Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

krb5-pkinit-1.20.1-8.el9 RPM for i686

From CentOS Stream 9 BaseOS for x86_64

Name: krb5-pkinit Distribution: CentOS
Version: 1.20.1 Vendor: CentOS
Release: 8.el9 Build date: Wed Feb 22 18:11:17 2023
Group: Unspecified Build host: x86-04.stream.rdu2.redhat.com
Size: 131130 Source RPM: krb5-1.20.1-8.el9.src.rpm
Packager: builder@centos.org
Url: https://web.mit.edu/kerberos/www/
Summary: The PKINIT module for Kerberos 5
Kerberos is a network authentication system. The krb5-pkinit
package contains the PKINIT plugin, which allows clients
to obtain initial credentials from a KDC using a private key and a
certificate.

Provides

Requires

License

MIT

Changelog

* Wed Feb 22 2023 Julien Rische <jrische@redhat.com> - 1.20.1-8
  - Fix datetime parsing in kadmin on s390x
  - Resolves: rhbz#2169985
* Tue Feb 14 2023 Julien Rische <jrische@redhat.com> - 1.20.1-7
  - Fix double free on kdb5_util key creation failure
  - Resolves: rhbz#2166603
* Tue Jan 31 2023 Julien Rische <jrische@redhat.com> - 1.20.1-6
  - Add support for MS-PAC extended KDC signature (CVE-2022-37967)
  - Resolves: rhbz#2165827
* Thu Jan 19 2023 Julien Rische <jrische@redhat.com> - 1.20.1-5
  - Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled
  - Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode
  - Resolves: rhbz#2162461
* Thu Jan 12 2023 Julien Rische <jrische@redhat.com> - 1.20.1-4
  - Set aes256-cts-hmac-sha384-192 as EXAMLE.COM master key in kdc.conf
  - Add AES SHA-2 HMAC family as EXAMPLE.COM supported etypes in kdc.conf
  - Resolves: rhbz#2068535
* Tue Jan 10 2023 Julien Rische <jrische@redhat.com> - 1.20.1-2
  - Strip debugging data from ksu executable file
  - Resolves: rhbz#2159643
* Wed Dec 07 2022 Julien Rische <jrische@redhat.com> - 1.20.1-1
  - Make tests compatible with sssd-client
  - Resolves: rhbz#2151513
  - Remove invalid password expiry warning
  - Resolves: rhbz#2121099
  - Update error checking for OpenSSL CMS_verify
  - Resolves: rhbz#2063838
  - New upstream version (1.20.1)
  - Resolves: rhbz#2016312
  - Fix integer overflows in PAC parsing (CVE-2022-42898)
  - Resolves: rhbz#2140971
* Tue Oct 18 2022 Julien Rische <jrische@redhat.com> - 1.19.1-23
  - Fix kprop for propagating dump files larger than 4GB
  - Resolves: rhbz#2133014
* Fri Jul 08 2022 Julien Rische <jrische@redhat.com> - 1.19.1-22
  - Restore "supportedCMSTypes" attribute in PKINIT preauth requests
  - Set SHA-512 or SHA-256 with RSA as preferred CMS signature algorithms
  - Resolves: rhbz#2068935
* Thu Jun 23 2022 Julien Rische <jrische@redhat.com> - 1.19.1-21
  - Fix libkrad client cleanup
  - Allow use of larger RADIUS attributes in krad library
  - Resolves: rhbz#2100351
* Thu May 12 2022 Julien Rische <jrische@redhat.com> - 1.19.1-20
  - Fix OpenSSL 3 MD5 encyption in FIPS mode
  - Allow libkrad UDP/TCP connection to localhost in FIPS mode
  - Resolves: rhbz#2068458
* Mon May 02 2022 Julien Rische <jrische@redhat.com> - 1.19.1-19
  - Use p11-kit as default PKCS11 module
  - Resolves: rhbz#2030981
* Tue Apr 26 2022 Julien Rische <jrische@redhat.com> - 1.19.1-18
  - Try harder to avoid password change replay errors
  - Resolves: rhbz#2075186
* Mon Mar 14 2022 Julien Rische <jrische@redhat.com> - 1.19.1-15
  - Use SHA-256 instead of SHA-1 for PKINIT CMS digest
* Thu Feb 24 2022 Julien Rische <jrische@redhat.com> - 1.19.1-14
  - Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled
  - Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode
* Fri Dec 17 2021 Antonio Torres <antorres@redhat.com> - 1.19.1-13
  - Remove -specs= from krb5-config output
  - Resolves #1997021
* Wed Oct 20 2021 Antonio Torres <antorres@redhat.com> - 1.19.1-12
  - Fix KDC null deref on TGS inner body null server (CVE-2021-37750)
  - Resolves: #1997602
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.19.1-11.1
  - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
    Related: rhbz#1991688
* Tue Jul 20 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-11
  - Fix KDC null deref on bad encrypted challenge (CVE-2021-36222)
  - Resolves: #1983733
* Wed Jul 14 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-10
  - Update OpenSSL 3 provider handling to clean up properly
  - Resolves: #1955873
* Mon Jun 21 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-9
  - Sync openssl3 patches with upstream
  - Resolves: #1955873
* Thu Jun 17 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-8
  - Rebuild for rpminspect and mass rebuild cleanup; no code changes
  - Resolves: #1967505
* Thu Jun 17 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-7
  - Fix several fallback canonicalization problems
  - Resolves: #1967505
* Tue Jun 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.19.1-6.1
  - Rebuilt for RHEL 9 BETA for openssl 3.0
  - Resolves: rhbz#1971065
* Thu Jun 10 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-6
  - Backport KCM retrieval fixes
  - Resolves: #1956403
* Thu May 20 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-5
  - Fix DES3 mention in KDFs
  - Resolves: #1955873
* Wed May 19 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-4
  - Port to OpenSSL 3 (alpha 15)
  - Resolves: #1955873
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.19.1-3.1
  - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Mar 01 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-3
  - Further test dependency fixes; no code changes
* Mon Mar 01 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-2
  - Make test dependencies contingent on skipcheck; no code changes

Files

/usr/lib/.build-id
/usr/lib/.build-id/1e
/usr/lib/.build-id/1e/965ac6d9950337585ad866b9dbb1bf8572cd84
/usr/lib/krb5
/usr/lib/krb5/plugins
/usr/lib/krb5/plugins/preauth
/usr/lib/krb5/plugins/preauth/pkinit.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Dec 17 08:30:58 2024