Sat, 30 Nov 2024 06:22:16 UTC | login

Information for build krb5-1.18-9.fc33

ID152717
Package Namekrb5
Version1.18
Release9.fc33
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/krb5.git#4e7e5fe69b3cad7cf7d4ec4ef1af77dd73fb3f6f
SummaryThe Kerberos network authentication system
DescriptionKerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form.
Built bydavidlt
State complete
Volume DEFAULT
StartedSat, 28 Mar 2020 15:23:31 UTC
CompletedSat, 28 Mar 2020 18:35:23 UTC
Taskbuild (f33, /rpms/krb5.git:4e7e5fe69b3cad7cf7d4ec4ef1af77dd73fb3f6f)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/krb5.git#4e7e5fe69b3cad7cf7d4ec4ef1af77dd73fb3f6f'}}
Tags
f33
RPMs
src
krb5-1.18-9.fc33.src.rpm (info) (download)
riscv64
krb5-devel-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-libs-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-pkinit-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-server-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-server-ldap-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-workstation-1.18-9.fc33.riscv64.rpm (info) (download)
libkadm5-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-debuginfo-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-debugsource-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-libs-debuginfo-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-pkinit-debuginfo-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-server-debuginfo-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-server-ldap-debuginfo-1.18-9.fc33.riscv64.rpm (info) (download)
krb5-workstation-debuginfo-1.18-9.fc33.riscv64.rpm (info) (download)
libkadm5-debuginfo-1.18-9.fc33.riscv64.rpm (info) (download)
Logs
riscv64
build.log
hw_info.log
mock_output.log
root.log
state.log
Changelog * Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-9 - Eliminate redundant PKINIT responder invocation * Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-8 - Add finalization safety check to com_err * Fri Mar 20 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-7 - Add maximum openssl version in preparation for openssl 3 * Tue Mar 17 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-6 - Document client keytab usage * Tue Mar 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-5 - Refresh manually acquired creds from client keytab * Fri Feb 28 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-4 - Allow deletion of require_auth with LDAP KDB * Thu Feb 27 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-3 - Allow certauth modules to set hw-authent flag * Fri Feb 21 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-2 - Fix AS-REQ checking of KDB-modified indicators * Wed Feb 12 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-1 - New upstream version (1.18) * Fri Feb 07 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.3 - Don't assume OpenSSL failures are memory errors * Thu Feb 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.2 - Put KDB authdata first * Fri Jan 31 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta2.1 - New upstream beta release - 1.18-beta2 - Adjust naming convention for downstream patches * Fri Jan 10 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-0.beta1.1 - New upstream beta release - 1.18-beta1 * Wed Jan 08 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-5 - Fix LDAP policy enforcement of pw_expiration - Fix handling of invalid CAMMAC service verifier * Mon Jan 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-4 - Fix xdr_bytes() strict-aliasing violations * Fri Jan 03 2020 Robbie Harwood <rharwood@redhat.com> - 1.17.1-3 - Don't warn in kadmin when no policy is specified - Do not always canonicalize enterprise principals * Fri Dec 13 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-2 - Enable the LMDB backend for the KDB * Thu Dec 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17.1-1 - New upstream version - 1.17.1 - Stop building and packaging PDFs * Fri Dec 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-54 - Qualify short hostnames when not using DNS * Wed Nov 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-53 - Various gssalloc fixes * Thu Nov 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-52 - Turns out openssl has an epoch * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-51 - Fix runtime openssl version to actually propogate * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-50 - Add runtime openssl version requirement too * Wed Nov 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-49 - Fix kadmin addprinc -randkey -kvno * Tue Nov 19 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-48 - Use OpenSSL's backported KDFs - Restore MD4 in FIPS mode (for samba) * Fri Nov 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-47 - Add default_principal_flags to example kdc.conf * Wed Oct 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-46 - Log unknown enctypes as unsupported in KDC * Wed Sep 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-45 - Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) * Thu Sep 12 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-44 - Static analyzer appeasement * Tue Aug 27 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-43 - Simplify krb5_dbe_def_search_enctype() * Thu Aug 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-42 - Update FIPS patches to remove SPAKE * Thu Aug 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-41 - Fix KCM client time offset propagation * Fri Aug 09 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-40 - Initialize life/rlife in kdcpolicy interface * Tue Aug 06 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-39 - Fix memory leaks in soft-pkcs11 code * Tue Jul 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-38 - Add soft-pkcs11 and use it for testing * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-37 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu Jul 18 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-36 - Filter enctypes in gss_set_allowable_enctypes() * Mon Jul 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-35 - Don't error on invalid enctypes in keytab - Resolves: #1724380 * Tue Jul 02 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-34 - Remove now-unused checksum functions * Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-33 - Fix typo in 3des commit * Wed Jun 26 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-32 - Remove PKINIT draft9 support (compat with EOL, pre-2008 Windows) * Mon Jun 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-31 - Remove strerror() calls from k5_get_error() * Fri Jun 07 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-30 - Remove 3des from kdc.conf example * Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-29 - Remove 3DES support * Mon Jun 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-28 - Remove 3des support * Thu May 30 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-27 - Remove krb5int_c_combine_keys() and no-flags SAM-2 preauth * Tue May 28 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-26 - Remove support for single-DES and CRC * Wed May 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-25 - Add missing newlines to deprecation warnings - Switch to upstream's ksu path patch * Tue May 21 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-24 - Update default krb5kdc mkey manual-entry enctype - Also update account lockout patch to upstream version * Mon May 20 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-23 - Test & docs