gssntlmssp-1.2.0-1.4 RPM for s390x

From OpenSuSE Ports Tumbleweed for s390x

A GSSAPI Mechanism that implements NTLMSSP.

Provides

• gssntlmssp
• config(gssntlmssp)
• gssntlmssp(s390-64)

Requires

• config(gssntlmssp) = 1.2.0-1.4
• krb5 >= 1.11.2
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.2)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.38)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.8)(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libgssapi_krb5.so.2()(64bit)
• libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)
• libunistring.so.5()(64bit)
• libwbclient.so.0()(64bit)
• libwbclient.so.0(WBCLIENT_0.12)(64bit)
• libwbclient.so.0(WBCLIENT_0.9)(64bit)
• libz.so.1()(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

ISC

Changelog

* Wed Feb 15 2023 Martin Hauke <mardnh@gmx.de>
  - Adapt license changes from upstream
    * LGPL-3.0-or-later -> ISC
  - Upstream moved to github
  - Update to version 1.2.0
    * Implement gss_set_cred_option.
    * Allow to gss_wrap even if NEGOTIATE_SEAL is not negotiated.
    * Move HMAC code to OpenSSL EVP API.
    * Fix crash bug when acceptor credentials are NULL.
    * Translations update from Fedora Weblate.
    Fix CVE:
    * CVE-2023-25563 (boo#1208278): multiple out-of-bounds read
      when decoding NTLM fields.
    * CVE-2023-25564 (boo#1208279): memory corruption when decoding
      UTF16 strings.
    * CVE-2023-25565 (boo#1208280): incorrect free when decoding
      target information.
    * CVE-2023-25566 (boo#1208281): memory leak when parsing
      usernames.
    * CVE-2023-25567 (boo#1208282): out-of-bounds read when
      decoding target information.
  - Update to version 1.1
    * various build fixes and better compatibility when a MIC is
      requested.
  - Update to version 1.0
    * Fix test_gssapi_rfc5587.
    * Actually run tests with make check.
    * Add two tests around NTLMSSP_NEGOTIATE_LMKEY.
    * Refine LM compatibility level logic.
    * Refactor the gssntlm_required_security function.
    * Implement reading LM/NT hashes.
    * Add test for smpasswd-like user files.
    * Return confidentiality status.
    * Fix segfault in sign/seal functions.
    * Fix dummy signature generation.
    * Use UCS16LE instead of UCS-2LE.
    * Provide a zero lm key if the password is too long.
    * Completely omit CBs AV pairs when no CB provided.
    * Change license to the more permissive ISC.
    * Do not require cached users with winbind.
    * Add ability to pass keyfile via cred store.
    * Remove unused parts of Makefile.am.
    * Move attribute names to allocated strings.
    * Adjust serialization for name attributes.
    * Fix crash in acquiring credentials.
    * Fix fallback to external_creds interface.
    * Introduce parse_user_name() function.
    * Add test for parse_user_name.
    * Change how we assemble user names in ASC.
    * Use thread local storage for winbind context.
    * Make per thread winbind context optional.
    * Fixed memleak of usr_cred.
    * Support get_sids request via name attributes.
    * Fixed memory leaks found by valgrind.
  - Update to version 0.9
    * add support for getting session key.
    * Add gss_inquire_attrs_for_mech().
    * Return actual data for RFC5587 API.
    * Add new Windows version flags.
    * Add Key exchange also when wanting integrity only.
    * Drop support for GSS_C_MA_NOT_DFLT_MECH.
* Thu Feb 27 2020 Martin Hauke <mardnh@gmx.de>
  - Specfile cleanup
* Wed Aug 14 2019 Simona Avornicesei <simona@avornicesei.com>
  - Fixed build on Fedora / CentOS
* Wed Aug 14 2019 Simona Avornicesei <simona@avornicesei.com>
  - Fixed build on OpenSUSE Tumbleweed
* Tue Apr 23 2019 Simona Avornicesei <simona@avornicesei.com>
  - build GSSNTLMSSP package v0.8.0 from https://pagure.io/gssntlmssp
* Thu Apr 18 2019 Simo Sorce <simo@redhat.com>
  - New upstream release 0.8.0:
    * Add compatibility with OpenSSL 1.1.0
    * Port some documentation into the tree
    * Rename and split the README file
    * Add support for RFC5801
    * Add support to return SSF value
* Fri Jun 03 2016 Simo Sorce <simo@samba.org>
  - New upstream release 0.7.0:
    * Return the actual_mech_type when requested
    * Add test to check actual_mech is actually returned
    * Fix gss_inquire_cred with no creds
    * Return actual mech on accept context too
    * Add test for accept returning mech
    * Add placeholder inquire_name
    * Fix a regression in error handling
    * Check that we are actually asking for a known oid
    * Move setting seq numbers to a spearate function
    * Add context extension to reset crypto state
* Mon Feb 23 2015 Simo Sorce <simo@samba.org>
  - Update EPEL to latest version
* Sun Jan 26 2014 Simo Sorce <simo@samba.org>
  - Fixes #1058025
  - New upstream release 0.3.1:
    * Fix segfault in init context.
* Sun Jan 12 2014 Simo Sorce <simo@samba.org>
  - New upstream release 0.3.0:
    * Added support for NTLMv1 Signing and Sealing completing full coverage
      of the NTLM protocol
    * Added a number of GSSAPI calls to inquire, export and import context and
      credentials, in preparation for making it work with GSS-Proxy
    * Various fixes memleak and other fixes

Files

/etc/gss
/etc/gss/mech.d
/etc/gss/mech.d/ntlmssp.conf
/usr/lib64/gssntlmssp
/usr/lib64/gssntlmssp/gssntlmssp.so
/usr/share/doc/packages/gssntlmssp
/usr/share/doc/packages/gssntlmssp/README.md
/usr/share/doc/packages/gssntlmssp/compatibility.md
/usr/share/licenses/gssntlmssp
/usr/share/licenses/gssntlmssp/COPYING
/usr/share/locale/en_GB/LC_MESSAGES/gssntlmssp.mo
/usr/share/locale/ka/LC_MESSAGES/gssntlmssp.mo
/usr/share/locale/ko/LC_MESSAGES/gssntlmssp.mo
/usr/share/man/man8/gssntlmssp.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Nov 7 00:51:36 2024