Fri, 03 May 2024 12:53:52 UTC | login

Information for build krb5-1.17-40.fc31

ID124419
Package Namekrb5
Version1.17
Release40.fc31
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/krb5.git#6fb26c9d3d13a88e17379b27fe3b12fe300e656c
SummaryThe Kerberos network authentication system
DescriptionKerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form.
Built bydavidlt
State complete
Volume DEFAULT
StartedWed, 14 Aug 2019 18:30:20 UTC
CompletedThu, 15 Aug 2019 01:39:11 UTC
Taskbuild (f31-candidate, /rpms/krb5.git:6fb26c9d3d13a88e17379b27fe3b12fe300e656c)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/krb5.git#6fb26c9d3d13a88e17379b27fe3b12fe300e656c'}}
Tags
f31
f32
RPMs
src
krb5-1.17-40.fc31.src.rpm (info) (download)
riscv64
krb5-devel-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-libs-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-pkinit-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-server-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-server-ldap-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-workstation-1.17-40.fc31.riscv64.rpm (info) (download)
libkadm5-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-debuginfo-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-debugsource-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-libs-debuginfo-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-pkinit-debuginfo-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-server-debuginfo-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-server-ldap-debuginfo-1.17-40.fc31.riscv64.rpm (info) (download)
krb5-workstation-debuginfo-1.17-40.fc31.riscv64.rpm (info) (download)
libkadm5-debuginfo-1.17-40.fc31.riscv64.rpm (info) (download)
Logs
riscv64
build.log
hw_info.log
mock_output.log
root.log
state.log
Changelog * Fri Aug 09 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-40 - Initialize life/rlife in kdcpolicy interface * Tue Aug 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-39 - Fix memory leaks in soft-pkcs11 code * Tue Jul 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-38 - Add soft-pkcs11 and use it for testing * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-37 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu Jul 18 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-36 - Filter enctypes in gss_set_allowable_enctypes() * Mon Jul 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-35 - Don't error on invalid enctypes in keytab - Resolves: #1724380 * Tue Jul 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-34 - Remove now-unused checksum functions * Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-33 - Fix typo in 3des commit * Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-32 - Remove PKINIT draft9 support (compat with EOL, pre-2008 Windows) * Mon Jun 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-31 - Remove strerror() calls from k5_get_error() * Fri Jun 07 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-30 - Remove 3des from kdc.conf example * Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-29 - Remove 3DES support * Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-28 - Remove 3des support * Thu May 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-27 - Remove krb5int_c_combine_keys() and no-flags SAM-2 preauth * Tue May 28 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-26 - Remove support for single-DES and CRC * Wed May 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-25 - Add missing newlines to deprecation warnings - Switch to upstream's ksu path patch * Tue May 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-24 - Update default krb5kdc mkey manual-entry enctype - Also update account lockout patch to upstream version * Mon May 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-23 - Test & docs fixes in preparation for DES removal * Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-22 - Drop krb5_realm_compare() etc. NULL check patches * Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-21 - Re-provide krb5-kdb-version in -devel as well (IPA wants it) * Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-20 - (Patch consolidation; hopefully no changes) * Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-19 - Remove checksum type profile variables * Fri May 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-18 - Pull in 2019-05-02 static analysis updates * Fri May 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-17 - Move krb5-kdb-version provide into krb5-server for freeipa * Wed May 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-16 - Use secure_getenv() where appropriate * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-15 - Fix us up real nice with rpmlint * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-14 - Add dns_canonicalize_hostname=fallback support * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-13 - Check more errors in OpenSSL crypto backend * Mon Apr 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-12 - Fix potential close(-1) in cc_file.c * Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-11 - Remove ovsec_adm_export and confvalidator * Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-10 - Fix config realm change logic in FILE remove_cred * Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-9 - Remove Kerberos v4 support vestiges (including ktany support) * Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-8 - Implement krb5_cc_remove_cred for remaining types - Resolves: #1693836 * Mon Apr 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-7 - FIPS-aware SPAKE group negotiation * Mon Feb 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-6 - Fix memory leak in 'none' replay cache type - Silence a coverity warning while we're here. * Fri Feb 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-5 - Update FIPS blocking for RC4 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jan 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-3 - enctype logging and explicit_bzero() * Tue Jan 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-2 - New upstream version (1.17) * Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.6 - Use openssl's PRNG in FIPS mode * Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.5 - Address some optimized-out memset() calls * Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.4 - Remove incorrect KDC assertion * Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.3 - Fix syntax on pkinit_anchors field in default krb5.conf * Mon Dec 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.2 - Restore pdfs source file - Resolves: #1659716 * Thu Dec 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.1 - New upstream release (1.17-beta2) - Drop pdfs source file * Thu Nov 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.3 - Add tests for KCM ccache type * Mon Nov 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.2 - Gain FIPS awareness * Thu Nov 08 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.1 - Fix spurious errors from kcmio_unix_socket_write - Resolves: #1645912 * Thu Nov 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-0.beta1.1 - New upstream beta release * Wed Oct 24 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-25 - Update man pages to reference kerberos(7) - Resolves: #1143767 * Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-24 - Use port-sockets.h macros in cc_kcm, sendto_kdc - Resolves: #1631998 * Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-23 - Correct kpasswd_server description in krb5.conf(5) - Resolves: #1640272 * Mon Oct 15 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-22 - Prefer TCP to UDP for password changes - Resolves: #1637611 * Tue Oct 09 2018 Adam Williamson <awilliam@redhat.com> - 1.16.1-21 - Revert the patch from -20 for now as it seems to make FreeIPA worse * Tue Oct 02 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-20 - Fix bugs with concurrent use of MEMORY ccaches * Wed Aug 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-19 - In FIPS mode, add plaintext fallback for RC4 usages and taint * Thu Jul 26 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-18 - Fix k5test prompts for Python 3 * Thu Jul 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-17 - Remove outdated note in krb5kdc man page * Thu Jul 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-16 - Make krb5kdc -p affect TCP ports * Thu Jul 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-15 - Eliminate preprocessor-disabled dead code * Wed Jul 18 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-14 - Fix some broken tests for Python 3 * Mon Jul 16 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-13 - Zap copy of secret in RC4 string-to-key * Thu Jul 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-12 - Convert Python tests to Python 3 * Wed Jul 11 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-11 - Add build dependency on gcc * Tue Jul 10 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-10 - Use SHA-256 instead of MD5 for audit ticket IDs * Fri Jul 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-9 - Add BuildRequires on python2 so we can run tests at build-time * Fri Jul 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-8 - Explicitly look for python2 in configure.in * Thu Jun 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-7 - Add flag to disable encrypted timestamp on client * Thu Jun 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-6 - Switch to python3-sphinx for docs - Resolves: #1590928 * Thu Jun 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-5 - Make docs build python3-compatible - Resolves: #1590928 * Thu Jun 07 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-4 - Update includedir processing to match upstream * Fri Jun 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-3 - Log when non-root ksu authorization fails - Resolves: #1575771 * Fri May 04 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-2 - Remove "-nodes" option from make-certs scripts * Fri May 04 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-1 - New upstream release - 1.16.1 * Thu May 03 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-27 - Fix configuration of default ccache name to match file indentation * Mon Apr 30 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-26 - Set error message on KCM get_princ failure * Mon Apr 30 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-25 - Set error message on KCM get_princ failure * Tue Apr 24 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-24 - Fix KDC null dereference on large TGS replies * Mon Apr 23 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-23 - Explicitly use openssl rather than builtin crypto - Resolves: #1570910 * Tue Apr 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-22 - Merge duplicate subsections in profile library * Mon Apr 09 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-21 - Restrict pre-authentication fallback cases * Tue Apr 03 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-20 - Be more careful asking for AS key in SPAKE client * Mon Apr 02 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-19 - Zap data when freeing krb5_spake_factor * Thu Mar 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-18 - Continue after KRB5_CC_END in KCM cache iteration * Tue Mar 27 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-17 - Fix SPAKE memory leak * Tue Mar 27 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-16 - Fix gitignore problem with previous patchset * Tue Mar 27 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-15 - Add SPAKE support - Improve protections on internal sensitive buffers - Improve internal hex encoding/decoding * Tue Mar 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-14 - Fix problem with ccache_name logic in previous build * Tue Mar 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-13 - Add pkinit_anchors default value to krb5.conf - Reindent krb5.conf to not be terrible * Tue Mar 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-12 - Log preauth names in trace output - Misc bugfixes from upstream * Mon Mar 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-11 - Add PKINIT KDC support for freshness token * Wed Mar 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-10 - Exit with status 0 from kadmind * Tue Mar 13 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-9 - Fix hex conversion of PKINIT certid strings * Wed Mar 07 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-8 - Fix capaths "." values on client - Resolves: 1551099 * Tue Feb 13 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-7 - Fix flaws in LDAP DN checking - CVE-2018-5729, CVE-2018-5730 * Mon Feb 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-6 - Fix a leak in the previous commit - Restore dist macro that was accidentally removed - Resolves: #1540939 * Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.16-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.16-4 - Switch to %ldconfig_scriptlets * Mon Jan 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-3 - Process included directories in alphabetical order * Tue Dec 12 2017 Robbie Harwood <rharwood@redhat.com> - 1.16-2 - Fix network service dependencies - Resolves: #1525230 * Wed Dec 06 2017 Robbie Harwood <rharwood@redhat.com> - 1.16-1 - New upstream release (1.16) - No changes from beta2 * Mon Nov 27 2017 Robbie Harwood <rharwood@redhat.com> - 1.16-0.beta2.1 - New upstream prerelease (1.16-beta2) * Tue Oct 24 2017 Robbie Harwood <rharwood@redhat.com> - 1.16-0.beta1.4 - Fix CVE-2017-15088 (Buffer overflow in get_matching_data()) * Mon Oct 23 2017 Robbie Harwood <rharwood@redhat.com> - 1.16-0.beta1.3 - Drop dependency on python2-pyrad (dead upstream, broken with new python) * Mon Oct 09 2017 Robbie Harwood <rharwood@redhat.com> - 1.16-0.beta1.2 - Actually bump kdbversion like I was supposed to * Thu Oct 05 2017 Robbie Harwood <rharwood@redhat.com> - 1.16-0.beta1.1 - New upstream prerelease (1.16-beta1) * Thu Sep 28 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.2-2 - Add German translation * Mon Sep 25 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.2-1 - New upstream release - krb5-1.15.2 - Adjust patches as appropriate * Wed Sep 06 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.1-28 - Save other programs from worrying about CVE-2017-11462 - Resolves: #1488873 - Resolves: #1488874 * Tue Sep 05 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.1-27 - Add hostname-based ccselect module - Resolves: #1463665 * Tue Sep 05 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.1-26 - Backport upstream certauth EKU fixes * Fri Aug 25 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.1-25 - Backport certauth eku security fix * Mon Aug 21 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.1-24 - Backport kdc policy plugin, but this time with dependencies * Mon Aug 21 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.1-23 - Backport kdcpolicy interface * Wed Aug 16 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.1-22 * Mon Aug 07 2017 Robbie Harwood <rharwood@redhat.com> - 1.15.1-21 - Display an error message if ocsp pkinit is requested