krb5-server-1.21.1-4.el9 RPM for x86_64

From CentOS Stream 9 BaseOS for x86_64

Kerberos is a network authentication system. The krb5-server package
contains the programs that must be installed on a Kerberos 5 key
distribution center (KDC).  If you are installing a Kerberos 5 KDC,
you need to install this package (in other words, most people should
NOT install this package).

Provides

• krb5-server
• config(krb5-server)
• krb5-kdb-version
• krb5-server(x86-64)

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• /usr/share/dict/words
• config(krb5-server) = 1.21.1-4.el9
• krb5-libs(x86-64) = 1.21.1-4.el9
• krb5-pkinit(x86-64) = 1.21.1-4.el9
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.15)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.25)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• libc.so.6(GLIBC_2.8)(64bit)
• libcom_err.so.2()(64bit)
• libcrypto.so.3()(64bit)
• libgssapi_krb5.so.2()(64bit)
• libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)
• libgssrpc.so.4()(64bit)
• libgssrpc.so.4(gssrpc_4_MIT)(64bit)
• libk5crypto.so.3()(64bit)
• libk5crypto.so.3(k5crypto_3_MIT)(64bit)
• libkadm5(x86-64) = 1.21.1-4.el9
• libkadm5clnt_mit.so.12()(64bit)
• libkadm5clnt_mit.so.12(kadm5clnt_mit_12_MIT)(64bit)
• libkadm5srv_mit.so.12()(64bit)
• libkadm5srv_mit.so.12(kadm5srv_mit_12_MIT)(64bit)
• libkdb5.so.10()(64bit)
• libkdb5.so.10(kdb5_10_MIT)(64bit)
• libkeyutils.so.1()(64bit)
• libkrad.so.0()(64bit)
• libkrad.so.0(krad_0_MIT)(64bit)
• libkrb5.so.3()(64bit)
• libkrb5.so.3(krb5_3_MIT)(64bit)
• libkrb5support.so.0()(64bit)
• libkrb5support.so.0(krb5support_0_MIT)(64bit)
• liblmdb.so.0.0.0()(64bit)
• libresolv.so.2()(64bit)
• libselinux.so.1()(64bit)
• libss.so.2()(64bit)
• libverto-module-base
• libverto.so.1()(64bit)
• logrotate
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)
• systemd-units
• systemd-units
• systemd-units

License

MIT

Changelog

* Thu Oct 17 2024 Julien Rische <jrische@redhat.com> - 1.21.1-4
  - libkrad: implement support for Message-Authenticator (CVE-2024-3596)
    Resolves: RHEL-55423
  - Fix various issues detected by static analysis
    Resolves: RHEL-58216
  - Remove RSA protocol for PKINIT
    Resolves: RHEL-15323
* Fri Jul 05 2024 Julien Rische <jrische@redhat.com> - 1.21.1-3
  - CVE-2024-37370 CVE-2024-37371
    Fix vulnerabilities in GSS message token handling
    Resolves: RHEL-45402 RHEL-45392
* Wed Mar 20 2024 Julien Rische <jrische@redhat.com> - 1.21.1-2
  - Fix memory leak in GSSAPI interface
    Resolves: RHEL-27251
  - Fix memory leak in PMAP RPC interface
    Resolves: RHEL-27245
  - Fix memory leak in failing UTF-8 to UTF-16 re-encoding for PAC
    Resolves: RHEL-27253
  - Make TCP waiting time configurable
    Resolves: RHEL-17132
* Tue Aug 08 2023 Julien Rische <jrische@redhat.com> - 1.21.1-1
  - New upstream version (1.21.1)
  - Fix double-free in KDC TGS processing (CVE-2023-39975)
  - Add support for "pac_privsvr_enctype" KDB string attribute
    Resolves: rhbz#2060421
* Thu Jun 08 2023 Julien Rische <jrische@redhat.com> - 1.20.1-9
  - Do not disable PKINIT if some of the well-known DH groups are unavailable
    Resolves: rhbz#2187722
  - Make PKINIT CMS SHA-1 signature verification available in FIPS mode
    Resolves: rhbz#2155607
  - Allow to set PAC ticket signature as optional
    Resolves: rhbz#2178298
* Wed Feb 22 2023 Julien Rische <jrische@redhat.com> - 1.20.1-8
  - Fix datetime parsing in kadmin on s390x
    Resolves: rhbz#2169985
* Tue Feb 14 2023 Julien Rische <jrische@redhat.com> - 1.20.1-7
  - Fix double free on kdb5_util key creation failure
    Resolves: rhbz#2166603
* Tue Jan 31 2023 Julien Rische <jrische@redhat.com> - 1.20.1-6
  - Add support for MS-PAC extended KDC signature (CVE-2022-37967)
    Resolves: rhbz#2165827
* Thu Jan 19 2023 Julien Rische <jrische@redhat.com> - 1.20.1-5
  - Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled
  - Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode
    Resolves: rhbz#2162461
* Thu Jan 12 2023 Julien Rische <jrische@redhat.com> - 1.20.1-4
  - Set aes256-cts-hmac-sha384-192 as EXAMLE.COM master key in kdc.conf
  - Add AES SHA-2 HMAC family as EXAMPLE.COM supported etypes in kdc.conf
    Resolves: rhbz#2068535
* Tue Jan 10 2023 Julien Rische <jrische@redhat.com> - 1.20.1-2
  - Strip debugging data from ksu executable file
    Resolves: rhbz#2159643
* Wed Dec 07 2022 Julien Rische <jrische@redhat.com> - 1.20.1-1
  - Make tests compatible with sssd-client
    Resolves: rhbz#2151513
  - Remove invalid password expiry warning
    Resolves: rhbz#2121099
  - Update error checking for OpenSSL CMS_verify
    Resolves: rhbz#2063838
  - New upstream version (1.20.1)
    Resolves: rhbz#2016312
  - Fix integer overflows in PAC parsing (CVE-2022-42898)
    Resolves: rhbz#2140971
* Tue Oct 18 2022 Julien Rische <jrische@redhat.com> - 1.19.1-23
  - Fix kprop for propagating dump files larger than 4GB
    Resolves: rhbz#2133014

