Name: krb5-libs	Distribution: Fedora Project
Version: 1.18.2	Vendor: Fedora Project
Release: 22.fc33	Build date: Wed Sep 9 23:51:10 2020
Group: Unspecified	Build host: buildvm-a32-22.iad2.fedoraproject.org
Size: 1860723	Source RPM: krb5-1.18.2-22.fc33.src.rpm
Packager: Fedora Project
Url: https://web.mit.edu/kerberos/www/
Summary: The non-admin shared libraries used by Kerberos 5

Kerberos is a network authentication system. The krb5-libs package
contains the shared libraries needed by Kerberos 5. If you are using
Kerberos, you need to install this package.

Provides

Requires

License

MIT

Changelog

* Wed Sep 09 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-22
  - Fix input length checking in SPNEGO DER decoding
* Fri Aug 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-21
  - Mark crypto-polices snippet as missingok
  - Resolves: #1868379
* Thu Aug 13 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-20
  - Temporarily dns_canonicalize_hostname=fallback changes
  - Hopefully unbreak IPA while we debug further
* Fri Aug 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-19
  - Expand dns_canonicalize_hostname=fallback support
* Tue Aug 04 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-18
  - Fix leak in KERB_AP_OPTIONS_CBT server support
* Mon Aug 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-17
  - Revert qualify_shortname removal
* Mon Aug 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-16
  - Disable tests on s390x
  - Resolves: #1863952
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.18.2-15
  - Second attempt - Rebuilt for
    https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jul 31 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-14
  - Revert qualify_shortname changes
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.18.2-13
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-12
  - Ignore bad enctypes in krb5_string_to_keysalts()
  - Allow gss_unwrap_iov() of unpadded RC4 tokens
* Wed Jul 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-11
  - Ignore bad enctypes in krb5_string_to_keysalts()
* Wed Jul 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-10
  - Set qualify_shortname empty in default configuration
  - Resolves: #1852041
* Mon Jun 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-9
  - Use two queues for concurrent t_otp.py daemons
* Mon Jun 15 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-8
  - Match Heimdal behavior for channel bindings
* Mon Jun 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-7
  - Fix test suite by removing wrapper workarounds
* Mon Jun 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-6
  - Omit PA_FOR_USER if we can't compute its checksum
* Sat May 30 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-5
  - Replace gssrpc tests with a Python script
* Sat May 30 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-4
  - Default dns_canonicalize_hostname to "fallback"
* Tue May 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-3
  - dns_canonicalize_hostname = fallback
* Tue May 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-2
  - Pass channel bindings through SPNEGO
* Fri May 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.2-1
  - New upstream release (1.18.2)
* Fri May 22 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-6
  - Fix SPNEGO acceptor mech filtering
* Mon May 18 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-5
  - Fix typo ("in in") in the ksu man page
* Fri May 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-4
  - Omit KDC indicator check for S4U2Self requests
* Tue Apr 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-3
  - Pass gss_localname() through SPNEGO
* Tue Apr 14 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-1.1
  - Drop yasm requirement since we don't use builtin crypto
* Tue Apr 14 2020 Robbie Harwood <rharwood@redhat.com> - 1.18.1-1
  - New upstream version (1.18.1)
* Tue Apr 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-12
  - Make ksu honor KRB5CCNAME again
* Thu Apr 02 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-11
  - Do expiration warnings for all init_creds APIs
* Wed Apr 01 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-10
  - Correctly import "service@" GSS host-based name
* Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-9
  - Eliminate redundant PKINIT responder invocation
* Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-8
  - Add finalization safety check to com_err
* Fri Mar 20 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-7
  - Add maximum openssl version in preparation for openssl 3
* Tue Mar 17 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-6
  - Document client keytab usage
* Tue Mar 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-5
  - Refresh manually acquired creds from client keytab
* Fri Feb 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-4
  - Allow deletion of require_auth with LDAP KDB
* Thu Feb 27 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-3
  - Allow certauth modules to set hw-authent flag
* Fri Feb 21 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-2
  - Fix AS-REQ checking of KDB-modified indicators
* Wed Feb 12 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-1
  - New upstream version (1.18)
* Fri Feb 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.3
  - Don't assume OpenSSL failures are memory errors
* Thu Feb 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.2
  - Put KDB authdata first
* Fri Jan 31 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.1
  - New upstream beta release - 1.18-beta2
  - Adjust naming convention for downstream patches
* Fri Jan 10 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta1.1
  - New upstream beta release - 1.18-beta1
* Wed Jan 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-5
  - Fix LDAP policy enforcement of pw_expiration
  - Fix handling of invalid CAMMAC service verifier
* Mon Jan 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-4
  - Fix xdr_bytes() strict-aliasing violations
* Fri Jan 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-3
  - Don't warn in kadmin when no policy is specified
  - Do not always canonicalize enterprise principals
* Fri Dec 13 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-2
  - Enable the LMDB backend for the KDB
* Thu Dec 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-1
  - New upstream version - 1.17.1
  - Stop building and packaging PDFs
* Fri Dec 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-54
  - Qualify short hostnames when not using DNS
* Wed Nov 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-53
  - Various gssalloc fixes
* Thu Nov 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-52
  - Turns out openssl has an epoch
* Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-51
  - Fix runtime openssl version to actually propogate
* Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-50
  - Add runtime openssl version requirement too
* Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-49
  - Fix kadmin addprinc -randkey -kvno
* Tue Nov 19 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-48
