krb5-server-1.8.1-5.1.1 RPM for i586

From OpenSuSE 11.3-test updates for i586

Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords. This package includes the kdc, kadmind
and more.



Authors:
--------
    The MIT Kerberos Team
    Sam Hartman <hartmans@mit.edu>
    Ken Raeburn <raeburn@mit.edu>
    Tom Yu <tlyu@mit.edu>

Provides

• krb5-server
• db2.so.0
• db2.so.0(HIDDEN)
• db2.so.0(db2.so.0)
• db2.so.0(db2_0_MIT)
• krb5-server(x86-32)

Requires

• perl-Date-Calc
• logrotate
• cron
• insserv
• sed
• fillup
• coreutils
• grep <=
• diffutils
• /bin/sh <=
• /bin/sh <=
• rpmlib(PayloadFilesHavePrefix)
• rpmlib(CompressedFileNames)
• /bin/sh <=
• libc.so.6
• libc.so.6(GLIBC_2.0) <
• libc.so.6(GLIBC_2.1) <
• libc.so.6(GLIBC_2.1.3) >
• libc.so.6(GLIBC_2.3) <
• libc.so.6(GLIBC_2.3.4) >
• libc.so.6(GLIBC_2.4) <
• libc.so.6(GLIBC_2.8) <=
• libcom_err.so.2
• libgssapi_krb5.so.2 >=
• libgssapi_krb5.so.2(gssapi_krb5_2_MIT) <
• libgssrpc.so.4
• libgssrpc.so.4(gssrpc_4_MIT)
• libk5crypto.so.3
• libk5crypto.so.3(k5crypto_3_MIT) >=
• libkadm5clnt_mit.so.7
• libkadm5clnt_mit.so.7(kadm5clnt_mit_7_MIT)
• libkadm5srv_mit.so.7 <=
• libkadm5srv_mit.so.7(kadm5srv_mit_7_MIT) =
• libkdb5.so.4 <=
• libkdb5.so.4(kdb5_4_MIT) <
• libkrb5.so.3 <
• libkrb5.so.3(krb5_3_MIT) <
• libkrb5support.so.0 <
• libkrb5support.so.0(krb5support_0_MIT) >
• libpthread.so.0 =
• libpthread.so.0(GLIBC_2.0)
• libss.so.2 <
• rpmlib(PayloadIsLzma)

License

MIT License (or similar)

