[5765] in bugtraq
MIT Kerberos V5 R1.0.4 is released
daemon@ATHENA.MIT.EDU (Aleph One)
Wed Dec 10 00:42:26 1997
Date: Tue, 9 Dec 1997 22:28:11 -0600
Reply-To: Aleph One <aleph1@dfw.net>
From: Aleph One <aleph1@DFW.NET>
To: BUGTRAQ@NETSPACE.ORG
Subject: MIT Kerberos V5 R1.0.4 is released
From: tlyu@MIT.EDU (Tom Yu)
Date: Fri, 5 Dec 1997 16:33:17 -0800
Message-ID: <199712060018.TAA28644@tesla-coil.MIT.EDU>
Newsgroups: comp.protocols.kerberos
The MIT Kerberos Team is proud to announce the availability of MIT
Kerberos V5 Release 1.0.4. This release is a bug-fix release only;
there are no feature enhancements over the 1.0.3 release.
The following bugs were fixed:
* A typo in krlogind.c that caused rd_and_store_for_creds to be called
with the wrong arguments has been fixed.
* Telnetd now has the forwarded credentials security hole fixed as well.
* An incorrect buffer length in telnetd has been corrected.
* The KDC now verifies that strings to be logged are non-NULL prior to
syslogging.
* A fencepost error in the pty library has been corrected.
* The pty library no longer tries to chown a zero-length filename.
Getting Kerberos V5 1.0.4
=========================
The simplest way to get the new 1.0.4 release is via the Web. Use the
following URL:
http://web.mit.edu/network/kerberos-form.html
Alternatively, you may retrieve the release using FTP:
FTP to athena-dist.mit.edu, in /pub/kerberos. Get the file
README.KRB5-1.0.4. It will contain instructions on how to
obtain the 1.0.4 release.
----------
Tom Yu
MIT Information Systems/Kerberos Development Team
