krb5-libs-1.19.1-12.el9 RPM for i686

From CentOS Stream 9 BaseOS for x86_64

Kerberos is a network authentication system. The krb5-libs package
contains the shared libraries needed by Kerberos 5. If you are using
Kerberos, you need to install this package.

Provides

• krb5-libs
• config(krb5-libs)
• krb5-libs(x86-32)
• libgssapi_krb5.so.2
• libgssapi_krb5.so.2(HIDDEN)
• libgssapi_krb5.so.2(gssapi_krb5_2_MIT)
• libgssrpc.so.4
• libgssrpc.so.4(HIDDEN)
• libgssrpc.so.4(gssrpc_4_MIT)
• libk5crypto.so.3
• libk5crypto.so.3(HIDDEN)
• libk5crypto.so.3(k5crypto_3_MIT)
• libkdb5.so.10
• libkdb5.so.10(HIDDEN)
• libkdb5.so.10(kdb5_10_MIT)
• libkrad.so.0
• libkrad.so.0(HIDDEN)
• libkrad.so.0(krad_0_MIT)
• libkrb5.so.3
• libkrb5.so.3(HIDDEN)
• libkrb5.so.3(krb5_3_MIT)
• libkrb5support.so.0
• libkrb5support.so.0(HIDDEN)
• libkrb5support.so.0(krb5support_0_MIT)

Requires

• /bin/sh
• /etc/crypto-policies/back-ends/krb5.config
• config(krb5-libs) = 1.19.1-12.el9
• coreutils
• gawk
• grep
• keyutils-libs >= 1.5.8
• libc.so.6
• libc.so.6(GLIBC_2.0)
• libc.so.6(GLIBC_2.1)
• libc.so.6(GLIBC_2.1.2)
• libc.so.6(GLIBC_2.1.3)
• libc.so.6(GLIBC_2.15)
• libc.so.6(GLIBC_2.16)
• libc.so.6(GLIBC_2.17)
• libc.so.6(GLIBC_2.2)
• libc.so.6(GLIBC_2.2.3)
• libc.so.6(GLIBC_2.25)
• libc.so.6(GLIBC_2.27)
• libc.so.6(GLIBC_2.28)
• libc.so.6(GLIBC_2.3)
• libc.so.6(GLIBC_2.3.4)
• libc.so.6(GLIBC_2.33)
• libc.so.6(GLIBC_2.34)
• libc.so.6(GLIBC_2.4)
• libc.so.6(GLIBC_2.7)
• libc.so.6(GLIBC_2.8)
• libcom_err.so.2
• libcrypto.so.3
• libcrypto.so.3(OPENSSL_3.0.0)
• libgssapi_krb5.so.2
• libgssapi_krb5.so.2(gssapi_krb5_2_MIT)
• libgssrpc.so.4
• libgssrpc.so.4(gssrpc_4_MIT)
• libk5crypto.so.3
• libk5crypto.so.3(k5crypto_3_MIT)
• libkeyutils.so.1
• libkeyutils.so.1(KEYUTILS_0.3)
• libkeyutils.so.1(KEYUTILS_1.0)
• libkeyutils.so.1(KEYUTILS_1.5)
• libkrb5.so.3
• libkrb5.so.3(krb5_3_MIT)
• libkrb5support.so.0
• libkrb5support.so.0(krb5support_0_MIT)
• libresolv.so.2
• libselinux.so.1
• libselinux.so.1(LIBSELINUX_1.0)
• libssl.so.3
• libssl.so.3(OPENSSL_3.0.0)
• libverto.so.1
• openssl-libs >= 1:3.0.0
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)
• sed