fixes in preparation for DES removal * Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-22 - Drop krb5_realm_compare() etc. NULL check patches * Wed May 15 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-21 - Re-provide krb5-kdb-version in -devel as well (IPA wants it) * Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-20 - (Patch consolidation; hopefully no changes) * Tue May 14 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-19 - Remove checksum type profile variables * Fri May 10 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-18 - Pull in 2019-05-02 static analysis updates * Fri May 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-17 - Move krb5-kdb-version provide into krb5-server for freeipa * Wed May 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-16 - Use secure_getenv() where appropriate * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-15 - Fix us up real nice with rpmlint * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-14 - Add dns_canonicalize_hostname=fallback support * Wed Apr 24 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-13 - Check more errors in OpenSSL crypto backend * Mon Apr 22 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-12 - Fix potential close(-1) in cc_file.c * Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-11 - Remove ovsec_adm_export and confvalidator * Wed Apr 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-10 - Fix config realm change logic in FILE remove_cred * Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-9 - Remove Kerberos v4 support vestiges (including ktany support) * Thu Apr 11 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-8 - Implement krb5_cc_remove_cred for remaining types - Resolves: #1693836 * Mon Apr 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-7 - FIPS-aware SPAKE group negotiation * Mon Feb 25 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-6 - Fix memory leak in 'none' replay cache type - Silence a coverity warning while we're here. * Fri Feb 01 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-5 - Update FIPS blocking for RC4 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jan 17 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-3 - enctype logging and explicit_bzero() * Tue Jan 08 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-2 - New upstream version (1.17) * Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.6 - Use openssl's PRNG in FIPS mode * Fri Jan 04 2019 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.5 - Address some optimized-out memset() calls * Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.4 - Remove incorrect KDC assertion * Thu Dec 20 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.3 - Fix syntax on pkinit_anchors field in default krb5.conf * Mon Dec 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.2 - Restore pdfs source file - Resolves: #1659716 * Thu Dec 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta2.1 - New upstream release (1.17-beta2) - Drop pdfs source file * Thu Nov 29 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.3 - Add tests for KCM ccache type * Mon Nov 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.2 - Gain FIPS awareness * Thu Nov 08 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-1.beta1.1 - Fix spurious errors from kcmio_unix_socket_write - Resolves: #1645912 * Thu Nov 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.17-0.beta1.1 - New upstream beta release * Wed Oct 24 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-25 - Update man pages to reference kerberos(7) - Resolves: #1143767 * Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-24 - Use port-sockets.h macros in cc_kcm, sendto_kdc - Resolves: #1631998 * Wed Oct 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-23 - Correct kpasswd_server description in krb5.conf(5) - Resolves: #1640272 * Mon Oct 15 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-22 - Prefer TCP to UDP for password changes - Resolves: #1637611 * Tue Oct 09 2018 Adam Williamson <awilliam@redhat.com> - 1.16.1-21 - Revert the patch from -20 for now as it seems to make FreeIPA worse * Tue Oct 02 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-20 - Fix bugs with concurrent use of MEMORY ccaches * Wed Aug 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-19 - In FIPS mode, add plaintext fallback for RC4 usages and taint * Thu Jul 26 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-18 - Fix k5test prompts for Python 3 * Thu Jul 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-17 - Remove outdated note in krb5kdc man page * Thu Jul 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-16 - Make krb5kdc -p affect TCP ports * Thu Jul 19 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-15 - Eliminate preprocessor-disabled dead code * Wed Jul 18 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-14 - Fix some broken tests for Python 3 * Mon Jul 16 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-13 - Zap copy of secret in RC4 string-to-key * Thu Jul 12 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-12 - Convert Python tests to Python 3 * Wed Jul 11 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-11 - Add build dependency on gcc * Tue Jul 10 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-10 - Use SHA-256 instead of MD5 for audit ticket IDs * Fri Jul 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-9 - Add BuildRequires on python2 so we can run tests at build-time * Fri Jul 06 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-8 - Explicitly look for python2 in configure.in * Thu Jun 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-7 - Add flag to disable encrypted timestamp on client * Thu Jun 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-6 - Switch to python3-sphinx for docs - Resolves: #1590928 * Thu Jun 14 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-5 - Make docs build python3-compatible - Resolves: #1590928 * Thu Jun 07 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-4 - Update includedir processing to match upstream * Fri Jun 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-3 - Log when non-root ksu authorization fails - Resolves: #1575771 * Fri May 04 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-2 - Remove "-nodes" option from make-certs scripts * Fri May 04 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-1 - New upstream release - 1.16.1 * Thu May 03 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-27 - Fix configuration of default ccache name to match file indentation * Mon Apr 30 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-26 - Set error message on KCM get_princ failure * Mon Apr 30 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-25 - Set error message on KCM get_princ failure * Tue Apr 24 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-24 - Fix KDC null dereference on large TGS replies * Mon Apr 23 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-23 - Explicitly use openssl rather than builtin crypto - Resolves: #1570910 * Tue Apr 17 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-22 - Merge duplicate subsections in profile library * Mon Apr 09 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-21 - Restrict pre-authentication fallback cases * Tue Apr 03 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-20 - Be more careful asking for AS key in SPAKE client * Mon Apr 02 2018 Robbie Harwood <rharwood@redhat.com> - 1.16-19 - Zap data when freeing krb5_spake_factor