[32008] in Kerberos
Re: krb5-1.7.1 is released
daemon@ATHENA.MIT.EDU (Stephen Buckley)
Tue Feb 2 20:44:12 2010
Mime-Version: 1.0 (Apple Message framework v1077)
From: Stephen Buckley <sbuckley@mit.edu>
In-Reply-To: <ldvbpg7b187.fsf@cathode-dark-space.mit.edu>
Date: Tue, 2 Feb 2010 20:43:50 -0500
Message-Id: <CE1B72B9-E075-4760-98E4-AEA3040695B9@mit.edu>
To: "kerberos@MIT.EDU" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Is this worth spamming the sponsors?
And congrats!
s
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
Stephen C. Buckley
Director, Infrastructure Software Development and Architecture (Interim)
Massachusetts Institute of Technology
On Feb 2, 2010, at 7:40 PM, Tom Yu wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The MIT Kerberos Team announces the availability of MIT Kerberos 5
> Release 1.7.1. Please see below for a list of some major changes
> included, or consult the README file in the source tree for a more
> detailed list of significant changes.
>
> RETRIEVING KERBEROS 5 RELEASE 1.7.1
> ===================================
>
> You may retrieve the Kerberos 5 Release 1.7.1 source from the
> following URL:
>
> http://web.mit.edu/kerberos/dist/
>
> The homepage for the krb5-1.7.1 release is:
>
> http://web.mit.edu/kerberos/krb5-1.7/
>
> Further information about Kerberos 5 may be found at the following
> URL:
>
> http://web.mit.edu/kerberos/
>
> and at the MIT Kerberos Consortium web site:
>
> http://www.kerberos.org/
>
> DES transition
> ==============
>
> The Data Encryption Standard (DES) is widely recognized as weak. The
> krb5-1.7 release will contain measures to encourage sites to migrate
> away from using single-DES cryptosystems. Among these is a
> configuration variable that enables "weak" enctypes, but will default
> to "false" in the future. Additional migration aids are planned for
> future releases.
>
> Major changes in 1.7.1
> ======================
>
> This is primarily a bugfix release.
>
> * Fix vulnerabilities: MITKRB5-SA-2009-003 [CVE-2009-3295],
> MITKRB5-SA-2009-004 [CVE-2009-4212].
>
> * Restore compatibility for talking to older kadminds and kadmin
> clients for the "addprinc -randkey" operation.
>
> * Fix some build problems and memory leaks.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (SunOS)
>
> iEYEARECAAYFAktoxg8ACgkQSO8fWy4vZo5S8gCfZ5tjEMud1U+/JUL7wELbInZj
> e6EAn3Z4YhDwJQfikxB4qd5GW/RgnZT+
> =I6bi
> -----END PGP SIGNATURE-----
> _______________________________________________
> kerberos-announce mailing list
> kerberos-announce@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos-announce
> _______________________________________________
> krbdev mailing list krbdev@mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
