krb5-1.21.3-5.fc42 | Build Info

Information for build krb5-1.21.3-5.fc42

7371

Package Name

krb5

Version

1.21.3

Release

5.fc42

Epoch

Draft

False

Summary

The Kerberos network authentication system

Description

Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form.

Built by

davidlt

State

complete

Volume

DEFAULT

Started

Mon, 09 Jun 2025 16:26:52 UTC

Completed

Mon, 09 Jun 2025 16:26:52 UTC

Tags

f42

RPMs

src
	krb5-1.21.3-5.fc42.src.rpm (info) (download)
riscv64
	krb5-devel-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-libs-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-pkinit-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-server-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-server-ldap-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-tests-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-workstation-1.21.3-5.fc42.riscv64.rpm (info) (download)
	libkadm5-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-debuginfo-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-debugsource-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-libs-debuginfo-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-pkinit-debuginfo-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-server-debuginfo-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-server-ldap-debuginfo-1.21.3-5.fc42.riscv64.rpm (info) (download)
	krb5-workstation-debuginfo-1.21.3-5.fc42.riscv64.rpm (info) (download)
	libkadm5-debuginfo-1.21.3-5.fc42.riscv64.rpm (info) (download)

Changelog

* Wed Jan 29 2025 Julien Rische <jrische@redhat.com> - 1.21.3-5 - Prevent overflow when calculating ulog block size (CVE-2025-24528) Resolves: rhbz#2342798 - Support PKCS11 EC client certs in PKINIT Resolves: rhbz#2341962 - kdb5_util: fix DB entry flags on modification Resolves: rhbz#2336555 - Add ECDH support for PKINIT (RFC5349) Resolves: rhbz#2214326 - Remove dependency of krb5-libs on gawk and sed Resolves: rhbz#2323859 * Fri Jan 17 2025 Fedora Release Engineering <releng@fedoraproject.org> - 1.21.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Wed Oct 30 2024 Julien Rische <jrische@redhat.com> - 1.21.3-3 - libkrad: implement support for Message-Authenticator (CVE-2024-3596) Resolves: rhbz#2304071 - Fix various issues detected by static analysis Resolves: rhbz#2322704 - Remove RSA protocol for PKINIT Resolves: rhbz#2322706 - Make TCP waiting time configurable Resolves: rhbz#2322711 * Thu Jul 18 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.21.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Tue Jul 09 2024 Julien Rische <jrische@redhat.com> - 1.21.3-1 - New upstream version (1.21.3) - CVE-2024-26458: Memory leak in src/lib/rpc/pmap_rmt.c Resolves: rhbz#2266732 - CVE-2024-26461: Memory leak in src/lib/gssapi/krb5/k5sealv3.c Resolves: rhbz#2266741 - CVE-2024-26462: Memory leak in src/kdc/ndr.c Resolves: rhbz#2266743 - Add missing SPDX license identifiers Resolves: rhbz#2265333 * Mon Jul 08 2024 Julien Rische <jrische@redhat.com> - 1.21.2-6 - CVE-2024-37370 CVE-2024-37371: GSS message token handling Resolves: rhbz#2294678 rhbz#2294680 - Fix double free in klist's show_ccache() Resolves: rhbz#2257301 - Do not include files with "~" termination in krb5-tests * Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.21.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.21.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jan 17 2024 Julien Rische <jrische@redhat.com> - 1.21.2-3 - Fix double free in klist's show_ccache() Resolves: rhbz#2257301 - Store krb5-tests files in architecture-specific directories Resolves: rhbz#2244601 * Tue Oct 10 2023 Julien Rische <jrische@redhat.com> - 1.21.2-2 - Use SPDX expression for license tag - Fix unimportant memory leaks Resolves: rhbz#2223274 * Wed Aug 16 2023 Julien Rische <jrische@redhat.com> - 1.21.2-1 - New upstream version (1.21.2) - Fix double-free in KDC TGS processing (CVE-2023-39975) Resolves: rhbz#2229113 - Make tests compatible with Python 3.12 Resolves: rhbz#2224013 * Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.21-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jun 29 2023 Marek Blaha <mblaha@redhat.com> - 1.21-2 - Replace file dependency with package name Resolves: rhbz#2216903 * Mon Jun 12 2023 Julien Rische <jrische@redhat.com> - 1.21-1 - New upstream version (1.21) - Do not disable PKINIT if some of the well-known DH groups are unavailable Resolves: rhbz#2214297 - Make PKINIT CMS SHA-1 signature verification available in FIPS mode Resolves: rhbz#2214300 - Allow to set PAC ticket signature as optional Resolves: rhbz#2181311 - Add support for MS-PAC extended KDC signature (CVE-2022-37967) Resolves: rhbz#2166001 - Fix syntax error in aclocal.m4 Resolves: rhbz#2143306 * Tue Jan 31 2023 Julien Rische <jrische@redhat.com> - 1.20.1-9 - Add support for MS-PAC extended KDC signature (CVE-2022-37967) Resolves: rhbz#2166001 * Mon Jan 30 2023 Julien Rische <jrische@redhat.com> - 1.20.1-8 - Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled - Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode