[38957] in Kerberos
krb5-1.19.2 and krb5-1.18.4 are released
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Jul 26 15:10:37 2021
From: Greg Hudson <ghudson@mit.edu>
To: <kerberos-announce@mit.edu>
Date: Mon, 26 Jul 2021 15:01:04 -0400
Message-ID: <x7dbl6osxvz.fsf@mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
The MIT Kerberos Team announces the availability of MIT Kerberos 5
Releases 1.19.2 and 1.18.4. Please see below for a list of some major
changes included, or consult the README file in the source tree for a
more detailed list of significant changes.
Retrieving krb5-1.19.2 and krb5-1.18.4
======================================
You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the
following URL:
https://kerberos.org/dist/
The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are:
https://web.mit.edu/kerberos/krb5-1.19/
https://web.mit.edu/kerberos/krb5-1.18/
Further information about Kerberos 5 may be found at the following
URL:
https://web.mit.edu/kerberos/
Triple-DES transition
=====================
Beginning with the krb5-1.19 release, a warning will be issued if
initial credentials are acquired using the des3-cbc-sha1 encryption
type. In future releases, this encryption type will be disabled by
default and eventually removed.
Beginning with the krb5-1.18 release, single-DES encryption types have
been removed.
Major changes in 1.19.2 and 1.18.4 (2021-07-22)
===============================================
These are bug fix releases.
* Fix a denial of service attack against the KDC encrypted challenge
code [CVE-2021-36222].
* Fix a memory leak when gss_inquire_cred() is called without a
credential handle.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmD/BgkACgkQDLoIV1+D
ct97ZQ/+LC3g5O11HvP268D0UXG/rKX308J8+AfbSmfQoUkJ/g7FT/ruoV5b9H38
vMZoEeDS0irAl6w4a4Y8HlHJs1McL+5SFo9DG/0dmLt8MVFW5qmDuaiHqkxz1Pzz
n8/54YXDu5/mpVAW5WVyfiMVW5yGx8ty4RnupF9Ko9mv/SbplAL2NwZzweDQUyaH
5F1krQ08fd8AutN+Rl42IwInNOLoiV0+PotQZGPqhJL6OGYyURVUfOb7XexrNFMQ
JwKUOsCyD4SpJ01a7QPl5IKlUzZlomLh+gvZlCIK3Ke9mVpM5DeaGVOmI3F4tHWd
ZFO4g7t6lfnLIqyZO8o2gfCP11G9P7I1OeOPoLBIP0HU2gdMFU/tfq7xqDFPYHAR
Dh3BxBYAKb02LWOY9zZWVEe0GOQ1cano6QYeyYtuVBqJVqqGG0omXdqJsPyFj4BO
HtzRk1PqWRFshAL7ABdmwUYbAg7FXH0tQBte34CzdVQZhOQxBcaSO950K1crn73X
VQh0OUlL9EFG8CJ3Lxck/VUtv4onp+X9mkGFkDd8tTkPhEbhTr7Jx5RZZ/oOvdVn
mAbXBBeLIjqWQfs2MngH9jVytfoG8o5mKA7iQnt68BUL0u0jKPupUTGV4rV0BebB
CwWUyWbIEisuv5rF6aa4CoU2vXcdtnZ12vl89TkwQw3zA+V1vaQ=
=68WE
-----END PGP SIGNATURE-----
_______________________________________________
kerberos-announce mailing list
kerberos-announce@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos-announce
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
