[28036] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.10]: Updates for krb5-1.10.7
daemon@ATHENA.MIT.EDU (Tom Yu)
Wed Nov 6 15:51:00 2013
Date: Wed, 6 Nov 2013 15:50:53 -0500
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201311062050.rA6Kor4m003288@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/9ffcd7c7e0394afa6045c982585387b2cd4cae7b
commit 9ffcd7c7e0394afa6045c982585387b2cd4cae7b
Author: Tom Yu <tlyu@mit.edu>
Date: Wed Nov 6 15:19:47 2013 -0500
Updates for krb5-1.10.7
README | 27 +++++++++++++++++++++++++++
src/patchlevel.h | 6 +++---
2 files changed, 30 insertions(+), 3 deletions(-)
diff --git a/README b/README
index dbffdf9..7017682 100644
--- a/README
+++ b/README
@@ -70,6 +70,33 @@ from using single-DES cryptosystems. Among these is a configuration
variable that enables "weak" enctypes, which defaults to "false"
beginning with krb5-1.8.
+Major changes in krb5-1.10.7 (2013-11-06)
+-----------------------------------------
+
+This is a bugfix release. The krb5-1.10 release series is in
+maintenance, and for new deployments, installers should prefer the
+krb5-1.11 release series or later.
+
+* Fix a KDC locking issue that could lead to the KDC process holding a
+ persistent lock, preventing administrative actions such as password
+ changes.
+
+* Fix a number of bugs related to KDC master key rollover.
+
+* Fix a KDC null pointer dereference [CVE-2013-1418] that could affect
+ KDCs that serve multiple realms.
+
+krb5-1.10.7 changes by ticket ID
+--------------------------------
+
+7675 Fix lock inconsistency in ctx_unlock()
+7725 Change KRB5KDC_ERR_NO_ACCEPTABLE_KDF to 100
+7744 Fix typos in kdb5_util master key command outputs
+7745 Correctly activate master keys in pre-1.7 KDBs
+7749 Fix decoding of mkey kvno in mkey_aux tl-data
+7750 Improve LDAP KDB initialization error messages
+7757 Multi-realm KDC null deref [CVE-2013-1418]
+
Major changes in krb5-1.10.6 (2013-06-05)
-----------------------------------------
diff --git a/src/patchlevel.h b/src/patchlevel.h
index f5d44de..02cb1f1 100644
--- a/src/patchlevel.h
+++ b/src/patchlevel.h
@@ -51,7 +51,7 @@
*/
#define KRB5_MAJOR_RELEASE 1
#define KRB5_MINOR_RELEASE 10
-#define KRB5_PATCHLEVEL 6
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 7
+/* #undef KRB5_RELTAIL */
/* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1.10"
+#define KRB5_RELTAG "krb5-1.10.7-final"
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