License

MIT

Changelog

* Wed Oct 20 2021 Antonio Torres <antorres@redhat.com> - 1.19.1-12
  - Fix KDC null deref on TGS inner body null server (CVE-2021-37750)
  - Resolves: #1997602
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.19.1-11.1
  - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
    Related: rhbz#1991688
* Tue Jul 20 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-11
  - Fix KDC null deref on bad encrypted challenge (CVE-2021-36222)
  - Resolves: #1983733
* Wed Jul 14 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-10
  - Update OpenSSL 3 provider handling to clean up properly
  - Resolves: #1955873
* Mon Jun 21 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-9
  - Sync openssl3 patches with upstream
  - Resolves: #1955873
* Thu Jun 17 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-8
  - Rebuild for rpminspect and mass rebuild cleanup; no code changes
  - Resolves: #1967505
* Thu Jun 17 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-7
  - Fix several fallback canonicalization problems
  - Resolves: #1967505
* Tue Jun 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.19.1-6.1
  - Rebuilt for RHEL 9 BETA for openssl 3.0
  - Resolves: rhbz#1971065
* Thu Jun 10 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-6
  - Backport KCM retrieval fixes
  - Resolves: #1956403
* Thu May 20 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-5
  - Fix DES3 mention in KDFs
  - Resolves: #1955873
* Wed May 19 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-4
  - Port to OpenSSL 3 (alpha 15)
  - Resolves: #1955873
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.19.1-3.1
  - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Mar 01 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-3
  - Further test dependency fixes; no code changes
* Mon Mar 01 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-2
  - Make test dependencies contingent on skipcheck; no code changes
* Thu Feb 18 2021 Robbie Harwood <rharwood@redhat.com> - 1.19.1-1
  - New upstream version (1.19.1)
* Wed Feb 17 2021 Robbie Harwood <rharwood@redhat.com> - 1.19-3
  - Restore krb5_set_default_tgs_ktypes()
* Fri Feb 05 2021 Robbie Harwood <rharwood@redhat.com> - 1.19-2
  - No code change; just coping with reverted autoconf
* Tue Feb 02 2021 Robbie Harwood <rharwood@redhat.com> - 1.19-1
  - New upstream version (1.19)
* Thu Jan 28 2021 Robbie Harwood <rharwood@redhat.com> - 1.19-0.beta2.5
  - Support host-based GSS initiator names
* Thu Jan 28 2021 Robbie Harwood <rharwood@redhat.com> - 1.19-0.beta2.4
  - Require krb5-pkinit from krb5-{server,workstation}
* Thu Jan 28 2021 Robbie Harwood <rharwood@redhat.com> - 1.19-0.beta2.3
  - Fix up weird mass rebuild versioning
* Thu Jan 28 2021 Robbie Harwood <rharwood@redhat.com> - 1.19-0.beta2.2.2
  - Add APIs for marshalling credentials
* Wed Jan 27 2021 Robbie Harwood <rharwood@redhat.com> - 1.19-0.beta2.1.2
  - Cope with new autotools behavior wrt runstatedir
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.19-0.beta2.1.1
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jan 12 2021 Robbie Harwood <rharwood@redhat.com> - 1.19-1
  - New upstream version (1.19-beta2)
* Wed Dec 16 2020 Robbie Harwood <rharwood@redhat.com> - 1.19-0.beta1.2
  - New upstream version (1.19-beta1)
* Wed Dec 16 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.3-5
  - Fix runstatedir configuration
  - Why couldn't systemd just leave it alone?
* Tue Nov 24 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.3-4
  - Document -k option in kvno(1) synopsis
* Fri Nov 20 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.3-3
  - Upstream executable shared libraries patch
* Wed Nov 18 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.3-2
  - Fix build failure in -1
* Wed Nov 18 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.3-1
  - New upstream version (1.18.3)
* Tue Nov 17 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-30
  - Migrate /var/run to /run, an exercise in pointlessness
  - Resolves: #1898410
* Thu Nov 05 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-29
  - Add recursion limit for ASN.1 indefinite lengths (CVE-2020-28196)
* Fri Oct 23 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-28
  - Fix minor static analysis defects
* Wed Oct 21 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-27
  - Fix build of previous
* Wed Oct 21 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-26
  - Cross-realm s4u fixes for samba (#1836630)
* Thu Oct 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-25
  - Unify kvno option documentation
* Fri Oct 02 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-24
  - Add md5 override to krad
* Thu Sep 10 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-23
  - Use `systemctl reload` to HUP the KDC during logrotate
  - Resolves: #1877692
* Wed Sep 09 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-22
  - Fix input length checking in SPNEGO DER decoding
* Fri Aug 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-21
  - Mark crypto-polices snippet as missingok
  - Resolves: #1868379
* Thu Aug 13 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-20
  - Temporarily dns_canonicalize_hostname=fallback changes
  - Hopefully unbreak IPA while we debug further
* Fri Aug 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-19
  - Expand dns_canonicalize_hostname=fallback support
* Tue Aug 04 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-18
  - Fix leak in KERB_AP_OPTIONS_CBT server support
* Mon Aug 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-17
  - Revert qualify_shortname removal
* Mon Aug 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-16
  - Disable tests on s390x
  - Resolves: #1863952
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.18.2-15
