usr/lib/.build-id/63/271cbf93b7388361282e103e7ed21b17baaafa /usr/lib/.build-id/9b /usr/lib/.build-id/9b/1841c3172af36941adaf0c370b319933214730 /usr/lib/.build-id/ac /usr/lib/.build-id/ac/005e9a0653e92c93b20fe518f492321f3a5dba /usr/lib/.build-id/b8 /usr/lib/.build-id/b8/576d82ede1f5f5bfcd8167ab95927e8046c823 /usr/lib/.build-id/c4 /usr/lib/.build-id/c4/af747bb84a96e08a8045fd1674bfcb710a1811 /usr/lib/.build-id/fa /usr/lib/.build-id/fa/6bbc81b21e2b5d3de4390674e0caeb0e484c6c /usr/lib/systemd/system/kadmin.service /usr/lib/systemd/system/kprop.service /usr/lib/systemd/system/krb5kdc.service /usr/lib/tmpfiles.d/krb5-krb5kdc.conf /usr/lib64/krb5 /usr/lib64/krb5/plugins /usr/lib64/krb5/plugins/authdata /usr/lib64/krb5/plugins/kdb /usr/lib64/krb5/plugins/kdb/db2.so /usr/lib64/krb5/plugins/kdb/klmdb.so /usr/lib64/krb5/plugins/preauth /usr/lib64/krb5/plugins/preauth/otp.so /usr/sbin/kadmin.local /usr/sbin/kadmind /usr/sbin/kdb5_util /usr/sbin/kprop /usr/sbin/kpropd /usr/sbin/kproplog /usr/sbin/krb5kdc /usr/sbin/sserver /usr/share/doc/krb5-server /usr/share/doc/krb5-server/kdc.conf /usr/share/man/man1/sclient.1.gz /usr/share/man/man5/kadm5.acl.5.gz /usr/share/man/man5/kdc.conf.5.gz /usr/share/man/man8/kadmin.local.8.gz /usr/share/man/man8/kadmind.8.gz /usr/share/man/man8/kdb5_util.8.gz /usr/share/man/man8/kprop.8.gz /usr/share/man/man8/kpropd.8.gz /usr/share/man/man8/kproplog.8.gz /usr/share/man/man8/krb5kdc.8.gz /usr/share/man/man8/sserver.8.gz /var/kerberos /var/kerberos/krb5kdc /var/kerberos/krb5kdc/kadm5.acl /var/kerberos/krb5kdc/kdc.conf /var/run/krb5kdc
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 30 03:23:09 2024