[ All 3 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ]
×

Package krb5-pkinit-1.21.1-6.el9.x86_64 download

Name krb5-pkinit
Epoch 0
Version 1.21.1
Release 6.el9
Architecture x86_64
Website/URL https://web.mit.edu/kerberos/www/
License MIT
Build Time 2025-03-31 13:40:53
Build Host builder-x86-08.inferitos.ru
Summary The PKINIT module for Kerberos 5
Repositories BaseOS
Description Kerberos is a network authentication system. The krb5-pkinit package contains the PKINIT plugin, which allows clients to obtain initial credentials from a KDC using a private key and a certificate.
Errata INFSA-2025:7067
Size 58 KiB
Source Project krb5-1.21.1-6.el9
SHA-256 checksum 68298abfb1fc4cf682fe91b1d60052ab32bae3af05c7a157e39634a6ad87a489
× Full screenshot
Changelog link 
* Wed Jan 29 2025 Julien Rische <jrische@redhat.com> - 1.21.1-6
- Prevent overflow when calculating ulog block size (CVE-2025-24528)
  Resolves: RHEL-76759

* Fri Jan 17 2025 Julien Rische <jrische@redhat.com> - 1.21.1-5
- Support PKCS11 EC client certs in PKINIT
  Resolves: RHEL-74374
- kdb5_util: fix DB entry flags on modification
  Resolves: RHEL-56059
- Add ECDH support for PKINIT (RFC5349)
  Resolves: RHEL-4902

* Thu Oct 17 2024 Julien Rische <jrische@redhat.com> - 1.21.1-4
- libkrad: implement support for Message-Authenticator (CVE-2024-3596)
  Resolves: RHEL-55423
- Fix various issues detected by static analysis
  Resolves: RHEL-58216
- Remove RSA protocol for PKINIT
  Resolves: RHEL-15323

* Fri Jul 05 2024 Julien Rische <jrische@redhat.com> - 1.21.1-3
- CVE-2024-37370 CVE-2024-37371
  Fix vulnerabilities in GSS message token handling
  Resolves: RHEL-45402 RHEL-45392

* Wed Mar 20 2024 Julien Rische <jrische@redhat.com> - 1.21.1-2
- Fix memory leak in GSSAPI interface
  Resolves: RHEL-27251
- Fix memory leak in PMAP RPC interface
  Resolves: RHEL-27245
- Fix memory leak in failing UTF-8 to UTF-16 re-encoding for PAC
  Resolves: RHEL-27253
- Make TCP waiting time configurable
  Resolves: RHEL-17132

* Tue Aug 08 2023 Julien Rische <jrische@redhat.com> - 1.21.1-1
- New upstream version (1.21.1)
- Fix double-free in KDC TGS processing (CVE-2023-39975)
- Add support for "pac_privsvr_enctype" KDB string attribute
  Resolves: rhbz#2060421

* Thu Jun 08 2023 Julien Rische <jrische@redhat.com> - 1.20.1-9
- Do not disable PKINIT if some of the well-known DH groups are unavailable
  Resolves: rhbz#2187722
- Make PKINIT CMS SHA-1 signature verification available in FIPS mode
  Resolves: rhbz#2155607
- Allow to set PAC ticket signature as optional
  Resolves: rhbz#2178298

* Fri Apr 14 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 1.20.1-8
- Rebuilt for MSVSphere 9.2 beta

* Wed Feb 22 2023 Julien Rische <jrische@redhat.com> - 1.20.1-8
- Fix datetime parsing in kadmin on s390x
  Resolves: rhbz#2169985

* Tue Feb 14 2023 Julien Rische <jrische@redhat.com> - 1.20.1-7
- Fix double free on kdb5_util key creation failure
  Resolves: rhbz#2166603