Files

/etc/logrotate.d/kadmind
/etc/logrotate.d/krb5kdc
/etc/sysconfig/kadmin
/etc/sysconfig/kprop
/etc/sysconfig/krb5kdc
/usr/bin/sclient
/usr/lib/.build-id
/usr/lib/.build-id/2d
/usr/lib/.build-id/2d/c620ea026747c941888fa35438bdba47c717bd
/usr/lib/.build-id/59
/usr/lib/.build-id/59/d079165f5156c7a485b4762598833fddb663ed
/usr/lib/.build-id/7b
/usr/lib/.build-id/7b/a10231098ee382ec26125f84677f089f71e0c6
/usr/lib/.build-id/7e
/usr/lib/.build-id/7e/297eb17d53831c5c91a6fe66c3468127552edf
/usr/lib/.build-id/97
/usr/lib/.build-id/97/a2deaa5cac63767ddc7c0aa4dad6701d5b6b82
/usr/lib/.build-id/a2
/usr/lib/.build-id/a2/0bef424931409cb5ae1faad07254574d4db00b
/usr/lib/.build-id/a8
/usr/lib/.build-id/a8/d1c7031b8e5b163b0f5de48cac7c1ea56ec1fd
/usr/lib/.build-id/bb
/usr/lib/.build-id/bb/9f2f67adab50c1a943249dc5e9979799fd20e1
/usr/lib/.build-id/ce
/usr/lib/.build-id/ce/f90da8f6e143308bf21110a1dd95b664ff2608
/usr/lib/.build-id/e4
/usr/lib/.build-id/e4/6b85416c4e44290e56cdc53bf3852738121d9b
/usr/lib/.build-id/eb
/usr/lib/.build-id/eb/78e9e5872d2eeab4dba9c704f30e9c1fff4f59
/usr/lib/.build-id/fb
/usr/lib/.build-id/fb/f40ec84b0d9ff909cd526469948298378268b9
/usr/lib/systemd/system/kadmin.service
/usr/lib/systemd/system/kprop.service
/usr/lib/systemd/system/krb5kdc.service
/usr/lib/tmpfiles.d/krb5-krb5kdc.conf
/usr/lib64/krb5
/usr/lib64/krb5/plugins
/usr/lib64/krb5/plugins/authdata
/usr/lib64/krb5/plugins/kdb
/usr/lib64/krb5/plugins/kdb/db2.so
/usr/lib64/krb5/plugins/kdb/klmdb.so
/usr/lib64/krb5/plugins/preauth
/usr/lib64/krb5/plugins/preauth/otp.so
/usr/sbin/kadmin.local
/usr/sbin/kadmind
/usr/sbin/kdb5_util
/usr/sbin/kprop
/usr/sbin/kpropd
/usr/sbin/kproplog
/usr/sbin/krb5kdc
/usr/sbin/sserver
/usr/share/doc/krb5-server
/usr/share/doc/krb5-server/kdc.conf
/usr/share/man/man1/sclient.1.gz
/usr/share/man/man5/kadm5.acl.5.gz
/usr/share/man/man5/kdc.conf.5.gz
/usr/share/man/man8/kadmin.local.8.gz
/usr/share/man/man8/kadmind.8.gz
/usr/share/man/man8/kdb5_util.8.gz
/usr/share/man/man8/kprop.8.gz
/usr/share/man/man8/kpropd.8.gz
/usr/share/man/man8/kproplog.8.gz
/usr/share/man/man8/krb5kdc.8.gz
/usr/share/man/man8/sserver.8.gz
/var/kerberos
/var/kerberos/krb5kdc
/var/kerberos/krb5kdc/kadm5.acl
/var/kerberos/krb5kdc/kdc.conf
/var/run/krb5kdc

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Oct 21 04:46:43 2025