[17089] in Kerberos-V5-bugs
[krbdev.mit.edu #9203] 1.21.3 release contains incorrect version
daemon@ATHENA.MIT.EDU (Shaun Walbridge via RT)
Wed Apr 1 18:47:16 2026
From: "Shaun Walbridge via RT" <rt-comment@krbdev.mit.edu>
In-Reply-To: <PH0PR05MB8528681053B0CBB3484A65ECAE50A@PH0PR05MB8528.namprd05.prod.outlook.com>
Message-ID: <rt-4.4.3-2-1835096-1775083630-1544.9203-4-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #9203":;
Date: Wed, 01 Apr 2026 18:47:10 -0400
MIME-Version: 1.0
Reply-To: rt-comment@krbdev.mit.edu
Content-Type: text/plain; charset="utf-8"
Errors-To: krb5-bugs-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Wed Apr 01 18:47:10 2026: Request 9203 was acted upon.
Transaction: Ticket created by SWalbridge@esri.com
Queue: krb5
Subject: 1.21.3 release contains incorrect version information
Owner: Nobody
Requestors: SWalbridge@esri.com
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9203 >
The builds hosted both at:
*
https://github.com/krb5/krb5/archive/krb5-1.21.3-final.tar.gz
*
https://kerberos.org/dist/krb5/1.21/krb5-1.21.tar.gz
contain incorrect version information for the Windows builds. The src/windows/kerberos.ver files in this build contains:
#define KRB5_MAJOR_RELEASE 4
#define KRB5_MINOR_RELEASE 3
#define KRB5_PATCHLEVEL 0
#define KRB5_RELTAIL “beta1"
However, the more recent 1.22 releases and the development version of the codebase retain KRB5_MINOR_RELEASE 1. This means that in a Windows context, an installer will refuse to upgrade between the 1.21.3 release and 1.22 because it would downgrade the versions listed which violates the monotonic version expectations.
Locally, we are patching this so that we can continue distributing krb5, but would appreciate if this was considered as a core krb5 package issue.
Thanks for your time,
Shaun Walbridge
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
