Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

krb5-libs-1.21.1-3.el9 RPM for i686

From CentOS Stream 9 BaseOS for x86_64

Name: krb5-libs Distribution: CentOS
Version: 1.21.1 Vendor: CentOS
Release: 3.el9 Build date: Fri Jul 5 18:45:26 2024
Group: Unspecified Build host: x86-02.stream.rdu2.redhat.com
Size: 2515097 Source RPM: krb5-1.21.1-3.el9.src.rpm
Packager: builder@centos.org
Url: https://web.mit.edu/kerberos/www/
Summary: The non-admin shared libraries used by Kerberos 5
Kerberos is a network authentication system. The krb5-libs package
contains the shared libraries needed by Kerberos 5. If you are using
Kerberos, you need to install this package.

Provides

Requires

License

MIT

Changelog

* Fri Jul 05 2024 Julien Rische <jrische@redhat.com> - 1.21.1-3
  - CVE-2024-37370 CVE-2024-37371
    Fix vulnerabilities in GSS message token handling
    Resolves: RHEL-45402 RHEL-45392
* Wed Mar 20 2024 Julien Rische <jrische@redhat.com> - 1.21.1-2
  - Fix memory leak in GSSAPI interface
    Resolves: RHEL-27251
  - Fix memory leak in PMAP RPC interface
    Resolves: RHEL-27245
  - Fix memory leak in failing UTF-8 to UTF-16 re-encoding for PAC
    Resolves: RHEL-27253
  - Make TCP waiting time configurable
    Resolves: RHEL-17132
* Tue Aug 08 2023 Julien Rische <jrische@redhat.com> - 1.21.1-1
  - New upstream version (1.21.1)
  - Fix double-free in KDC TGS processing (CVE-2023-39975)
  - Add support for "pac_privsvr_enctype" KDB string attribute
    Resolves: rhbz#2060421
* Thu Jun 08 2023 Julien Rische <jrische@redhat.com> - 1.20.1-9
  - Do not disable PKINIT if some of the well-known DH groups are unavailable
    Resolves: rhbz#2187722
  - Make PKINIT CMS SHA-1 signature verification available in FIPS mode
    Resolves: rhbz#2155607
  - Allow to set PAC ticket signature as optional
    Resolves: rhbz#2178298
* Wed Feb 22 2023 Julien Rische <jrische@redhat.com> - 1.20.1-8
  - Fix datetime parsing in kadmin on s390x
    Resolves: rhbz#2169985
* Tue Feb 14 2023 Julien Rische <jrische@redhat.com> - 1.20.1-7
  - Fix double free on kdb5_util key creation failure
    Resolves: rhbz#2166603
* Tue Jan 31 2023 Julien Rische <jrische@redhat.com> - 1.20.1-6
  - Add support for MS-PAC extended KDC signature (CVE-2022-37967)
    Resolves: rhbz#2165827
* Thu Jan 19 2023 Julien Rische <jrische@redhat.com> - 1.20.1-5
  - Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled
  - Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode
    Resolves: rhbz#2162461
* Thu Jan 12 2023 Julien Rische <jrische@redhat.com> - 1.20.1-4
  - Set aes256-cts-hmac-sha384-192 as EXAMLE.COM master key in kdc.conf
  - Add AES SHA-2 HMAC family as EXAMPLE.COM supported etypes in kdc.conf
    Resolves: rhbz#2068535
* Tue Jan 10 2023 Julien Rische <jrische@redhat.com> - 1.20.1-2
  - Strip debugging data from ksu executable file
    Resolves: rhbz#2159643
* Wed Dec 07 2022 Julien Rische <jrische@redhat.com> - 1.20.1-1
  - Make tests compatible with sssd-client
    Resolves: rhbz#2151513
  - Remove invalid password expiry warning
    Resolves: rhbz#2121099
  - Update error checking for OpenSSL CMS_verify
    Resolves: rhbz#2063838
  - New upstream version (1.20.1)
    Resolves: rhbz#2016312
  - Fix integer overflows in PAC parsing (CVE-2022-42898)
    Resolves: rhbz#2140971
* Tue Oct 18 2022 Julien Rische <jrische@redhat.com> - 1.19.1-23
  - Fix kprop for propagating dump files larger than 4GB
    Resolves: rhbz#2133014
* Fri Jul 08 2022 Julien Rische <jrische@redhat.com> - 1.19.1-22
  - Restore "supportedCMSTypes" attribute in PKINIT preauth requests
  - Set SHA-512 or SHA-256 with RSA as preferred CMS signature algorithms
    Resolves: rhbz#2068935