Changelog

* Mon Sep 27 2010 mc@suse.de
  - fix a dereference of an uninitialized pointer while processing
    authorization data.
    CVE-2010-1322, MITKRB5-SA-2010-006 (bnc#640990)
* Mon Jun 21 2010 lchiquitto@novell.com
  - add correct error table when initializing gss-krb5 (bnc#606584,
    bnc#608295)
* Wed May 19 2010 mc@suse.de
  - fix GSS-API library null pointer dereference
    CVE-2010-1321, MITKRB5-SA-2010-005 (bnc#596826)
* Wed Apr 14 2010 mc@suse.de
  - fix a double free vulnerability in the KDC
    CVE-2010-1320, MITKRB5-SA-2010-004 (bnc#596002)
* Fri Apr 09 2010 mc@suse.de
  - update to version 1.8.1
    * include krb5-1.8-POST.dif
    * include MITKRB5-SA-2010-002
* Tue Apr 06 2010 mc@suse.de
  - update krb5-1.8-POST.dif
* Tue Mar 23 2010 mc@suse.de
  - fix a bug where an unauthenticated remote attacker could cause
    a GSS-API application including the Kerberos administration
    daemon (kadmind) to crash.
    CVE-2010-0628, MITKRB5-SA-2010-002 (bnc#582557)
* Tue Mar 23 2010 mc@suse.de
  - add post 1.8 fixes
    * Add IPv6 support to changepw.c
    * fix two problems in kadm5_get_principal mask handling
    * Ignore improperly encoded signedpath AD elements
    * handle NT_SRV_INST in service principal referrals
    * dereference options while checking
      KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT
    * Fix the kpasswd fallback from the ccache principal name
    * Document the ticket_lifetime libdefaults setting
    * Change KRB5_AUTHDATA_SIGNTICKET from 142 to 512
* Thu Mar 04 2010 mc@suse.de
  - update to version 1.8
    * Increase code quality
    * Move toward improved KDB interface
    * Investigate and remedy repeatedly-reported performance
      bottlenecks.
    * Reduce DNS dependence by implementing an interface that allows
      client library to track whether a KDC supports service
      principal referrals.
    * Disable DES by default
    * Account lockout for repeated login failures
    * Bridge layer to allow Heimdal HDB modules to act as KDB
      backend modules
    * FAST enhancements
    * Microsoft Services for User (S4U) compatibility
    * Anonymous PKINIT
  - fix KDC denial of service
    CVE-2010-0283, MITKRB5-SA-2010-001 (bnc#571781)
  - fix KDC denial of service in cross-realm referral processing
    CVE-2009-3295, MITKRB5-SA-2009-003 (bnc#561347)
  - fix integer underflow in AES and RC4 decryption
    CVE-2009-4212, MITKRB5-SA-2009-004 (bnc#561351)
  - moved krb5 applications (telnet, ftp, rlogin, ...) to krb5-appl
* Mon Dec 14 2009 jengelh@medozas.de
  - add baselibs.conf as a source
* Fri Nov 13 2009 mc@suse.de
  - enhance '$PATH' only if the directories are available
    and not empty (bnc#544949)
* Sun Jul 12 2009 coolo@novell.com
  - readd lost baselibs.conf
* Wed Jun 03 2009 mc@suse.de
  - update to final 1.7 release
* Wed May 13 2009 mc@suse.de
  - update to version 1.7 Beta2
    * Incremental propagation support for the KDC database.
    * Flexible Authentication Secure Tunneling (FAST), a preauthentiation
      framework that can protect the AS exchange from dictionary attack.
    * Implement client and KDC support for GSS_C_DELEG_POLICY_FLAG, which
      allows a GSS application to request credential delegation only if
      permitted by KDC policy.
    * Fix CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847 --
      various vulnerabilities in SPNEGO and ASN.1 code.

Files

/etc/init.d/kadmind
/etc/init.d/kpropd
/etc/init.d/krb5kdc
/etc/logrotate.d/krb5-server
/etc/sysconfig/SuSEfirewall2.d/services/kadmind
/etc/sysconfig/SuSEfirewall2.d/services/kdc
/usr/bin/rckadmind
/usr/bin/rckpropd
/usr/bin/rckrb5kdc
/usr/lib/krb5
/usr/lib/krb5/plugins
/usr/lib/krb5/plugins/kdb
/usr/lib/krb5/plugins/kdb/db2.so
/usr/lib/mit
/usr/lib/mit/sbin
/usr/lib/mit/sbin/gss-server
/usr/lib/mit/sbin/kadmin.local
/usr/lib/mit/sbin/kadmind
/usr/lib/mit/sbin/kdb5_util
/usr/lib/mit/sbin/kprop
/usr/lib/mit/sbin/kpropd
/usr/lib/mit/sbin/kproplog
/usr/lib/mit/sbin/krb5kdc
/usr/lib/mit/sbin/sim_server
/usr/lib/mit/sbin/sserver
/usr/lib/mit/sbin/uuserver
/usr/share/doc/packages/krb5
/usr/share/man/man5/kdc.conf.5.gz
/usr/share/man/man8/kadmin.local.8.gz
/usr/share/man/man8/kadmind.8.gz
/usr/share/man/man8/kdb5_util.8.gz
/usr/share/man/man8/kprop.8.gz
/usr/share/man/man8/kpropd.8.gz
/usr/share/man/man8/kproplog.8.gz
/usr/share/man/man8/krb5kdc.8.gz
/usr/share/man/man8/sserver.8.gz
/var/lib/kerberos
/var/lib/kerberos/krb5kdc
/var/lib/kerberos/krb5kdc/kadm5.acl
/var/lib/kerberos/krb5kdc/kadm5.dict
/var/lib/kerberos/krb5kdc/kdc.conf

Generated by rpm2html 1.8.1

Fabrice Bellet, Mon May 20 05:36:02 2013