  - Second attempt - Rebuilt for
    https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jul 31 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-14
  - Revert qualify_shortname changes
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.18.2-13
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-12
  - Ignore bad enctypes in krb5_string_to_keysalts()
  - Allow gss_unwrap_iov() of unpadded RC4 tokens
* Wed Jul 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-11
  - Ignore bad enctypes in krb5_string_to_keysalts()
* Wed Jul 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-10
  - Set qualify_shortname empty in default configuration
  - Resolves: #1852041
* Mon Jun 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-9
  - Use two queues for concurrent t_otp.py daemons
* Mon Jun 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-8
  - Match Heimdal behavior for channel bindings
* Mon Jun 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-7
  - Fix test suite by removing wrapper workarounds
* Mon Jun 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-6
  - Omit PA_FOR_USER if we can't compute its checksum
* Sat May 30 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-5
  - Replace gssrpc tests with a Python script
* Sat May 30 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-4
  - Default dns_canonicalize_hostname to "fallback"
* Tue May 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-3
  - dns_canonicalize_hostname = fallback
* Tue May 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-2
  - Pass channel bindings through SPNEGO
* Fri May 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-1
  - New upstream release (1.18.2)
* Fri May 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-6
  - Fix SPNEGO acceptor mech filtering
* Mon May 18 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-5
  - Fix typo ("in in") in the ksu man page
* Fri May 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-4
  - Omit KDC indicator check for S4U2Self requests
* Tue Apr 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-3
  - Pass gss_localname() through SPNEGO
* Tue Apr 14 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-1.1
  - Drop yasm requirement since we don't use builtin crypto
* Tue Apr 14 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-1
  - New upstream version (1.18.1)
* Tue Apr 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-12
  - Make ksu honor KRB5CCNAME again
* Thu Apr 02 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-11
  - Do expiration warnings for all init_creds APIs
* Wed Apr 01 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-10
  - Correctly import "service@" GSS host-based name
* Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-9
  - Eliminate redundant PKINIT responder invocation
* Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-8
  - Add finalization safety check to com_err
* Fri Mar 20 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-7
  - Add maximum openssl version in preparation for openssl 3
* Tue Mar 17 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-6
  - Document client keytab usage
* Tue Mar 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-5
  - Refresh manually acquired creds from client keytab
* Fri Feb 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-4
  - Allow deletion of require_auth with LDAP KDB
* Thu Feb 27 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-3
  - Allow certauth modules to set hw-authent flag
* Fri Feb 21 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-2
  - Fix AS-REQ checking of KDB-modified indicators
* Wed Feb 12 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-1
  - New upstream version (1.18)
* Fri Feb 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.3
  - Don't assume OpenSSL failures are memory errors
* Thu Feb 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.2
  - Put KDB authdata first
* Fri Jan 31 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.1
  - New upstream beta release - 1.18-beta2
  - Adjust naming convention for downstream patches
* Fri Jan 10 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta1.1
  - New upstream beta release - 1.18-beta1
* Wed Jan 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-5
  - Fix LDAP policy enforcement of pw_expiration
  - Fix handling of invalid CAMMAC service verifier
* Mon Jan 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-4
  - Fix xdr_bytes() strict-aliasing violations
* Fri Jan 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-3
  - Don't warn in kadmin when no policy is specified
  - Do not always canonicalize enterprise principals
* Fri Dec 13 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-2
  - Enable the LMDB backend for the KDB
* Thu Dec 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-1
  - New upstream version - 1.17.1
  - Stop building and packaging PDFs
* Fri Dec 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-54
  - Qualify short hostnames when not using DNS
* Wed Nov 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-53
  - Various gssalloc fixes
* Thu Nov 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-52
  - Turns out openssl has an epoch
* Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-51
  - Fix runtime openssl version to actually propogate
* Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-50
  - Add runtime openssl version requirement too
* Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-49
  - Fix kadmin addprinc -randkey -kvno
* Tue Nov 19 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-48
  - Use OpenSSL's backported KDFs
  - Restore MD4 in FIPS mode (for samba)
* Fri Nov 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-47
  - Add default_principal_flags to example kdc.conf