  - Use OpenSSL's backported KDFs
  - Restore MD4 in FIPS mode (for samba)
* Fri Nov 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-47
  - Add default_principal_flags to example kdc.conf
* Wed Oct 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-46
  - Log unknown enctypes as unsupported in KDC
* Wed Sep 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-45
  - Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844)
* Thu Sep 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-44
  - Static analyzer appeasement
* Tue Aug 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-43
  - Simplify krb5_dbe_def_search_enctype()
* Thu Aug 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-42
  - Update FIPS patches to remove SPAKE
* Thu Aug 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-41
  - Fix KCM client time offset propagation
* Fri Aug 09 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-40
  - Initialize life/rlife in kdcpolicy interface
* Tue Aug 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-39
  - Fix memory leaks in soft-pkcs11 code
* Tue Jul 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-38
  - Add soft-pkcs11 and use it for testing
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-37
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Jul 18 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-36
  - Filter enctypes in gss_set_allowable_enctypes()
* Mon Jul 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-35
  - Don't error on invalid enctypes in keytab
  - Resolves: #1724380
* Tue Jul 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-34
  - Remove now-unused checksum functions
* Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-33
  - Fix typo in 3des commit
* Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-32
  - Remove PKINIT draft9 support (compat with EOL, pre-2008 Windows)
* Mon Jun 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-31
  - Remove strerror() calls from k5_get_error()
* Fri Jun 07 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-30
  - Remove 3des from kdc.conf example
* Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-29
  - Remove 3DES support
* Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-28
  - Remove 3des support
* Thu May 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-27
  - Remove krb5int_c_combine_keys() and no-flags SAM-2 preauth
* Tue May 28 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-26
  - Remove support for single-DES and CRC
* Wed May 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-25
  - Add missing newlines to deprecation warnings
  - Switch to upstream's ksu path patch
* Tue May 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-24
  - Update default krb5kdc mkey manual-entry enctype
  - Also update account lockout patch to upstream version
* Mon May 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-23
  - Test & docs fixes in preparation for DES removal
* Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-22
  - Drop krb5_realm_compare() etc. NULL check patches
* Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-21
  - Re-provide krb5-kdb-version in -devel as well (IPA wants it)
* Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-20
  - (Patch consolidation; hopefully no changes)
* Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-19
  - Remove checksum type profile variables
* Fri May 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-18
  - Pull in 2019-05-02 static analysis updates
* Fri May 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-17
  - Move krb5-kdb-version provide into krb5-server for freeipa
* Wed May 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-16
  - Use secure_getenv() where appropriate
* Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-15
  - Fix us up real nice with rpmlint
* Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-14
  - Add dns_canonicalize_hostname=fallback support
* Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-13
  - Check more errors in OpenSSL crypto backend
* Mon Apr 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-12
  - Fix potential close(-1) in cc_file.c
* Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-11
  - Remove ovsec_adm_export and confvalidator
* Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-10
  - Fix config realm change logic in FILE remove_cred
* Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-9
  - Remove Kerberos v4 support vestiges (including ktany support)
* Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-8
  - Implement krb5_cc_remove_cred for remaining types
  - Resolves: #1693836
* Mon Apr 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-7
  - FIPS-aware SPAKE group negotiation
* Mon Feb 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-6
  - Fix memory leak in 'none' replay cache type
  - Silence a coverity warning while we're here.
* Fri Feb 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-5
  - Update FIPS blocking for RC4
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-4
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jan 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-3
  - enctype logging and explicit_bzero()
* Tue Jan 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-2
  - New upstream version (1.17)
* Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.6
  - Use openssl's PRNG in FIPS mode
* Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.5
  - Address some optimized-out memset() calls
* Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.4
  - Remove incorrect KDC assertion
* Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.3
  - Fix syntax on pkinit_anchors field in default krb5.conf
* Mon Dec 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.2
  - Restore pdfs source file
  - Resolves: #1659716
* Thu Dec 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.1
  - New upstream release (1.17-beta2)
  - Drop pdfs source file
* Thu Nov 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.3
  - Add tests for KCM ccache type
* Mon Nov 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.2
  - Gain FIPS awareness
* Thu Nov 08 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.1
  - Fix spurious errors from kcmio_unix_socket_write
  - Resolves: #1645912
* Thu Nov 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-0.beta1.1
  - New upstream beta release
* Wed Oct 24 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-25
  - Update man pages to reference kerberos(7)
  - Resolves: #1143767
* Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-24
  - Use port-sockets.h macros in cc_kcm, sendto_kdc
  - Resolves: #1631998
* Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-23
  - Correct kpasswd_server description in krb5.conf(5)
  - Resolves: #1640272
* Mon Oct 15 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-22
  - Prefer TCP to UDP for password changes
  - Resolves: #1637611
* Tue Oct 09 2018 Adam Williamson <awilliam@redhat.com> - 1.16.1-21
  - Revert the patch from -20 for now as it seems to make FreeIPA worse
* Tue Oct 02 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-20
  - Fix bugs with concurrent use of MEMORY ccaches