Files

/etc/gss
/etc/gss/mech.d
/etc/krb5.conf
/etc/krb5.conf.d
/etc/krb5.conf.d/crypto-policies
/usr/lib/.build-id
/usr/lib/.build-id/09
/usr/lib/.build-id/09/c901c6f7abf821a37157e744103a1226aa5c90
/usr/lib/.build-id/14
/usr/lib/.build-id/14/645a3c7f91949fce10989650f3f2972212ebd3
/usr/lib/.build-id/61
/usr/lib/.build-id/61/84519fda94b8b962caeca325fe7d40c5113955
/usr/lib/.build-id/8a
/usr/lib/.build-id/8a/47ab603ac854b9096ca40a44709cf4847f754e
/usr/lib/.build-id/a0
/usr/lib/.build-id/a0/bedc641acfc1af945a5e7995460953d943abc3
/usr/lib/.build-id/a1
/usr/lib/.build-id/a1/6ce913684e4f2ea8bb7760e67153126d4d4d06
/usr/lib/.build-id/de
/usr/lib/.build-id/de/ac61aee1bc3b5705e0bc71f3bf22167b64433e
/usr/lib/.build-id/f0
/usr/lib/.build-id/f0/ea963673ec9f71d49b4f4aa4a5670a7fb52c51
/usr/lib/.build-id/f3
/usr/lib/.build-id/f3/5e64a741ab3c65623d73c33a2217c69de159d1
/usr/lib/krb5
/usr/lib/krb5/plugins
/usr/lib/krb5/plugins/authdata
/usr/lib/krb5/plugins/kdb
/usr/lib/krb5/plugins/libkrb5
/usr/lib/krb5/plugins/preauth
/usr/lib/krb5/plugins/preauth/spake.so
/usr/lib/krb5/plugins/tls
/usr/lib/krb5/plugins/tls/k5tls.so
/usr/lib/libgssapi_krb5.so.2
/usr/lib/libgssapi_krb5.so.2.2
/usr/lib/libgssrpc.so.4
/usr/lib/libgssrpc.so.4.2
/usr/lib/libk5crypto.so.3
/usr/lib/libk5crypto.so.3.1
/usr/lib/libkdb5.so.10
/usr/lib/libkdb5.so.10.0
/usr/lib/libkrad.so.0
/usr/lib/libkrad.so.0.0
/usr/lib/libkrb5.so.3
/usr/lib/libkrb5.so.3.3
/usr/lib/libkrb5support.so.0
/usr/lib/libkrb5support.so.0.1
/usr/share/doc/krb5-libs
/usr/share/doc/krb5-libs/NOTICE
/usr/share/doc/krb5-libs/README
/usr/share/licenses/krb5-libs
/usr/share/licenses/krb5-libs/LICENSE
/usr/share/locale/de/LC_MESSAGES/mit-krb5.mo
/usr/share/locale/en_US/LC_MESSAGES/mit-krb5.mo
/usr/share/locale/ka/LC_MESSAGES/mit-krb5.mo
/usr/share/man/man5/.k5identity.5.gz
/usr/share/man/man5/.k5login.5.gz
/usr/share/man/man5/k5identity.5.gz
/usr/share/man/man5/k5login.5.gz
/usr/share/man/man5/krb5.conf.5.gz
/usr/share/man/man7/kerberos.7.gz
/var/kerberos
/var/kerberos/krb5
/var/kerberos/krb5/user


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Dec 7 05:11:24 2024