Files

/etc/gss
/etc/gss/mech.d
/etc/krb5.conf
/etc/krb5.conf.d
/etc/krb5.conf.d/crypto-policies
/usr/lib/.build-id
/usr/lib/.build-id/02
/usr/lib/.build-id/02/06ac07c60987ab24dba45e9c70b9f9e27d956f
/usr/lib/.build-id/18
/usr/lib/.build-id/18/7445ff0e40e7d8c77752bdf5bdf0b62af1c6e9
/usr/lib/.build-id/24
/usr/lib/.build-id/24/75724902f5cbfe111cfac0af7969b2f356138a
/usr/lib/.build-id/48
/usr/lib/.build-id/48/834ab7c4ecadd647c9f06e6e1f7d1025ae5c4e
/usr/lib/.build-id/4e
/usr/lib/.build-id/4e/a033d9c5638d513e077d59c0e43b7d2cbc0927
/usr/lib/.build-id/5a
/usr/lib/.build-id/5a/9585e92172edc4c9c17134867441f51bfe7222
/usr/lib/.build-id/62
/usr/lib/.build-id/62/e9c702451f41c860ea26900651c880446dec4d
/usr/lib/.build-id/bf
/usr/lib/.build-id/bf/a649e1a62ee0fefc8e89f983094323712b4b58
/usr/lib/.build-id/ff
/usr/lib/.build-id/ff/19fb50caed8615e5f0c606682e6fbc84904aea
/usr/lib/krb5
/usr/lib/krb5/plugins
/usr/lib/krb5/plugins/authdata
/usr/lib/krb5/plugins/kdb
/usr/lib/krb5/plugins/libkrb5
/usr/lib/krb5/plugins/preauth
/usr/lib/krb5/plugins/preauth/spake.so
/usr/lib/krb5/plugins/tls
/usr/lib/krb5/plugins/tls/k5tls.so
/usr/lib/libgssapi_krb5.so.2
/usr/lib/libgssapi_krb5.so.2.2
/usr/lib/libgssrpc.so.4
/usr/lib/libgssrpc.so.4.2
/usr/lib/libk5crypto.so.3
/usr/lib/libk5crypto.so.3.1
/usr/lib/libkdb5.so.10
/usr/lib/libkdb5.so.10.0
/usr/lib/libkrad.so.0
/usr/lib/libkrad.so.0.0
/usr/lib/libkrb5.so.3
/usr/lib/libkrb5.so.3.3
/usr/lib/libkrb5support.so.0
/usr/lib/libkrb5support.so.0.1
/usr/share/doc/krb5-libs
/usr/share/doc/krb5-libs/NOTICE
/usr/share/doc/krb5-libs/README
/usr/share/licenses/krb5-libs
/usr/share/licenses/krb5-libs/LICENSE
/usr/share/locale/de/LC_MESSAGES/mit-krb5.mo
/usr/share/locale/en_US/LC_MESSAGES/mit-krb5.mo
/usr/share/man/man5/.k5identity.5.gz
/usr/share/man/man5/.k5login.5.gz
/usr/share/man/man5/k5identity.5.gz
/usr/share/man/man5/k5login.5.gz
/usr/share/man/man5/krb5.conf.5.gz
/usr/share/man/man7/kerberos.7.gz
/var/kerberos
/var/kerberos/krb5
/var/kerberos/krb5/user

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed May 11 03:38:02 2022