Files

/etc/gss
/etc/gss/mech.d
/etc/krb5.conf
/etc/krb5.conf.d
/etc/krb5.conf.d/crypto-policies
/usr/lib/.build-id
/usr/lib/.build-id/07
/usr/lib/.build-id/07/97fdd12813a92957d6210ad230eaa72cb52634
/usr/lib/.build-id/62
/usr/lib/.build-id/62/aaa5f041e0c2cf4882f36a27a38e0f4eced539
/usr/lib/.build-id/6f
/usr/lib/.build-id/6f/e5e5b660ed7792be1d19afe4dd2f9c3cb52dc4
/usr/lib/.build-id/9b
/usr/lib/.build-id/9b/00d2cc9d4e544e9acf1b27817469760133ab9c
/usr/lib/.build-id/aa
/usr/lib/.build-id/aa/104a891a16f0cc027e9fde95ef8a708b11d39d
/usr/lib/.build-id/bc
/usr/lib/.build-id/bc/e817f451ddb1c909489d9aae9db21e4826e6ab
/usr/lib/.build-id/de
/usr/lib/.build-id/de/af4df32e889f43da6e0a69c0449214e589942a
/usr/lib/.build-id/e7
/usr/lib/.build-id/e7/ad813d31ec74ad836380c94ad0ec18def071f4
/usr/lib/.build-id/ee
/usr/lib/.build-id/ee/a214a13dac4d63ef0ed09ede5dfdf0ae3e6e0b
/usr/lib/krb5
/usr/lib/krb5/plugins
/usr/lib/krb5/plugins/authdata
/usr/lib/krb5/plugins/kdb
/usr/lib/krb5/plugins/libkrb5
/usr/lib/krb5/plugins/preauth
/usr/lib/krb5/plugins/preauth/spake.so
/usr/lib/krb5/plugins/tls
/usr/lib/krb5/plugins/tls/k5tls.so
/usr/lib/libgssapi_krb5.so.2
/usr/lib/libgssapi_krb5.so.2.2
/usr/lib/libgssrpc.so.4
/usr/lib/libgssrpc.so.4.2
/usr/lib/libk5crypto.so.3
/usr/lib/libk5crypto.so.3.1
/usr/lib/libkdb5.so.10
/usr/lib/libkdb5.so.10.0
/usr/lib/libkrad.so.0
/usr/lib/libkrad.so.0.0
/usr/lib/libkrb5.so.3
/usr/lib/libkrb5.so.3.3
/usr/lib/libkrb5support.so.0
/usr/lib/libkrb5support.so.0.1
/usr/share/doc/krb5-libs
/usr/share/doc/krb5-libs/NOTICE
/usr/share/doc/krb5-libs/README
/usr/share/licenses/krb5-libs
/usr/share/licenses/krb5-libs/LICENSE
/usr/share/locale/de/LC_MESSAGES/mit-krb5.mo
/usr/share/locale/en_US/LC_MESSAGES/mit-krb5.mo
/usr/share/man/man5/.k5identity.5.gz
/usr/share/man/man5/.k5login.5.gz
/usr/share/man/man5/k5identity.5.gz
/usr/share/man/man5/k5login.5.gz
/usr/share/man/man5/krb5.conf.5.gz
/usr/share/man/man7/kerberos.7.gz
/var/kerberos
/var/kerberos/krb5
/var/kerberos/krb5/user

Generated by rpm2html 1.8.1

Fabrice Bellet, Mon May 9 17:11:24 2022

krb5-libs-1.18.2-22.fc33 RPM for armv7hl

From Fedora 33 for armhfp / k

Provides

Requires

License

Changelog

Files